Joe Sandbox Cloud Basic Analysis Report

Loading ...

Play interactive tourEdit tour

Analysis Report #RFQ ORDER484475577797.exe

Overview

General Information

Sample Name:#RFQ ORDER484475577797.exe
Analysis ID:431672
MD5:18e38261e8ea6ae0077c5448f809ccb6
SHA1:bbfaf42987014ba9571c75d1982843d7ad7155ac
SHA256:3cb5c285d5e7f163c9764ef3e99467f5460b7f704c996ffa8e5e2982a2a86693
Tags:exeNanoCoreRAT
Infos:

Most interesting Screenshot:

Detection

Nanocore
Score:100
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Detected Nanocore Rat
Found malware configuration
Malicious sample detected (through community Yara rule)
Sigma detected: NanoCore
Snort IDS alert for network traffic (e.g. based on Emerging Threat rules)
Yara detected AntiVM3
Yara detected Nanocore RAT
.NET source code contains potential unpacker
Adds a directory exclusion to Windows Defender
C2 URLs / IPs found in malware configuration
Hides that the sample has been downloaded from the Internet (zone.identifier)
Initial sample is a PE file and has a suspicious name
Injects a PE file into a foreign processes
Queries sensitive video device information (via WMI, Win32_VideoController, often done to detect virtual machines)
Tries to detect sandboxes and other dynamic analysis tools (process name or module or function)
Uses schtasks.exe or at.exe to add and modify task schedules
Antivirus or Machine Learning detection for unpacked file
Contains capabilities to detect virtual machines
Contains long sleeps (>= 3 min)
Creates a process in suspended mode (likely to inject code)
Detected TCP or UDP traffic on non-standard ports
Detected potential crypto function
Drops PE files
Enables debug privileges
Found a high number of Window / User specific system calls (may be a loop to detect user behavior)
Installs a raw input device (often for capturing keystrokes)
Internet Provider seen in connection with other malware
May sleep (evasive loops) to hinder dynamic analysis
Monitors certain registry keys / values for changes (often done to protect autostart functionality)
PE file contains strange resources
Queries the volume information (name, serial number etc) of a device
Sample execution stops while process was sleeping (likely an evasion)
Sample file is different than original file name gathered from version info
Sigma detected: Non Interactive PowerShell
Uses 32bit PE files
Uses code obfuscation techniques (call, push, ret)
Yara signature match

Classification

Process Tree

  • System is w10x64
  • #RFQ ORDER484475577797.exe (PID: 4364 cmdline: 'C:\Users\user\Desktop\#RFQ ORDER484475577797.exe' MD5: 18E38261E8EA6AE0077C5448F809CCB6)
    • powershell.exe (PID: 5616 cmdline: 'C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe' Add-MpPreference -ExclusionPath 'C:\Users\user\Desktop\#RFQ ORDER484475577797.exe' MD5: DBA3E6449E97D4E3DF64527EF7012A10)
      • conhost.exe (PID: 4884 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)
    • powershell.exe (PID: 6052 cmdline: 'C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe' Add-MpPreference -ExclusionPath 'C:\Users\user\AppData\Roaming\LNSXWuepjsOA.exe' MD5: DBA3E6449E97D4E3DF64527EF7012A10)
      • conhost.exe (PID: 5460 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)
    • schtasks.exe (PID: 5728 cmdline: 'C:\Windows\System32\schtasks.exe' /Create /TN 'Updates\LNSXWuepjsOA' /XML 'C:\Users\user\AppData\Local\Temp\tmp5439.tmp' MD5: 15FF7D8324231381BAD48A052F85DF04)
      • conhost.exe (PID: 5916 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)
    • powershell.exe (PID: 3292 cmdline: 'C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe' Add-MpPreference -ExclusionPath 'C:\Users\user\AppData\Roaming\LNSXWuepjsOA.exe' MD5: DBA3E6449E97D4E3DF64527EF7012A10)
      • conhost.exe (PID: 1968 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)
    • #RFQ ORDER484475577797.exe (PID: 1048 cmdline: C:\Users\user\Desktop\#RFQ ORDER484475577797.exe MD5: 18E38261E8EA6AE0077C5448F809CCB6)
  • cleanup

Malware Configuration

Threatname: NanoCore

{"Version": "1.2.2.0", "Mutex": "44a4f7d4-4e07-4399-aab5-6ba6b60e", "Group": "bb", "Domain1": "194.5.98.120", "Domain2": "joseedward5001.ddns.net", "Port": 1604, "KeyboardLogging": "Enable", "RunOnStartup": "Disable", "RequestElevation": "Disable", "BypassUAC": "Disable", "ClearZoneIdentifier": "Enable", "ClearAccessControl": "Disable", "SetCriticalProcess": "Disable", "PreventSystemSleep": "Enable", "ActivateAwayMode": "Disable", "EnableDebugMode": "Disable", "RunDelay": 0, "ConnectDelay": 4000, "RestartDelay": 5000, "TimeoutInterval": 5000, "KeepAliveTimeout": 30000, "MutexTimeout": 5000, "LanTimeout": 2500, "WanTimeout": 8000, "BufferSize": "ffff0000", "MaxPacketSize": "0000a000", "GCThreshold": "0000a000", "UseCustomDNS": "Enable", "PrimaryDNSServer": "8.8.8.8", "BackupDNSServer": "8.8.4.4"}

Yara Overview

Memory Dumps

SourceRuleDescriptionAuthorStrings
0000000A.00000002.494989235.0000000006530000.00000004.00000001.sdmpNanocore_RAT_Gen_2Detetcs the Nanocore RATFlorian Roth
  • 0x8ba5:$x1: NanoCore.ClientPluginHost
  • 0x8bd2:$x2: IClientNetworkHost
0000000A.00000002.494989235.0000000006530000.00000004.00000001.sdmpNanocore_RAT_Feb18_1Detects Nanocore RATFlorian Roth
  • 0x8ba5:$x2: NanoCore.ClientPluginHost
  • 0x9b74:$s2: FileCommand
  • 0xe576:$s4: PipeCreated
  • 0x8bbf:$s5: IClientLoggingHost
00000000.00000002.234685013.0000000002611000.00000004.00000001.sdmpJoeSecurity_AntiVM_3Yara detected AntiVM_3Joe Security
    0000000A.00000002.491944391.0000000004483000.00000004.00000001.sdmpNanoCoreunknown Kevin Breen <kevin@techanarchy.net>
    • 0x55dd7:$a: NanoCore
    • 0x55ec1:$a: NanoCore
    • 0x56d38:$a: NanoCore
    • 0x5fee2:$a: NanoCore
    • 0x5ff43:$a: NanoCore
    • 0x5ff86:$a: NanoCore
    • 0x5ffc6:$a: NanoCore
    • 0x60202:$a: NanoCore
    • 0x602a2:$a: NanoCore
    • 0x60a7a:$a: NanoCore
    • 0x6106d:$a: NanoCore
    • 0x611be:$a: NanoCore
    • 0x62018:$a: NanoCore
    • 0x6227f:$a: NanoCore
    • 0x62294:$a: NanoCore
    • 0x622b3:$a: NanoCore
    • 0x6b1b6:$a: NanoCore
    • 0x6b1df:$a: NanoCore
    • 0x76f58:$a: NanoCore
    • 0x76f81:$a: NanoCore
    • 0x9be44:$a: NanoCore
    0000000A.00000002.484331798.0000000002C1C000.00000004.00000001.sdmpNanoCoreunknown Kevin Breen <kevin@techanarchy.net>
    • 0x7aa6a:$a: NanoCore
    • 0x7aa8f:$a: NanoCore
    • 0x7aae8:$a: NanoCore
    • 0x8accf:$a: NanoCore
    • 0x8acf5:$a: NanoCore
    • 0x8ad51:$a: NanoCore
    • 0x97beb:$a: NanoCore
    • 0x97c44:$a: NanoCore
    • 0x97c77:$a: NanoCore
    • 0x97ea3:$a: NanoCore
    • 0x97f1f:$a: NanoCore
    • 0x98538:$a: NanoCore
    • 0x98681:$a: NanoCore
    • 0x98b55:$a: NanoCore
    • 0x98e3c:$a: NanoCore
    • 0x98e53:$a: NanoCore
    • 0xa1d37:$a: NanoCore
    • 0xa1db3:$a: NanoCore
    • 0xa4696:$a: NanoCore
    • 0xa9ca1:$a: NanoCore
    • 0xa9d1b:$a: NanoCore
    Click to see the 51 entries

    Unpacked PEs

    SourceRuleDescriptionAuthorStrings
    10.2.#RFQ ORDER484475577797.exe.2c91ed4.5.unpackNanocore_RAT_Gen_2Detetcs the Nanocore RATFlorian Roth
    • 0x2dbb:$x1: NanoCore.ClientPluginHost
    • 0x2de5:$x2: IClientNetworkHost
    10.2.#RFQ ORDER484475577797.exe.2c91ed4.5.unpackNanocore_RAT_Feb18_1Detects Nanocore RATFlorian Roth
    • 0x2dbb:$x2: NanoCore.ClientPluginHost
    • 0x4c6b:$s4: PipeCreated
    10.2.#RFQ ORDER484475577797.exe.6560000.32.raw.unpackNanocore_RAT_Gen_2Detetcs the Nanocore RATFlorian Roth
    • 0x16e3:$x1: NanoCore.ClientPluginHost
    • 0x171c:$x2: IClientNetworkHost
    10.2.#RFQ ORDER484475577797.exe.6560000.32.raw.unpackNanocore_RAT_Feb18_1Detects Nanocore RATFlorian Roth
    • 0x16e3:$x2: NanoCore.ClientPluginHost
    • 0x1800:$s4: PipeCreated
    • 0x16fd:$s5: IClientLoggingHost
    10.2.#RFQ ORDER484475577797.exe.5e14629.29.raw.unpackNanocore_RAT_Gen_2Detetcs the Nanocore RATFlorian Roth
    • 0xb184:$x1: NanoCore.ClientPluginHost
    • 0xb1b1:$x2: IClientNetworkHost
    Click to see the 159 entries

    Sigma Overview

    AV Detection:

    barindex
    Sigma detected: NanoCoreShow sources
    Source: File createdAuthor: Joe Security: Data: EventID: 11, Image: C:\Users\user\Desktop\#RFQ ORDER484475577797.exe, ProcessId: 1048, TargetFilename: C:\Users\user\AppData\Roaming\D06ED635-68F6-4E9A-955C-4899F5F57B9A\run.dat

    E-Banking Fraud:

    barindex
    Sigma detected: NanoCoreShow sources
    Source: File createdAuthor: Joe Security: Data: EventID: 11, Image: C:\Users\user\Desktop\#RFQ ORDER484475577797.exe, ProcessId: 1048, TargetFilename: C:\Users\user\AppData\Roaming\D06ED635-68F6-4E9A-955C-4899F5F57B9A\run.dat

    System Summary:

    barindex
    Sigma detected: Non Interactive PowerShellShow sources
    Source: Process startedAuthor: Roberto Rodriguez @Cyb3rWard0g (rule), oscd.community (improvements): Data: Command: 'C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe' Add-MpPreference -ExclusionPath 'C:\Users\user\Desktop\#RFQ ORDER484475577797.exe', CommandLine: 'C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe' Add-MpPreference -ExclusionPath 'C:\Users\user\Desktop\#RFQ ORDER484475577797.exe', CommandLine|base64offset|contains: ~2yzw, Image: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe, NewProcessName: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe, OriginalFileName: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe, ParentCommandLine: 'C:\Users\user\Desktop\#RFQ ORDER484475577797.exe' , ParentImage: C:\Users\user\Desktop\#RFQ ORDER484475577797.exe, ParentProcessId: 4364, ProcessCommandLine: 'C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe' Add-MpPreference -ExclusionPath 'C:\Users\user\Desktop\#RFQ ORDER484475577797.exe', ProcessId: 5616

    Stealing of Sensitive Information:

    barindex
    Sigma detected: NanoCoreShow sources
    Source: File createdAuthor: Joe Security: Data: EventID: 11, Image: C:\Users\user\Desktop\#RFQ ORDER484475577797.exe, ProcessId: 1048, TargetFilename: C:\Users\user\AppData\Roaming\D06ED635-68F6-4E9A-955C-4899F5F57B9A\run.dat

    Remote Access Functionality:

    barindex
    Sigma detected: NanoCoreShow sources
    Source: File createdAuthor: Joe Security: Data: EventID: 11, Image: C:\Users\user\Desktop\#RFQ ORDER484475577797.exe, ProcessId: 1048, TargetFilename: C:\Users\user\AppData\Roaming\D06ED635-68F6-4E9A-955C-4899F5F57B9A\run.dat

    Signature Overview

    Click to jump to signature section

    Show All Signature Results

    AV Detection:

    barindex
    Found malware configurationShow sources
    Source: 0000000A.00000002.489457795.0000000003BF9000.00000004.00000001.sdmpMalware Configuration Extractor: NanoCore {"Version": "1.2.2.0", "Mutex": "44a4f7d4-4e07-4399-aab5-6ba6b60e", "Group": "bb", "Domain1": "194.5.98.120", "Domain2": "joseedward5001.ddns.net", "Port": 1604, "KeyboardLogging": "Enable", "RunOnStartup": "Disable", "RequestElevation": "Disable", "BypassUAC": "Disable", "ClearZoneIdentifier": "Enable", "ClearAccessControl": "Disable", "SetCriticalProcess": "Disable", "PreventSystemSleep": "Enable", "ActivateAwayMode": "Disable", "EnableDebugMode": "Disable", "RunDelay": 0, "ConnectDelay": 4000, "RestartDelay": 5000, "TimeoutInterval": 5000, "KeepAliveTimeout": 30000, "MutexTimeout": 5000, "LanTimeout": 2500, "WanTimeout": 8000, "BufferSize": "ffff0000", "MaxPacketSize": "0000a000", "GCThreshold": "0000a000", "UseCustomDNS": "Enable", "PrimaryDNSServer": "8.8.8.8", "BackupDNSServer": "8.8.4.4"}
    Yara detected Nanocore RATShow sources
    Source: Yara matchFile source: 0000000A.00000000.222827759.0000000000402000.00000040.00000001.sdmp, type: MEMORY
    Source: Yara matchFile source: 0000000A.00000002.483639790.0000000002BB1000.00000004.00000001.sdmp, type: MEMORY
    Source: Yara matchFile source: 0000000A.00000000.223631637.0000000000402000.00000040.00000001.sdmp, type: MEMORY
    Source: Yara matchFile source: 00000000.00000002.237223638.0000000003611000.00000004.00000001.sdmp, type: MEMORY
    Source: Yara matchFile source: 0000000A.00000002.489457795.0000000003BF9000.00000004.00000001.sdmp, type: MEMORY
    Source: Yara matchFile source: 0000000A.00000002.467232540.0000000000402000.00000040.00000001.sdmp, type: MEMORY
    Source: Yara matchFile source: 0000000A.00000002.494542186.0000000005E10000.00000004.00000001.sdmp, type: MEMORY
    Source: Yara matchFile source: 0000000A.00000002.491386366.0000000004223000.00000004.00000001.sdmp, type: MEMORY
    Source: Yara matchFile source: 0000000A.00000002.491745715.00000000043D6000.00000004.00000001.sdmp, type: MEMORY
    Source: Yara matchFile source: 0000000A.00000002.492065013.000000000456E000.00000004.00000001.sdmp, type: MEMORY
    Source: Yara matchFile source: Process Memory Space: #RFQ ORDER484475577797.exe PID: 1048, type: MEMORY
    Source: Yara matchFile source: 10.2.#RFQ ORDER484475577797.exe.5e14629.29.raw.unpack, type: UNPACKEDPE
    Source: Yara matchFile source: 10.2.#RFQ ORDER484475577797.exe.400000.0.unpack, type: UNPACKEDPE
    Source: Yara matchFile source: 10.2.#RFQ ORDER484475577797.exe.5e10000.30.unpack, type: UNPACKEDPE
    Source: Yara matchFile source: 10.2.#RFQ ORDER484475577797.exe.43db548.16.unpack, type: UNPACKEDPE
    Source: Yara matchFile source: 10.0.#RFQ ORDER484475577797.exe.400000.3.unpack, type: UNPACKEDPE
    Source: Yara matchFile source: 0.2.#RFQ ORDER484475577797.exe.3742670.1.unpack, type: UNPACKEDPE
    Source: Yara matchFile source: 10.2.#RFQ ORDER484475577797.exe.3bfe7b8.10.unpack, type: UNPACKEDPE
    Source: Yara matchFile source: 10.2.#RFQ ORDER484475577797.exe.43db548.16.raw.unpack, type: UNPACKEDPE
    Source: Yara matchFile source: 0.2.#RFQ ORDER484475577797.exe.3742670.1.raw.unpack, type: UNPACKEDPE
    Source: Yara matchFile source: 10.2.#RFQ ORDER484475577797.exe.4573940.24.unpack, type: UNPACKEDPE
    Source: Yara matchFile source: 10.2.#RFQ ORDER484475577797.exe.5e10000.30.raw.unpack, type: UNPACKEDPE
    Source: Yara matchFile source: 10.2.#RFQ ORDER484475577797.exe.3bf9982.11.raw.unpack, type: UNPACKEDPE
    Source: Yara matchFile source: 10.2.#RFQ ORDER484475577797.exe.42de63d.15.raw.unpack, type: UNPACKEDPE
    Source: Yara matchFile source: 10.2.#RFQ ORDER484475577797.exe.3bfe7b8.10.raw.unpack, type: UNPACKEDPE
    Source: Yara matchFile source: 10.0.#RFQ ORDER484475577797.exe.400000.1.unpack, type: UNPACKEDPE
    Source: Yara matchFile source: 10.2.#RFQ ORDER484475577797.exe.3c02de1.12.raw.unpack, type: UNPACKEDPE
    Source: Yara matchFile source: 10.2.#RFQ ORDER484475577797.exe.43d6712.18.raw.unpack, type: UNPACKEDPE
    Source: Yara matchFile source: 10.2.#RFQ ORDER484475577797.exe.4577f69.22.raw.unpack, type: UNPACKEDPE
    Source: Yara matchFile source: 10.2.#RFQ ORDER484475577797.exe.42d2409.13.raw.unpack, type: UNPACKEDPE
    Source: Yara matchFile source: 10.2.#RFQ ORDER484475577797.exe.4573940.24.raw.unpack, type: UNPACKEDPE
    Source: Yara matchFile source: 10.2.#RFQ ORDER484475577797.exe.42f2c6a.14.raw.unpack, type: UNPACKEDPE
    Source: Yara matchFile source: 10.2.#RFQ ORDER484475577797.exe.43dfb71.17.raw.unpack, type: UNPACKEDPE
    Source: Yara matchFile source: 10.2.#RFQ ORDER484475577797.exe.456eb0a.23.raw.unpack, type: UNPACKEDPE
    Source: 10.2.#RFQ ORDER484475577797.exe.400000.0.unpackAvira: Label: TR/Dropper.MSIL.Gen7
    Source: 10.0.#RFQ ORDER484475577797.exe.400000.3.unpackAvira: Label: TR/Dropper.MSIL.Gen7
    Source: 10.2.#RFQ ORDER484475577797.exe.5e10000.30.unpackAvira: Label: TR/NanoCore.fadte
    Source: 10.0.#RFQ ORDER484475577797.exe.400000.1.unpackAvira: Label: TR/Dropper.MSIL.Gen7
    Source: #RFQ ORDER484475577797.exeStatic PE information: 32BIT_MACHINE, EXECUTABLE_IMAGE
    Source: #RFQ ORDER484475577797.exeStatic PE information: NO_SEH, TERMINAL_SERVER_AWARE, DYNAMIC_BASE, NX_COMPAT
    Source: Binary string: mscorlib.pdbC source: #RFQ ORDER484475577797.exe, 0000000A.00000003.375988604.000000000103C000.00000004.00000001.sdmp
    Source: Binary string: \??\C:\Windows\symbols\dll\System.pdb*??>' source: #RFQ ORDER484475577797.exe, 0000000A.00000003.375937251.000000000102F000.00000004.00000001.sdmp
    Source: Binary string: mscorlib.pdb source: #RFQ ORDER484475577797.exe, 0000000A.00000002.480095177.000000000105C000.00000004.00000001.sdmp
    Source: Binary string: \??\C:\Windows\symbols\dll\mscorlib.pdb source: #RFQ ORDER484475577797.exe, 0000000A.00000003.375937251.000000000102F000.00000004.00000001.sdmp
    Source: Binary string: C:\Users\Liam\Documents\Visual Studio 2013\Projects\MyNanoCore RemoteScripting\MyClientPlugin\obj\Debug\MyClientPluginNew.pdb source: #RFQ ORDER484475577797.exe, 0000000A.00000002.484331798.0000000002C1C000.00000004.00000001.sdmp
    Source: Binary string: \??\C:\Windows\mscorlib.pdb source: #RFQ ORDER484475577797.exe, 0000000A.00000002.479561466.0000000000FC3000.00000004.00000020.sdmp
    Source: Binary string: C:\Users\Administrator\Desktop\Client\Temp\zUFaivyCht\src\obj\x86\Debug\GuidStyles.pdb source: #RFQ ORDER484475577797.exe
    Source: Binary string: System.pdbd6R source: #RFQ ORDER484475577797.exe, 0000000A.00000003.292891816.0000000001054000.00000004.00000001.sdmp
    Source: Binary string: C:\Users\Liam\Documents\Visual Studio 2013\Projects\NanoCoreStressTester\NanoCoreStressTester\obj\Debug\NanoCoreStressTester.pdb source: #RFQ ORDER484475577797.exe, 0000000A.00000002.491944391.0000000004483000.00000004.00000001.sdmp
    Source: Binary string: C:\Users\Liam\Downloads\NanoCoreSwiss\MyClientPlugin\obj\Debug\MyClientPlugin.pdb source: #RFQ ORDER484475577797.exe, 0000000A.00000002.484331798.0000000002C1C000.00000004.00000001.sdmp
    Source: Binary string: C:\Windows\Microsoft.Net\assembly\GAC_32\mscorlib\v4.0_4.0.0.0__b77a5c561934e089\mscorlib.pdb source: #RFQ ORDER484475577797.exe, 0000000A.00000002.479922631.000000000103C000.00000004.00000001.sdmp
    Source: Binary string: G:\Users\Andy\Documents\Visual Studio 2013\Projects\NanocoreBasicPlugin\NanoCoreBase\obj\Debug\NanoCoreBase.pdb source: #RFQ ORDER484475577797.exe, 0000000A.00000002.484331798.0000000002C1C000.00000004.00000001.sdmp
    Source: Binary string: P:\Visual Studio Projects\Projects 15\NanoNana\MyClientPlugin\obj\Debug\MyClientPlugin.pdb source: #RFQ ORDER484475577797.exe, 0000000A.00000002.491944391.0000000004483000.00000004.00000001.sdmp
    Source: Binary string: C:\Users\Cole\Documents\Visual Studio 2013\Projects\FileBrowserPlugin\FileBrowserClient\obj\Debug\FileBrowserClient.pdb source: #RFQ ORDER484475577797.exe, 0000000A.00000002.484331798.0000000002C1C000.00000004.00000001.sdmp
    Source: Binary string: \??\C:\Windows\System.pdbF` source: #RFQ ORDER484475577797.exe, 0000000A.00000002.479561466.0000000000FC3000.00000004.00000020.sdmp

    Networking:

    barindex
    Snort IDS alert for network traffic (e.g. based on Emerging Threat rules)Show sources
    Source: TrafficSnort IDS: 2025019 ET TROJAN Possible NanoCore C2 60B 192.168.2.3:49724 -> 194.5.98.120:1604
    Source: TrafficSnort IDS: 2025019 ET TROJAN Possible NanoCore C2 60B 192.168.2.3:49725 -> 194.5.98.120:1604
    Source: TrafficSnort IDS: 2025019 ET TROJAN Possible NanoCore C2 60B 192.168.2.3:49732 -> 194.5.98.120:1604
    Source: TrafficSnort IDS: 2025019 ET TROJAN Possible NanoCore C2 60B 192.168.2.3:49733 -> 194.5.98.120:1604
    Source: TrafficSnort IDS: 2025019 ET TROJAN Possible NanoCore C2 60B 192.168.2.3:49734 -> 194.5.98.120:1604
    Source: TrafficSnort IDS: 2025019 ET TROJAN Possible NanoCore C2 60B 192.168.2.3:49736 -> 194.5.98.120:1604
    Source: TrafficSnort IDS: 2025019 ET TROJAN Possible NanoCore C2 60B 192.168.2.3:49737 -> 194.5.98.120:1604
    Source: TrafficSnort IDS: 2025019 ET TROJAN Possible NanoCore C2 60B 192.168.2.3:49739 -> 194.5.98.120:1604
    Source: TrafficSnort IDS: 2025019 ET TROJAN Possible NanoCore C2 60B 192.168.2.3:49740 -> 194.5.98.120:1604
    Source: TrafficSnort IDS: 2025019 ET TROJAN Possible NanoCore C2 60B 192.168.2.3:49746 -> 194.5.98.120:1604
    Source: TrafficSnort IDS: 2025019 ET TROJAN Possible NanoCore C2 60B 192.168.2.3:49747 -> 194.5.98.120:1604
    Source: TrafficSnort IDS: 2025019 ET TROJAN Possible NanoCore C2 60B 192.168.2.3:49748 -> 194.5.98.120:1604
    Source: TrafficSnort IDS: 2025019 ET TROJAN Possible NanoCore C2 60B 192.168.2.3:49749 -> 194.5.98.120:1604
    Source: TrafficSnort IDS: 2025019 ET TROJAN Possible NanoCore C2 60B 192.168.2.3:49752 -> 194.5.98.120:1604
    Source: TrafficSnort IDS: 2025019 ET TROJAN Possible NanoCore C2 60B 192.168.2.3:49753 -> 194.5.98.120:1604
    Source: TrafficSnort IDS: 2025019 ET TROJAN Possible NanoCore C2 60B 192.168.2.3:49754 -> 194.5.98.120:1604
    Source: TrafficSnort IDS: 2025019 ET TROJAN Possible NanoCore C2 60B 192.168.2.3:49755 -> 194.5.98.120:1604
    C2 URLs / IPs found in malware configurationShow sources
    Source: Malware configuration extractorURLs: 194.5.98.120
    Source: Malware configuration extractorURLs: joseedward5001.ddns.net
    Source: global trafficTCP traffic: 192.168.2.3:49724 -> 194.5.98.120:1604
    Source: Joe Sandbox ViewASN Name: DANILENKODE DANILENKODE
    Source: unknownTCP traffic detected without corresponding DNS query: 194.5.98.120
    Source: unknownTCP traffic detected without corresponding DNS query: 194.5.98.120
    Source: unknownTCP traffic detected without corresponding DNS query: 194.5.98.120
    Source: unknownTCP traffic detected without corresponding DNS query: 194.5.98.120
    Source: unknownTCP traffic detected without corresponding DNS query: 194.5.98.120
    Source: unknownTCP traffic detected without corresponding DNS query: 194.5.98.120
    Source: unknownTCP traffic detected without corresponding DNS query: 194.5.98.120
    Source: unknownTCP traffic detected without corresponding DNS query: 194.5.98.120
    Source: unknownTCP traffic detected without corresponding DNS query: 194.5.98.120
    Source: unknownTCP traffic detected without corresponding DNS query: 194.5.98.120
    Source: unknownTCP traffic detected without corresponding DNS query: 194.5.98.120
    Source: unknownTCP traffic detected without corresponding DNS query: 194.5.98.120
    Source: unknownTCP traffic detected without corresponding DNS query: 194.5.98.120
    Source: unknownTCP traffic detected without corresponding DNS query: 194.5.98.120
    Source: unknownTCP traffic detected without corresponding DNS query: 194.5.98.120
    Source: unknownTCP traffic detected without corresponding DNS query: 194.5.98.120
    Source: unknownTCP traffic detected without corresponding DNS query: 194.5.98.120
    Source: unknownTCP traffic detected without corresponding DNS query: 194.5.98.120
    Source: unknownTCP traffic detected without corresponding DNS query: 194.5.98.120
    Source: unknownTCP traffic detected without corresponding DNS query: 194.5.98.120
    Source: unknownTCP traffic detected without corresponding DNS query: 194.5.98.120
    Source: unknownTCP traffic detected without corresponding DNS query: 194.5.98.120
    Source: unknownTCP traffic detected without corresponding DNS query: 194.5.98.120
    Source: unknownTCP traffic detected without corresponding DNS query: 194.5.98.120
    Source: unknownTCP traffic detected without corresponding DNS query: 194.5.98.120
    Source: unknownTCP traffic detected without corresponding DNS query: 194.5.98.120
    Source: unknownTCP traffic detected without corresponding DNS query: 194.5.98.120
    Source: unknownTCP traffic detected without corresponding DNS query: 194.5.98.120
    Source: unknownTCP traffic detected without corresponding DNS query: 194.5.98.120
    Source: unknownTCP traffic detected without corresponding DNS query: 194.5.98.120
    Source: unknownTCP traffic detected without corresponding DNS query: 194.5.98.120
    Source: unknownTCP traffic detected without corresponding DNS query: 194.5.98.120
    Source: unknownTCP traffic detected without corresponding DNS query: 194.5.98.120
    Source: unknownTCP traffic detected without corresponding DNS query: 194.5.98.120
    Source: unknownTCP traffic detected without corresponding DNS query: 194.5.98.120
    Source: unknownTCP traffic detected without corresponding DNS query: 194.5.98.120
    Source: unknownTCP traffic detected without corresponding DNS query: 194.5.98.120
    Source: unknownTCP traffic detected without corresponding DNS query: 194.5.98.120
    Source: unknownTCP traffic detected without corresponding DNS query: 194.5.98.120
    Source: unknownTCP traffic detected without corresponding DNS query: 194.5.98.120
    Source: unknownTCP traffic detected without corresponding DNS query: 194.5.98.120
    Source: unknownTCP traffic detected without corresponding DNS query: 194.5.98.120
    Source: unknownTCP traffic detected without corresponding DNS query: 194.5.98.120
    Source: unknownTCP traffic detected without corresponding DNS query: 194.5.98.120
    Source: unknownTCP traffic detected without corresponding DNS query: 194.5.98.120
    Source: unknownTCP traffic detected without corresponding DNS query: 194.5.98.120
    Source: unknownTCP traffic detected without corresponding DNS query: 194.5.98.120
    Source: unknownTCP traffic detected without corresponding DNS query: 194.5.98.120
    Source: unknownTCP traffic detected without corresponding DNS query: 194.5.98.120
    Source: unknownTCP traffic detected without corresponding DNS query: 194.5.98.120
    Source: powershell.exe, 00000002.00000002.376360020.0000000000E98000.00000004.00000001.sdmp, powershell.exe, 00000008.00000003.257872584.0000000000F23000.00000004.00000001.sdmpString found in binary or memory: http://crl.globalsign.net/root-r2.crl0
    Source: #RFQ ORDER484475577797.exe, 00000000.00000002.249815358.00000000067F2000.00000004.00000001.sdmpString found in binary or memory: http://fontfabrik.com
    Source: #RFQ ORDER484475577797.exe, 0000000A.00000002.491944391.0000000004483000.00000004.00000001.sdmpString found in binary or memory: http://google.com
    Source: powershell.exe, 00000002.00000003.333673161.0000000007B8F000.00000004.00000001.sdmp, powershell.exe, 00000008.00000003.351711715.0000000007AA7000.00000004.00000001.sdmpString found in binary or memory: http://pesterbdd.com/images/Pester.png
    Source: #RFQ ORDER484475577797.exe, 00000000.00000002.234685013.0000000002611000.00000004.00000001.sdmp, powershell.exe, 00000002.00000002.381527007.0000000004981000.00000004.00000001.sdmpString found in binary or memory: http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
    Source: #RFQ ORDER484475577797.exe, 00000000.00000002.249815358.00000000067F2000.00000004.00000001.sdmpString found in binary or memory: http://www.apache.org/licenses/LICENSE-2.0
    Source: powershell.exe, 00000002.00000003.333673161.0000000007B8F000.00000004.00000001.sdmp, powershell.exe, 00000008.00000003.396636071.0000000007A98000.00000004.00000001.sdmpString found in binary or memory: http://www.apache.org/licenses/LICENSE-2.0.html
    Source: #RFQ ORDER484475577797.exe, 00000000.00000002.249815358.00000000067F2000.00000004.00000001.sdmpString found in binary or memory: http://www.carterandcone.coml
    Source: #RFQ ORDER484475577797.exe, 00000000.00000002.249815358.00000000067F2000.00000004.00000001.sdmpString found in binary or memory: http://www.fontbureau.com
    Source: #RFQ ORDER484475577797.exe, 00000000.00000002.249815358.00000000067F2000.00000004.00000001.sdmpString found in binary or memory: http://www.fontbureau.com/designers
    Source: #RFQ ORDER484475577797.exe, 00000000.00000002.249815358.00000000067F2000.00000004.00000001.sdmpString found in binary or memory: http://www.fontbureau.com/designers/?
    Source: #RFQ ORDER484475577797.exe, 00000000.00000002.249815358.00000000067F2000.00000004.00000001.sdmpString found in binary or memory: http://www.fontbureau.com/designers/cabarga.htmlN
    Source: #RFQ ORDER484475577797.exe, 00000000.00000003.205031179.000000000561E000.00000004.00000001.sdmpString found in binary or memory: http://www.fontbureau.com/designers/ce
    Source: #RFQ ORDER484475577797.exe, 00000000.00000003.205395467.00000000055F9000.00000004.00000001.sdmp, #RFQ ORDER484475577797.exe, 00000000.00000002.249815358.00000000067F2000.00000004.00000001.sdmpString found in binary or memory: http://www.fontbureau.com/designers/frere-jones.html
    Source: #RFQ ORDER484475577797.exe, 00000000.00000002.249815358.00000000067F2000.00000004.00000001.sdmpString found in binary or memory: http://www.fontbureau.com/designers8
    Source: #RFQ ORDER484475577797.exe, 00000000.00000002.249815358.00000000067F2000.00000004.00000001.sdmpString found in binary or memory: http://www.fontbureau.com/designers?
    Source: #RFQ ORDER484475577797.exe, 00000000.00000002.249815358.00000000067F2000.00000004.00000001.sdmpString found in binary or memory: http://www.fontbureau.com/designersG
    Source: #RFQ ORDER484475577797.exe, 00000000.00000003.205873226.00000000055E5000.00000004.00000001.sdmpString found in binary or memory: http://www.fontbureau.com4
    Source: #RFQ ORDER484475577797.exe, 00000000.00000003.224915984.00000000055E0000.00000004.00000001.sdmpString found in binary or memory: http://www.fontbureau.com;
    Source: #RFQ ORDER484475577797.exe, 00000000.00000003.224915984.00000000055E0000.00000004.00000001.sdmpString found in binary or memory: http://www.fontbureau.comF
    Source: #RFQ ORDER484475577797.exe, 00000000.00000003.205873226.00000000055E5000.00000004.00000001.sdmpString found in binary or memory: http://www.fontbureau.comI.TTFu
    Source: #RFQ ORDER484475577797.exe, 00000000.00000003.205873226.00000000055E5000.00000004.00000001.sdmpString found in binary or memory: http://www.fontbureau.comals
    Source: #RFQ ORDER484475577797.exe, 00000000.00000003.224915984.00000000055E0000.00000004.00000001.sdmpString found in binary or memory: http://www.fontbureau.comasv
    Source: #RFQ ORDER484475577797.exe, 00000000.00000003.205873226.00000000055E5000.00000004.00000001.sdmpString found in binary or memory: http://www.fontbureau.comd
    Source: #RFQ ORDER484475577797.exe, 00000000.00000003.224915984.00000000055E0000.00000004.00000001.sdmpString found in binary or memory: http://www.fontbureau.comica
    Source: #RFQ ORDER484475577797.exe, 00000000.00000003.205873226.00000000055E5000.00000004.00000001.sdmpString found in binary or memory: http://www.fontbureau.comitud
    Source: #RFQ ORDER484475577797.exe, 00000000.00000003.205873226.00000000055E5000.00000004.00000001.sdmpString found in binary or memory: http://www.fontbureau.comsief
    Source: #RFQ ORDER484475577797.exe, 00000000.00000002.249815358.00000000067F2000.00000004.00000001.sdmpString found in binary or memory: http://www.fonts.com
    Source: #RFQ ORDER484475577797.exe, 00000000.00000003.200581068.00000000055FB000.00000004.00000001.sdmpString found in binary or memory: http://www.fonts.comic)
    Source: #RFQ ORDER484475577797.exe, 00000000.00000003.202378192.00000000055E7000.00000004.00000001.sdmp, #RFQ ORDER484475577797.exe, 00000000.00000003.202695742.00000000055E6000.00000004.00000001.sdmpString found in binary or memory: http://www.founder.com.cn/cn
    Source: #RFQ ORDER484475577797.exe, 00000000.00000003.202513228.00000000055E8000.00000004.00000001.sdmpString found in binary or memory: http://www.founder.com.cn/cn/
    Source: #RFQ ORDER484475577797.exe, 00000000.00000002.249815358.00000000067F2000.00000004.00000001.sdmpString found in binary or memory: http://www.founder.com.cn/cn/bThe
    Source: #RFQ ORDER484475577797.exe, 00000000.00000002.249815358.00000000067F2000.00000004.00000001.sdmpString found in binary or memory: http://www.founder.com.cn/cn/cThe
    Source: #RFQ ORDER484475577797.exe, 00000000.00000003.202378192.00000000055E7000.00000004.00000001.sdmpString found in binary or memory: http://www.founder.com.cn/cn3
    Source: #RFQ ORDER484475577797.exe, 00000000.00000003.202513228.00000000055E8000.00000004.00000001.sdmpString found in binary or memory: http://www.founder.com.cn/cn4
    Source: #RFQ ORDER484475577797.exe, 00000000.00000003.202192893.00000000055ED000.00000004.00000001.sdmpString found in binary or memory: http://www.founder.com.cn/cnht
    Source: #RFQ ORDER484475577797.exe, 00000000.00000003.206661212.00000000055F3000.00000004.00000001.sdmpString found in binary or memory: http://www.galapagosdesign.com/
    Source: #RFQ ORDER484475577797.exe, 00000000.00000002.249815358.00000000067F2000.00000004.00000001.sdmpString found in binary or memory: http://www.galapagosdesign.com/DPlease
    Source: #RFQ ORDER484475577797.exe, 00000000.00000002.249815358.00000000067F2000.00000004.00000001.sdmpString found in binary or memory: http://www.galapagosdesign.com/staff/dennis.htm
    Source: #RFQ ORDER484475577797.exe, 00000000.00000003.206661212.00000000055F3000.00000004.00000001.sdmpString found in binary or memory: http://www.galapagosdesign.com/staff/dennis.htmJ
    Source: #RFQ ORDER484475577797.exe, 00000000.00000002.249815358.00000000067F2000.00000004.00000001.sdmpString found in binary or memory: http://www.goodfont.co.kr
    Source: #RFQ ORDER484475577797.exe, 00000000.00000003.203771830.00000000055E5000.00000004.00000001.sdmpString found in binary or memory: http://www.jiyu-kobo.co.jp/
    Source: #RFQ ORDER484475577797.exe, 00000000.00000003.204321884.00000000055E5000.00000004.00000001.sdmpString found in binary or memory: http://www.jiyu-kobo.co.jp/)
    Source: #RFQ ORDER484475577797.exe, 00000000.00000003.203771830.00000000055E5000.00000004.00000001.sdmpString found in binary or memory: http://www.jiyu-kobo.co.jp/4
    Source: #RFQ ORDER484475577797.exe, 00000000.00000003.203771830.00000000055E5000.00000004.00000001.sdmpString found in binary or memory: http://www.jiyu-kobo.co.jp/N
    Source: #RFQ ORDER484475577797.exe, 00000000.00000003.204321884.00000000055E5000.00000004.00000001.sdmpString found in binary or memory: http://www.jiyu-kobo.co.jp/P
    Source: #RFQ ORDER484475577797.exe, 00000000.00000003.203771830.00000000055E5000.00000004.00000001.sdmpString found in binary or memory: http://www.jiyu-kobo.co.jp/Y0
    Source: #RFQ ORDER484475577797.exe, 00000000.00000003.203771830.00000000055E5000.00000004.00000001.sdmpString found in binary or memory: http://www.jiyu-kobo.co.jp/Y0pP
    Source: #RFQ ORDER484475577797.exe, 00000000.00000003.203771830.00000000055E5000.00000004.00000001.sdmpString found in binary or memory: http://www.jiyu-kobo.co.jp/het
    Source: #RFQ ORDER484475577797.exe, 00000000.00000003.203771830.00000000055E5000.00000004.00000001.sdmpString found in binary or memory: http://www.jiyu-kobo.co.jp/j
    Source: #RFQ ORDER484475577797.exe, 00000000.00000003.203771830.00000000055E5000.00000004.00000001.sdmpString found in binary or memory: http://www.jiyu-kobo.co.jp/jp/
    Source: #RFQ ORDER484475577797.exe, 00000000.00000003.203771830.00000000055E5000.00000004.00000001.sdmpString found in binary or memory: http://www.jiyu-kobo.co.jp/jp/)
    Source: #RFQ ORDER484475577797.exe, 00000000.00000003.204321884.00000000055E5000.00000004.00000001.sdmpString found in binary or memory: http://www.jiyu-kobo.co.jp/jp/4
    Source: #RFQ ORDER484475577797.exe, 00000000.00000003.204321884.00000000055E5000.00000004.00000001.sdmpString found in binary or memory: http://www.jiyu-kobo.co.jp/jp/j
    Source: #RFQ ORDER484475577797.exe, 00000000.00000003.203771830.00000000055E5000.00000004.00000001.sdmpString found in binary or memory: http://www.jiyu-kobo.co.jp/o
    Source: #RFQ ORDER484475577797.exe, 00000000.00000003.203771830.00000000055E5000.00000004.00000001.sdmpString found in binary or memory: http://www.jiyu-kobo.co.jp/siv
    Source: #RFQ ORDER484475577797.exe, 00000000.00000003.203771830.00000000055E5000.00000004.00000001.sdmpString found in binary or memory: http://www.jiyu-kobo.co.jp/u
    Source: #RFQ ORDER484475577797.exe, 00000000.00000003.203771830.00000000055E5000.00000004.00000001.sdmpString found in binary or memory: http://www.jiyu-kobo.co.jp/uet;
    Source: powershell.exe, 00000002.00000003.350811381.0000000009493000.00000004.00000001.sdmp, powershell.exe, 00000004.00000003.256253921.000000000745C000.00000004.00000001.sdmpString found in binary or memory: http://www.microsoft.co
    Source: #RFQ ORDER484475577797.exe, 00000000.00000003.199978541.00000000055E3000.00000004.00000001.sdmpString found in binary or memory: http://www.sajatypeworks.com
    Source: #RFQ ORDER484475577797.exe, 00000000.00000003.199978541.00000000055E3000.00000004.00000001.sdmpString found in binary or memory: http://www.sajatypeworks.com_
    Source: #RFQ ORDER484475577797.exe, 00000000.00000003.204321884.00000000055E5000.00000004.00000001.sdmpString found in binary or memory: http://www.sakkal.com
    Source: #RFQ ORDER484475577797.exe, 00000000.00000002.249815358.00000000067F2000.00000004.00000001.sdmpString found in binary or memory: http://www.sandoll.co.kr
    Source: #RFQ ORDER484475577797.exe, 00000000.00000002.249815358.00000000067F2000.00000004.00000001.sdmpString found in binary or memory: http://www.tiro.com
    Source: #RFQ ORDER484475577797.exe, 00000000.00000002.249815358.00000000067F2000.00000004.00000001.sdmpString found in binary or memory: http://www.typography.netD
    Source: #RFQ ORDER484475577797.exe, 00000000.00000003.205873226.00000000055E5000.00000004.00000001.sdmpString found in binary or memory: http://www.urwpp.de
    Source: #RFQ ORDER484475577797.exe, 00000000.00000002.249815358.00000000067F2000.00000004.00000001.sdmpString found in binary or memory: http://www.urwpp.deDPlease
    Source: #RFQ ORDER484475577797.exe, 00000000.00000002.249815358.00000000067F2000.00000004.00000001.sdmpString found in binary or memory: http://www.zhongyicts.com.cn
    Source: powershell.exe, 00000002.00000003.333673161.0000000007B8F000.00000004.00000001.sdmp, powershell.exe, 00000008.00000003.351711715.0000000007AA7000.00000004.00000001.sdmpString found in binary or memory: https://github.com/Pester/Pester
    Source: powershell.exe, 00000002.00000003.327034751.000000000533B000.00000004.00000001.sdmp, powershell.exe, 00000004.00000003.339252363.0000000004D7F000.00000004.00000001.sdmp, powershell.exe, 00000008.00000003.342461886.0000000005253000.00000004.00000001.sdmpString found in binary or memory: https://go.micro
    Source: #RFQ ORDER484475577797.exe, 00000000.00000002.234685013.0000000002611000.00000004.00000001.sdmpString found in binary or memory: https://stackpath.bootstrapcdn.com/bootstrap/4.5.0/css/bootstrap.min.css
    Source: #RFQ ORDER484475577797.exe, 0000000A.00000002.489457795.0000000003BF9000.00000004.00000001.sdmpBinary or memory string: RegisterRawInputDevices

    E-Banking Fraud:

    barindex
    Yara detected Nanocore RATShow sources
    Source: Yara matchFile source: 0000000A.00000000.222827759.0000000000402000.00000040.00000001.sdmp, type: MEMORY
    Source: Yara matchFile source: 0000000A.00000002.483639790.0000000002BB1000.00000004.00000001.sdmp, type: MEMORY
    Source: Yara matchFile source: 0000000A.00000000.223631637.0000000000402000.00000040.00000001.sdmp, type: MEMORY
    Source: Yara matchFile source: 00000000.00000002.237223638.0000000003611000.00000004.00000001.sdmp, type: MEMORY
    Source: Yara matchFile source: 0000000A.00000002.489457795.0000000003BF9000.00000004.00000001.sdmp, type: MEMORY
    Source: Yara matchFile source: 0000000A.00000002.467232540.0000000000402000.00000040.00000001.sdmp, type: MEMORY
    Source: Yara matchFile source: 0000000A.00000002.494542186.0000000005E10000.00000004.00000001.sdmp, type: MEMORY
    Source: Yara matchFile source: 0000000A.00000002.491386366.0000000004223000.00000004.00000001.sdmp, type: MEMORY
    Source: Yara matchFile source: 0000000A.00000002.491745715.00000000043D6000.00000004.00000001.sdmp, type: MEMORY
    Source: Yara matchFile source: 0000000A.00000002.492065013.000000000456E000.00000004.00000001.sdmp, type: MEMORY
    Source: Yara matchFile source: Process Memory Space: #RFQ ORDER484475577797.exe PID: 1048, type: MEMORY
    Source: Yara matchFile source: 10.2.#RFQ ORDER484475577797.exe.5e14629.29.raw.unpack, type: UNPACKEDPE
    Source: Yara matchFile source: 10.2.#RFQ ORDER484475577797.exe.400000.0.unpack, type: UNPACKEDPE
    Source: Yara matchFile source: 10.2.#RFQ ORDER484475577797.exe.5e10000.30.unpack, type: UNPACKEDPE
    Source: Yara matchFile source: 10.2.#RFQ ORDER484475577797.exe.43db548.16.unpack, type: UNPACKEDPE
    Source: Yara matchFile source: 10.0.#RFQ ORDER484475577797.exe.400000.3.unpack, type: UNPACKEDPE
    Source: Yara matchFile source: 0.2.#RFQ ORDER484475577797.exe.3742670.1.unpack, type: UNPACKEDPE
    Source: Yara matchFile source: 10.2.#RFQ ORDER484475577797.exe.3bfe7b8.10.unpack, type: UNPACKEDPE
    Source: Yara matchFile source: 10.2.#RFQ ORDER484475577797.exe.43db548.16.raw.unpack, type: UNPACKEDPE
    Source: Yara matchFile source: 0.2.#RFQ ORDER484475577797.exe.3742670.1.raw.unpack, type: UNPACKEDPE
    Source: Yara matchFile source: 10.2.#RFQ ORDER484475577797.exe.4573940.24.unpack, type: UNPACKEDPE
    Source: Yara matchFile source: 10.2.#RFQ ORDER484475577797.exe.5e10000.30.raw.unpack, type: UNPACKEDPE
    Source: Yara matchFile source: 10.2.#RFQ ORDER484475577797.exe.3bf9982.11.raw.unpack, type: UNPACKEDPE
    Source: Yara matchFile source: 10.2.#RFQ ORDER484475577797.exe.42de63d.15.raw.unpack, type: UNPACKEDPE
    Source: Yara matchFile source: 10.2.#RFQ ORDER484475577797.exe.3bfe7b8.10.raw.unpack, type: UNPACKEDPE
    Source: Yara matchFile source: 10.0.#RFQ ORDER484475577797.exe.400000.1.unpack, type: UNPACKEDPE
    Source: Yara matchFile source: 10.2.#RFQ ORDER484475577797.exe.3c02de1.12.raw.unpack, type: UNPACKEDPE
    Source: Yara matchFile source: 10.2.#RFQ ORDER484475577797.exe.43d6712.18.raw.unpack, type: UNPACKEDPE
    Source: Yara matchFile source: 10.2.#RFQ ORDER484475577797.exe.4577f69.22.raw.unpack, type: UNPACKEDPE
    Source: Yara matchFile source: 10.2.#RFQ ORDER484475577797.exe.42d2409.13.raw.unpack, type: UNPACKEDPE
    Source: Yara matchFile source: 10.2.#RFQ ORDER484475577797.exe.4573940.24.raw.unpack, type: UNPACKEDPE
    Source: Yara matchFile source: 10.2.#RFQ ORDER484475577797.exe.42f2c6a.14.raw.unpack, type: UNPACKEDPE
    Source: Yara matchFile source: 10.2.#RFQ ORDER484475577797.exe.43dfb71.17.raw.unpack, type: UNPACKEDPE
    Source: Yara matchFile source: 10.2.#RFQ ORDER484475577797.exe.456eb0a.23.raw.unpack, type: UNPACKEDPE

    System Summary:

    barindex
    Malicious sample detected (through community Yara rule)Show sources
    Source: 0000000A.00000002.494989235.0000000006530000.00000004.00000001.sdmp, type: MEMORYMatched rule: Detetcs the Nanocore RAT Author: Florian Roth
    Source: 0000000A.00000002.491944391.0000000004483000.00000004.00000001.sdmp, type: MEMORYMatched rule: NanoCore Author: Kevin Breen <kevin@techanarchy.net>
    Source: 0000000A.00000002.484331798.0000000002C1C000.00000004.00000001.sdmp, type: MEMORYMatched rule: NanoCore Author: Kevin Breen <kevin@techanarchy.net>
    Source: 0000000A.00000002.495585675.00000000065F0000.00000004.00000001.sdmp, type: MEMORYMatched rule: Detetcs the Nanocore RAT Author: Florian Roth
    Source: 0000000A.00000000.222827759.0000000000402000.00000040.00000001.sdmp, type: MEMORYMatched rule: Detetcs the Nanocore RAT Author: Florian Roth
    Source: 0000000A.00000000.222827759.0000000000402000.00000040.00000001.sdmp, type: MEMORYMatched rule: NanoCore Author: Kevin Breen <kevin@techanarchy.net>
    Source: 0000000A.00000002.495314337.00000000065A0000.00000004.00000001.sdmp, type: MEMORYMatched rule: Detetcs the Nanocore RAT Author: Florian Roth
    Source: 0000000A.00000002.495206933.0000000006580000.00000004.00000001.sdmp, type: MEMORYMatched rule: Detetcs the Nanocore RAT Author: Florian Roth
    Source: 0000000A.00000002.495261079.0000000006590000.00000004.00000001.sdmp, type: MEMORYMatched rule: Detetcs the Nanocore RAT Author: Florian Roth
    Source: 0000000A.00000002.495369457.00000000065B0000.00000004.00000001.sdmp, type: MEMORYMatched rule: Detetcs the Nanocore RAT Author: Florian Roth
    Source: 0000000A.00000002.495737204.0000000006630000.00000004.00000001.sdmp, type: MEMORYMatched rule: Detetcs the Nanocore RAT Author: Florian Roth
    Source: 0000000A.00000000.223631637.0000000000402000.00000040.00000001.sdmp, type: MEMORYMatched rule: Detetcs the Nanocore RAT Author: Florian Roth
    Source: 0000000A.00000000.223631637.0000000000402000.00000040.00000001.sdmp, type: MEMORYMatched rule: NanoCore Author: Kevin Breen <kevin@techanarchy.net>
    Source: 0000000A.00000002.495530552.00000000065E0000.00000004.00000001.sdmp, type: MEMORYMatched rule: Detetcs the Nanocore RAT Author: Florian Roth
    Source: 00000000.00000002.237223638.0000000003611000.00000004.00000001.sdmp, type: MEMORYMatched rule: Detetcs the Nanocore RAT Author: Florian Roth
    Source: 00000000.00000002.237223638.0000000003611000.00000004.00000001.sdmp, type: MEMORYMatched rule: NanoCore Author: Kevin Breen <kevin@techanarchy.net>
    Source: 0000000A.00000002.495151540.0000000006570000.00000004.00000001.sdmp, type: MEMORYMatched rule: Detetcs the Nanocore RAT Author: Florian Roth
    Source: 0000000A.00000002.493841988.0000000005430000.00000004.00000001.sdmp, type: MEMORYMatched rule: Detetcs the Nanocore RAT Author: Florian Roth
    Source: 0000000A.00000002.489457795.0000000003BF9000.00000004.00000001.sdmp, type: MEMORYMatched rule: NanoCore Author: Kevin Breen <kevin@techanarchy.net>
    Source: 0000000A.00000002.489186804.00000000030DC000.00000004.00000001.sdmp, type: MEMORYMatched rule: NanoCore Author: Kevin Breen <kevin@techanarchy.net>
    Source: 0000000A.00000002.467232540.0000000000402000.00000040.00000001.sdmp, type: MEMORYMatched rule: Detetcs the Nanocore RAT Author: Florian Roth
    Source: 0000000A.00000002.467232540.0000000000402000.00000040.00000001.sdmp, type: MEMORYMatched rule: NanoCore Author: Kevin Breen <kevin@techanarchy.net>
    Source: 0000000A.00000002.495415659.00000000065C0000.00000004.00000001.sdmp, type: MEMORYMatched rule: Detetcs the Nanocore RAT Author: Florian Roth
    Source: 0000000A.00000002.494542186.0000000005E10000.00000004.00000001.sdmp, type: MEMORYMatched rule: Detetcs the Nanocore RAT Author: Florian Roth
    Source: 0000000A.00000002.491386366.0000000004223000.00000004.00000001.sdmp, type: MEMORYMatched rule: NanoCore Author: Kevin Breen <kevin@techanarchy.net>
    Source: 0000000A.00000002.491745715.00000000043D6000.00000004.00000001.sdmp, type: MEMORYMatched rule: NanoCore Author: Kevin Breen <kevin@techanarchy.net>
    Source: 0000000A.00000002.492065013.000000000456E000.00000004.00000001.sdmp, type: MEMORYMatched rule: NanoCore Author: Kevin Breen <kevin@techanarchy.net>
    Source: 0000000A.00000002.495101158.0000000006560000.00000004.00000001.sdmp, type: MEMORYMatched rule: Detetcs the Nanocore RAT Author: Florian Roth
    Source: Process Memory Space: #RFQ ORDER484475577797.exe PID: 1048, type: MEMORYMatched rule: Detetcs the Nanocore RAT Author: Florian Roth
    Source: Process Memory Space: #RFQ ORDER484475577797.exe PID: 1048, type: MEMORYMatched rule: NanoCore Author: Kevin Breen <kevin@techanarchy.net>
    Source: 10.2.#RFQ ORDER484475577797.exe.2c91ed4.5.unpack, type: UNPACKEDPEMatched rule: Detetcs the Nanocore RAT Author: Florian Roth
    Source: 10.2.#RFQ ORDER484475577797.exe.6560000.32.raw.unpack, type: UNPACKEDPEMatched rule: Detetcs the Nanocore RAT Author: Florian Roth
    Source: 10.2.#RFQ ORDER484475577797.exe.5e14629.29.raw.unpack, type: UNPACKEDPEMatched rule: Detetcs the Nanocore RAT Author: Florian Roth
    Source: 10.2.#RFQ ORDER484475577797.exe.42d2409.13.unpack, type: UNPACKEDPEMatched rule: Detetcs the Nanocore RAT Author: Florian Roth
    Source: 10.2.#RFQ ORDER484475577797.exe.65c0000.38.unpack, type: UNPACKEDPEMatched rule: Detetcs the Nanocore RAT Author: Florian Roth
    Source: 10.2.#RFQ ORDER484475577797.exe.65e0000.39.unpack, type: UNPACKEDPEMatched rule: Detetcs the Nanocore RAT Author: Florian Roth
    Source: 10.2.#RFQ ORDER484475577797.exe.44df817.19.unpack, type: UNPACKEDPEMatched rule: Detetcs the Nanocore RAT Author: Florian Roth
    Source: 10.2.#RFQ ORDER484475577797.exe.400000.0.unpack, type: UNPACKEDPEMatched rule: Detetcs the Nanocore RAT Author: Florian Roth
    Source: 10.2.#RFQ ORDER484475577797.exe.400000.0.unpack, type: UNPACKEDPEMatched rule: NanoCore Author: Kevin Breen <kevin@techanarchy.net>
    Source: 10.2.#RFQ ORDER484475577797.exe.6590000.35.raw.unpack, type: UNPACKEDPEMatched rule: Detetcs the Nanocore RAT Author: Florian Roth
    Source: 10.2.#RFQ ORDER484475577797.exe.5e10000.30.unpack, type: UNPACKEDPEMatched rule: Detetcs the Nanocore RAT Author: Florian Roth
    Source: 10.2.#RFQ ORDER484475577797.exe.65f4c9f.42.raw.unpack, type: UNPACKEDPEMatched rule: Detetcs the Nanocore RAT Author: Florian Roth
    Source: 10.2.#RFQ ORDER484475577797.exe.43db548.16.unpack, type: UNPACKEDPEMatched rule: Detetcs the Nanocore RAT Author: Florian Roth
    Source: 10.0.#RFQ ORDER484475577797.exe.400000.3.unpack, type: UNPACKEDPEMatched rule: Detetcs the Nanocore RAT Author: Florian Roth
    Source: 10.0.#RFQ ORDER484475577797.exe.400000.3.unpack, type: UNPACKEDPEMatched rule: NanoCore Author: Kevin Breen <kevin@techanarchy.net>
    Source: 10.2.#RFQ ORDER484475577797.exe.65a0000.36.unpack, type: UNPACKEDPEMatched rule: Detetcs the Nanocore RAT Author: Florian Roth
    Source: 10.2.#RFQ ORDER484475577797.exe.44e8646.20.raw.unpack, type: UNPACKEDPEMatched rule: Detetcs the Nanocore RAT Author: Florian Roth
    Source: 10.2.#RFQ ORDER484475577797.exe.30e86dc.8.raw.unpack, type: UNPACKEDPEMatched rule: Detetcs the Nanocore RAT Author: Florian Roth
    Source: 10.2.#RFQ ORDER484475577797.exe.30e86dc.8.raw.unpack, type: UNPACKEDPEMatched rule: NanoCore Author: Kevin Breen <kevin@techanarchy.net>
    Source: 10.2.#RFQ ORDER484475577797.exe.65a0000.36.raw.unpack, type: UNPACKEDPEMatched rule: Detetcs the Nanocore RAT Author: Florian Roth
    Source: 10.2.#RFQ ORDER484475577797.exe.65e0000.39.raw.unpack, type: UNPACKEDPEMatched rule: Detetcs the Nanocore RAT Author: Florian Roth
    Source: 10.2.#RFQ ORDER484475577797.exe.2c9e150.4.raw.unpack, type: UNPACKEDPEMatched rule: Detetcs the Nanocore RAT Author: Florian Roth
    Source: 10.2.#RFQ ORDER484475577797.exe.2c9e150.4.raw.unpack, type: UNPACKEDPEMatched rule: NanoCore Author: Kevin Breen <kevin@techanarchy.net>
    Source: 0.2.#RFQ ORDER484475577797.exe.3742670.1.unpack, type: UNPACKEDPEMatched rule: Detetcs the Nanocore RAT Author: Florian Roth
    Source: 0.2.#RFQ ORDER484475577797.exe.3742670.1.unpack, type: UNPACKEDPEMatched rule: NanoCore Author: Kevin Breen <kevin@techanarchy.net>
    Source: 10.2.#RFQ ORDER484475577797.exe.3bfe7b8.10.unpack, type: UNPACKEDPEMatched rule: Detetcs the Nanocore RAT Author: Florian Roth
    Source: 10.2.#RFQ ORDER484475577797.exe.6570000.33.unpack, type: UNPACKEDPEMatched rule: Detetcs the Nanocore RAT Author: Florian Roth
    Source: 10.2.#RFQ ORDER484475577797.exe.30f4968.7.unpack, type: UNPACKEDPEMatched rule: Detetcs the Nanocore RAT Author: Florian Roth
    Source: 10.2.#RFQ ORDER484475577797.exe.6630000.43.unpack, type: UNPACKEDPEMatched rule: Detetcs the Nanocore RAT Author: Florian Roth
    Source: 10.2.#RFQ ORDER484475577797.exe.6630000.43.raw.unpack, type: UNPACKEDPEMatched rule: Detetcs the Nanocore RAT Author: Florian Roth
    Source: 10.2.#RFQ ORDER484475577797.exe.6570000.33.raw.unpack, type: UNPACKEDPEMatched rule: Detetcs the Nanocore RAT Author: Florian Roth
    Source: 10.2.#RFQ ORDER484475577797.exe.65b0000.37.raw.unpack, type: UNPACKEDPEMatched rule: Detetcs the Nanocore RAT Author: Florian Roth
    Source: 10.2.#RFQ ORDER484475577797.exe.65b0000.37.unpack, type: UNPACKEDPEMatched rule: Detetcs the Nanocore RAT Author: Florian Roth
    Source: 10.2.#RFQ ORDER484475577797.exe.44f6a76.21.raw.unpack, type: UNPACKEDPEMatched rule: Detetcs the Nanocore RAT Author: Florian Roth
    Source: 10.2.#RFQ ORDER484475577797.exe.2bdca0c.3.raw.unpack, type: UNPACKEDPEMatched rule: Detetcs the Nanocore RAT Author: Florian Roth
    Source: 10.2.#RFQ ORDER484475577797.exe.44f6a76.21.unpack, type: UNPACKEDPEMatched rule: Detetcs the Nanocore RAT Author: Florian Roth
    Source: 10.2.#RFQ ORDER484475577797.exe.43db548.16.raw.unpack, type: UNPACKEDPEMatched rule: Detetcs the Nanocore RAT Author: Florian Roth
    Source: 10.2.#RFQ ORDER484475577797.exe.43db548.16.raw.unpack, type: UNPACKEDPEMatched rule: NanoCore Author: Kevin Breen <kevin@techanarchy.net>
    Source: 10.2.#RFQ ORDER484475577797.exe.65c0000.38.raw.unpack, type: UNPACKEDPEMatched rule: Detetcs the Nanocore RAT Author: Florian Roth
    Source: 10.2.#RFQ ORDER484475577797.exe.2c9e150.4.unpack, type: UNPACKEDPEMatched rule: Detetcs the Nanocore RAT Author: Florian Roth
    Source: 0.2.#RFQ ORDER484475577797.exe.3742670.1.raw.unpack, type: UNPACKEDPEMatched rule: Detetcs the Nanocore RAT Author: Florian Roth
    Source: 0.2.#RFQ ORDER484475577797.exe.3742670.1.raw.unpack, type: UNPACKEDPEMatched rule: NanoCore Author: Kevin Breen <kevin@techanarchy.net>
    Source: 10.2.#RFQ ORDER484475577797.exe.44df817.19.raw.unpack, type: UNPACKEDPEMatched rule: Detetcs the Nanocore RAT Author: Florian Roth
    Source: 10.2.#RFQ ORDER484475577797.exe.44df817.19.raw.unpack, type: UNPACKEDPEMatched rule: NanoCore Author: Kevin Breen <kevin@techanarchy.net>
    Source: 10.2.#RFQ ORDER484475577797.exe.44e8646.20.unpack, type: UNPACKEDPEMatched rule: Detetcs the Nanocore RAT Author: Florian Roth
    Source: 10.2.#RFQ ORDER484475577797.exe.6530000.31.unpack, type: UNPACKEDPEMatched rule: Detetcs the Nanocore RAT Author: Florian Roth
    Source: 10.2.#RFQ ORDER484475577797.exe.6530000.31.raw.unpack, type: UNPACKEDPEMatched rule: Detetcs the Nanocore RAT Author: Florian Roth
    Source: 10.2.#RFQ ORDER484475577797.exe.42de63d.15.unpack, type: UNPACKEDPEMatched rule: Detetcs the Nanocore RAT Author: Florian Roth
    Source: 10.2.#RFQ ORDER484475577797.exe.6580000.34.raw.unpack, type: UNPACKEDPEMatched rule: Detetcs the Nanocore RAT Author: Florian Roth
    Source: 10.2.#RFQ ORDER484475577797.exe.4573940.24.unpack, type: UNPACKEDPEMatched rule: Detetcs the Nanocore RAT Author: Florian Roth
    Source: 10.2.#RFQ ORDER484475577797.exe.30e86dc.8.unpack, type: UNPACKEDPEMatched rule: Detetcs the Nanocore RAT Author: Florian Roth
    Source: 10.2.#RFQ ORDER484475577797.exe.6580000.34.unpack, type: UNPACKEDPEMatched rule: Detetcs the Nanocore RAT Author: Florian Roth
    Source: 10.2.#RFQ ORDER484475577797.exe.5e10000.30.raw.unpack, type: UNPACKEDPEMatched rule: Detetcs the Nanocore RAT Author: Florian Roth
    Source: 10.2.#RFQ ORDER484475577797.exe.3bf9982.11.raw.unpack, type: UNPACKEDPEMatched rule: Detetcs the Nanocore RAT Author: Florian Roth
    Source: 10.2.#RFQ ORDER484475577797.exe.3bf9982.11.raw.unpack, type: UNPACKEDPEMatched rule: NanoCore Author: Kevin Breen <kevin@techanarchy.net>
    Source: 10.2.#RFQ ORDER484475577797.exe.65fe8a4.41.raw.unpack, type: UNPACKEDPEMatched rule: Detetcs the Nanocore RAT Author: Florian Roth
    Source: 10.2.#RFQ ORDER484475577797.exe.5430000.26.raw.unpack, type: UNPACKEDPEMatched rule: Detetcs the Nanocore RAT Author: Florian Roth
    Source: 10.2.#RFQ ORDER484475577797.exe.42de63d.15.raw.unpack, type: UNPACKEDPEMatched rule: Detetcs the Nanocore RAT Author: Florian Roth
    Source: 10.2.#RFQ ORDER484475577797.exe.42de63d.15.raw.unpack, type: UNPACKEDPEMatched rule: NanoCore Author: Kevin Breen <kevin@techanarchy.net>
    Source: 10.2.#RFQ ORDER484475577797.exe.3bfe7b8.10.raw.unpack, type: UNPACKEDPEMatched rule: Detetcs the Nanocore RAT Author: Florian Roth
    Source: 10.0.#RFQ ORDER484475577797.exe.400000.1.unpack, type: UNPACKEDPEMatched rule: Detetcs the Nanocore RAT Author: Florian Roth
    Source: 10.0.#RFQ ORDER484475577797.exe.400000.1.unpack, type: UNPACKEDPEMatched rule: NanoCore Author: Kevin Breen <kevin@techanarchy.net>
    Source: 10.2.#RFQ ORDER484475577797.exe.65f0000.40.raw.unpack, type: UNPACKEDPEMatched rule: Detetcs the Nanocore RAT Author: Florian Roth
    Source: 10.2.#RFQ ORDER484475577797.exe.65f0000.40.unpack, type: UNPACKEDPEMatched rule: Detetcs the Nanocore RAT Author: Florian Roth
    Source: 10.2.#RFQ ORDER484475577797.exe.3c02de1.12.raw.unpack, type: UNPACKEDPEMatched rule: Detetcs the Nanocore RAT Author: Florian Roth
    Source: 10.2.#RFQ ORDER484475577797.exe.43d6712.18.raw.unpack, type: UNPACKEDPEMatched rule: Detetcs the Nanocore RAT Author: Florian Roth
    Source: 10.2.#RFQ ORDER484475577797.exe.43d6712.18.raw.unpack, type: UNPACKEDPEMatched rule: NanoCore Author: Kevin Breen <kevin@techanarchy.net>
    Source: 10.2.#RFQ ORDER484475577797.exe.30f4968.7.raw.unpack, type: UNPACKEDPEMatched rule: Detetcs the Nanocore RAT Author: Florian Roth
    Source: 10.2.#RFQ ORDER484475577797.exe.30f4968.7.raw.unpack, type: UNPACKEDPEMatched rule: NanoCore Author: Kevin Breen <kevin@techanarchy.net>
    Source: 10.2.#RFQ ORDER484475577797.exe.3108fe8.9.raw.unpack, type: UNPACKEDPEMatched rule: Detetcs the Nanocore RAT Author: Florian Roth
    Source: 10.2.#RFQ ORDER484475577797.exe.42d2409.13.raw.unpack, type: UNPACKEDPEMatched rule: Detetcs the Nanocore RAT Author: Florian Roth
    Source: 10.2.#RFQ ORDER484475577797.exe.42d2409.13.raw.unpack, type: UNPACKEDPEMatched rule: NanoCore Author: Kevin Breen <kevin@techanarchy.net>
    Source: 10.2.#RFQ ORDER484475577797.exe.4577f69.22.raw.unpack, type: UNPACKEDPEMatched rule: NanoCore Author: Kevin Breen <kevin@techanarchy.net>
    Source: 10.2.#RFQ ORDER484475577797.exe.2cb27c0.6.raw.unpack, type: UNPACKEDPEMatched rule: Detetcs the Nanocore RAT Author: Florian Roth
    Source: 10.2.#RFQ ORDER484475577797.exe.2cb27c0.6.raw.unpack, type: UNPACKEDPEMatched rule: NanoCore Author: Kevin Breen <kevin@techanarchy.net>
    Source: 10.2.#RFQ ORDER484475577797.exe.2c91ed4.5.raw.unpack, type: UNPACKEDPEMatched rule: Detetcs the Nanocore RAT Author: Florian Roth
    Source: 10.2.#RFQ ORDER484475577797.exe.2c91ed4.5.raw.unpack, type: UNPACKEDPEMatched rule: NanoCore Author: Kevin Breen <kevin@techanarchy.net>
    Source: 10.2.#RFQ ORDER484475577797.exe.4573940.24.raw.unpack, type: UNPACKEDPEMatched rule: NanoCore Author: Kevin Breen <kevin@techanarchy.net>
    Source: 10.2.#RFQ ORDER484475577797.exe.42f2c6a.14.raw.unpack, type: UNPACKEDPEMatched rule: Detetcs the Nanocore RAT Author: Florian Roth
    Source: 10.2.#RFQ ORDER484475577797.exe.42f2c6a.14.raw.unpack, type: UNPACKEDPEMatched rule: NanoCore Author: Kevin Breen <kevin@techanarchy.net>
    Source: 10.2.#RFQ ORDER484475577797.exe.43dfb71.17.raw.unpack, type: UNPACKEDPEMatched rule: Detetcs the Nanocore RAT Author: Florian Roth
    Source: 10.2.#RFQ ORDER484475577797.exe.43dfb71.17.raw.unpack, type: UNPACKEDPEMatched rule: NanoCore Author: Kevin Breen <kevin@techanarchy.net>
    Source: 10.2.#RFQ ORDER484475577797.exe.456eb0a.23.raw.unpack, type: UNPACKEDPEMatched rule: NanoCore Author: Kevin Breen <kevin@techanarchy.net>
    Initial sample is a PE file and has a suspicious nameShow sources
    Source: initial sampleStatic PE information: Filename: #RFQ ORDER484475577797.exe
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeCode function: 0_2_0249C2B00_2_0249C2B0
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeCode function: 0_2_024999700_2_02499970
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeCode function: 0_2_087200400_2_08720040
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeCode function: 0_2_08720C480_2_08720C48
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeCode function: 0_2_087215400_2_08721540
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeCode function: 0_2_08722DA80_2_08722DA8
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeCode function: 0_2_08721E600_2_08721E60
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeCode function: 0_2_0872F6580_2_0872F658
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeCode function: 0_2_087250780_2_08725078
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeCode function: 0_2_087200110_2_08720011
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeCode function: 0_2_0872C0F00_2_0872C0F0
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeCode function: 0_2_087260E20_2_087260E2
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeCode function: 0_2_087260E80_2_087260E8
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeCode function: 0_2_087238900_2_08723890
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeCode function: 0_2_087250880_2_08725088
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeCode function: 0_2_087291600_2_08729160
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeCode function: 0_2_0872915A0_2_0872915A
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeCode function: 0_2_0872A1280_2_0872A128
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeCode function: 0_2_087232200_2_08723220
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeCode function: 0_2_087253380_2_08725338
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeCode function: 0_2_087253280_2_08725328
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeCode function: 0_2_087283880_2_08728388
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeCode function: 0_2_08722C310_2_08722C31
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeCode function: 0_2_08720C390_2_08720C39
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeCode function: 0_2_08723C900_2_08723C90
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeCode function: 0_2_087255300_2_08725530
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeCode function: 0_2_087215300_2_08721530
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeCode function: 0_2_087255200_2_08725520
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeCode function: 0_2_08724E680_2_08724E68
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeCode function: 0_2_08721E500_2_08721E50
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeCode function: 0_2_08724E590_2_08724E59
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeCode function: 0_2_0872A6380_2_0872A638
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeCode function: 0_2_08720F780_2_08720F78
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeCode function: 0_2_08720F6A0_2_08720F6A
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeCode function: 0_2_087297F00_2_087297F0
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeCode function: 0_2_0872C7F00_2_0872C7F0
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeCode function: 0_2_087247E00_2_087247E0
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeCode function: 0_2_087297EB0_2_087297EB
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeCode function: 0_2_087247D10_2_087247D1
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeCode function: 0_2_0E45AFA00_2_0E45AFA0
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeCode function: 0_2_0E45B8700_2_0E45B870
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeCode function: 0_2_0E45D0B80_2_0E45D0B8
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeCode function: 0_2_0E45AC580_2_0E45AC58
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeCode function: 0_2_0E4511F00_2_0E4511F0
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeCode function: 2_2_0496CCF02_2_0496CCF0
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeCode function: 2_2_0496E8982_2_0496E898
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeCode function: 2_2_0496E8882_2_0496E888
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeCode function: 2_2_04968BB82_2_04968BB8
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeCode function: 2_2_04968BA82_2_04968BA8
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeCode function: 10_2_00EFE48010_2_00EFE480
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeCode function: 10_2_00EFE47110_2_00EFE471
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeCode function: 10_2_00EFBBD410_2_00EFBBD4
    Source: #RFQ ORDER484475577797.exeStatic PE information: Resource name: RT_ICON type: GLS_BINARY_LSB_FIRST
    Source: LNSXWuepjsOA.exe.0.drStatic PE information: Resource name: RT_ICON type: GLS_BINARY_LSB_FIRST
    Source: #RFQ ORDER484475577797.exe, 00000000.00000002.253119712.0000000008690000.00000004.00000001.sdmpBinary or memory string: OriginalFilenameDSASignature.dll@ vs #RFQ ORDER484475577797.exe
    Source: #RFQ ORDER484475577797.exe, 00000000.00000002.253999898.000000000E100000.00000002.00000001.sdmpBinary or memory string: System.OriginalFileName vs #RFQ ORDER484475577797.exe
    Source: #RFQ ORDER484475577797.exe, 00000000.00000002.251898184.00000000070A0000.00000002.00000001.sdmpBinary or memory string: originalfilename vs #RFQ ORDER484475577797.exe
    Source: #RFQ ORDER484475577797.exe, 00000000.00000002.251898184.00000000070A0000.00000002.00000001.sdmpBinary or memory string: OriginalFilenamepropsys.dll.mui@ vs #RFQ ORDER484475577797.exe
    Source: #RFQ ORDER484475577797.exe, 00000000.00000000.197575644.0000000000232000.00000002.00020000.sdmpBinary or memory string: OriginalFilenameGuidStyles.exe. vs #RFQ ORDER484475577797.exe
    Source: #RFQ ORDER484475577797.exe, 0000000A.00000000.224208433.00000000008B2000.00000002.00020000.sdmpBinary or memory string: OriginalFilenameGuidStyles.exe. vs #RFQ ORDER484475577797.exe
    Source: #RFQ ORDER484475577797.exe, 0000000A.00000002.494989235.0000000006530000.00000004.00000001.sdmpBinary or memory string: OriginalFilenameManagementClientPlugin.dll4 vs #RFQ ORDER484475577797.exe
    Source: #RFQ ORDER484475577797.exe, 0000000A.00000002.491944391.0000000004483000.00000004.00000001.sdmpBinary or memory string: OriginalFilenameMyClientPlugin.dll@ vs #RFQ ORDER484475577797.exe
    Source: #RFQ ORDER484475577797.exe, 0000000A.00000002.491944391.0000000004483000.00000004.00000001.sdmpBinary or memory string: OriginalFilenameNanoCoreStressTester.dll< vs #RFQ ORDER484475577797.exe
    Source: #RFQ ORDER484475577797.exe, 0000000A.00000002.491944391.0000000004483000.00000004.00000001.sdmpBinary or memory string: OriginalFilenameNetworkClientPlugin.dll4 vs #RFQ ORDER484475577797.exe
    Source: #RFQ ORDER484475577797.exe, 0000000A.00000002.491944391.0000000004483000.00000004.00000001.sdmpBinary or memory string: OriginalFilenameSecurityClientPlugin.dll4 vs #RFQ ORDER484475577797.exe
    Source: #RFQ ORDER484475577797.exe, 0000000A.00000002.491944391.0000000004483000.00000004.00000001.sdmpBinary or memory string: OriginalFilenameAForge.Video.DirectShow.dll4 vs #RFQ ORDER484475577797.exe
    Source: #RFQ ORDER484475577797.exe, 0000000A.00000002.491944391.0000000004483000.00000004.00000001.sdmpBinary or memory string: OriginalFilenameNAudio.dll4 vs #RFQ ORDER484475577797.exe
    Source: #RFQ ORDER484475577797.exe, 0000000A.00000002.491944391.0000000004483000.00000004.00000001.sdmpBinary or memory string: OriginalFilenameSurveillanceClientPlugin.dll4 vs #RFQ ORDER484475577797.exe
    Source: #RFQ ORDER484475577797.exe, 0000000A.00000002.491944391.0000000004483000.00000004.00000001.sdmpBinary or memory string: OriginalFilenameToolsClientPlugin.dll4 vs #RFQ ORDER484475577797.exe
    Source: #RFQ ORDER484475577797.exe, 0000000A.00000002.484331798.0000000002C1C000.00000004.00000001.sdmpBinary or memory string: OriginalFilenameCoreClientPlugin.dll8 vs #RFQ ORDER484475577797.exe
    Source: #RFQ ORDER484475577797.exe, 0000000A.00000002.484331798.0000000002C1C000.00000004.00000001.sdmpBinary or memory string: OriginalFilenameNanoCoreBase.dll< vs #RFQ ORDER484475577797.exe
    Source: #RFQ ORDER484475577797.exe, 0000000A.00000002.484331798.0000000002C1C000.00000004.00000001.sdmpBinary or memory string: OriginalFilenameMyClientPluginNew.dll4 vs #RFQ ORDER484475577797.exe
    Source: #RFQ ORDER484475577797.exe, 0000000A.00000002.484331798.0000000002C1C000.00000004.00000001.sdmpBinary or memory string: OriginalFilenameFileBrowserClient.dllT vs #RFQ ORDER484475577797.exe
    Source: #RFQ ORDER484475577797.exe, 0000000A.00000002.484331798.0000000002C1C000.00000004.00000001.sdmpBinary or memory string: OriginalFilenameMyClientPlugin.dll4 vs #RFQ ORDER484475577797.exe
    Source: #RFQ ORDER484475577797.exe, 0000000A.00000002.484331798.0000000002C1C000.00000004.00000001.sdmpBinary or memory string: OriginalFilenameClientPlugin.dll4 vs #RFQ ORDER484475577797.exe
    Source: #RFQ ORDER484475577797.exe, 0000000A.00000002.479220342.0000000000F98000.00000004.00000020.sdmpBinary or memory string: OriginalFilenameclr.dllT vs #RFQ ORDER484475577797.exe
    Source: #RFQ ORDER484475577797.exe, 0000000A.00000002.480203396.0000000001090000.00000002.00000001.sdmpBinary or memory string: OriginalFilenameKernelbase.dll.muij% vs #RFQ ORDER484475577797.exe
    Source: #RFQ ORDER484475577797.exe, 0000000A.00000002.489457795.0000000003BF9000.00000004.00000001.sdmpBinary or memory string: OriginalFilenameLzma#.dll4 vs #RFQ ORDER484475577797.exe
    Source: #RFQ ORDER484475577797.exe, 0000000A.00000002.489457795.0000000003BF9000.00000004.00000001.sdmpBinary or memory string: OriginalFilenameSurveillanceExClientPlugin.dll4 vs #RFQ ORDER484475577797.exe
    Source: #RFQ ORDER484475577797.exeBinary or memory string: OriginalFilenameGuidStyles.exe. vs #RFQ ORDER484475577797.exe
    Source: #RFQ ORDER484475577797.exeStatic PE information: 32BIT_MACHINE, EXECUTABLE_IMAGE
    Source: 0000000A.00000002.494989235.0000000006530000.00000004.00000001.sdmp, type: MEMORYMatched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, license = https://creativecommons.org/licenses/by-nc/4.0/, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/
    Source: 0000000A.00000002.494989235.0000000006530000.00000004.00000001.sdmp, type: MEMORYMatched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = https://creativecommons.org/licenses/by-nc/4.0/
    Source: 0000000A.00000002.491944391.0000000004483000.00000004.00000001.sdmp, type: MEMORYMatched rule: NanoCore date = 2014/04, filetype = exe, author = Kevin Breen <kevin@techanarchy.net>, maltype = Remote Access Trojan, ref = http://malwareconfig.com/stats/NanoCore
    Source: 0000000A.00000002.484331798.0000000002C1C000.00000004.00000001.sdmp, type: MEMORYMatched rule: NanoCore date = 2014/04, filetype = exe, author = Kevin Breen <kevin@techanarchy.net>, maltype = Remote Access Trojan, ref = http://malwareconfig.com/stats/NanoCore
    Source: 0000000A.00000002.495585675.00000000065F0000.00000004.00000001.sdmp, type: MEMORYMatched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, license = https://creativecommons.org/licenses/by-nc/4.0/, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/
    Source: 0000000A.00000002.495585675.00000000065F0000.00000004.00000001.sdmp, type: MEMORYMatched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = https://creativecommons.org/licenses/by-nc/4.0/
    Source: 0000000A.00000000.222827759.0000000000402000.00000040.00000001.sdmp, type: MEMORYMatched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, license = https://creativecommons.org/licenses/by-nc/4.0/, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/
    Source: 0000000A.00000000.222827759.0000000000402000.00000040.00000001.sdmp, type: MEMORYMatched rule: NanoCore date = 2014/04, filetype = exe, author = Kevin Breen <kevin@techanarchy.net>, maltype = Remote Access Trojan, ref = http://malwareconfig.com/stats/NanoCore
    Source: 0000000A.00000002.495314337.00000000065A0000.00000004.00000001.sdmp, type: MEMORYMatched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, license = https://creativecommons.org/licenses/by-nc/4.0/, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/
    Source: 0000000A.00000002.495314337.00000000065A0000.00000004.00000001.sdmp, type: MEMORYMatched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = https://creativecommons.org/licenses/by-nc/4.0/
    Source: 0000000A.00000002.495206933.0000000006580000.00000004.00000001.sdmp, type: MEMORYMatched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, license = https://creativecommons.org/licenses/by-nc/4.0/, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/
    Source: 0000000A.00000002.495206933.0000000006580000.00000004.00000001.sdmp, type: MEMORYMatched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = https://creativecommons.org/licenses/by-nc/4.0/
    Source: 0000000A.00000002.495261079.0000000006590000.00000004.00000001.sdmp, type: MEMORYMatched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, license = https://creativecommons.org/licenses/by-nc/4.0/, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/
    Source: 0000000A.00000002.495261079.0000000006590000.00000004.00000001.sdmp, type: MEMORYMatched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = https://creativecommons.org/licenses/by-nc/4.0/
    Source: 0000000A.00000002.495369457.00000000065B0000.00000004.00000001.sdmp, type: MEMORYMatched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, license = https://creativecommons.org/licenses/by-nc/4.0/, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/
    Source: 0000000A.00000002.495369457.00000000065B0000.00000004.00000001.sdmp, type: MEMORYMatched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = https://creativecommons.org/licenses/by-nc/4.0/
    Source: 0000000A.00000002.495737204.0000000006630000.00000004.00000001.sdmp, type: MEMORYMatched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, license = https://creativecommons.org/licenses/by-nc/4.0/, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/
    Source: 0000000A.00000002.495737204.0000000006630000.00000004.00000001.sdmp, type: MEMORYMatched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = https://creativecommons.org/licenses/by-nc/4.0/
    Source: 0000000A.00000000.223631637.0000000000402000.00000040.00000001.sdmp, type: MEMORYMatched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, license = https://creativecommons.org/licenses/by-nc/4.0/, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/
    Source: 0000000A.00000000.223631637.0000000000402000.00000040.00000001.sdmp, type: MEMORYMatched rule: NanoCore date = 2014/04, filetype = exe, author = Kevin Breen <kevin@techanarchy.net>, maltype = Remote Access Trojan, ref = http://malwareconfig.com/stats/NanoCore
    Source: 0000000A.00000002.495530552.00000000065E0000.00000004.00000001.sdmp, type: MEMORYMatched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, license = https://creativecommons.org/licenses/by-nc/4.0/, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/
    Source: 0000000A.00000002.495530552.00000000065E0000.00000004.00000001.sdmp, type: MEMORYMatched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = https://creativecommons.org/licenses/by-nc/4.0/
    Source: 00000000.00000002.237223638.0000000003611000.00000004.00000001.sdmp, type: MEMORYMatched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, license = https://creativecommons.org/licenses/by-nc/4.0/, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/
    Source: 00000000.00000002.237223638.0000000003611000.00000004.00000001.sdmp, type: MEMORYMatched rule: NanoCore date = 2014/04, filetype = exe, author = Kevin Breen <kevin@techanarchy.net>, maltype = Remote Access Trojan, ref = http://malwareconfig.com/stats/NanoCore
    Source: 0000000A.00000002.495151540.0000000006570000.00000004.00000001.sdmp, type: MEMORYMatched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, license = https://creativecommons.org/licenses/by-nc/4.0/, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/
    Source: 0000000A.00000002.495151540.0000000006570000.00000004.00000001.sdmp, type: MEMORYMatched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = https://creativecommons.org/licenses/by-nc/4.0/
    Source: 0000000A.00000002.493841988.0000000005430000.00000004.00000001.sdmp, type: MEMORYMatched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, license = https://creativecommons.org/licenses/by-nc/4.0/, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/
    Source: 0000000A.00000002.493841988.0000000005430000.00000004.00000001.sdmp, type: MEMORYMatched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = https://creativecommons.org/licenses/by-nc/4.0/
    Source: 0000000A.00000002.489457795.0000000003BF9000.00000004.00000001.sdmp, type: MEMORYMatched rule: NanoCore date = 2014/04, filetype = exe, author = Kevin Breen <kevin@techanarchy.net>, maltype = Remote Access Trojan, ref = http://malwareconfig.com/stats/NanoCore
    Source: 0000000A.00000002.489186804.00000000030DC000.00000004.00000001.sdmp, type: MEMORYMatched rule: NanoCore date = 2014/04, filetype = exe, author = Kevin Breen <kevin@techanarchy.net>, maltype = Remote Access Trojan, ref = http://malwareconfig.com/stats/NanoCore
    Source: 0000000A.00000002.467232540.0000000000402000.00000040.00000001.sdmp, type: MEMORYMatched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, license = https://creativecommons.org/licenses/by-nc/4.0/, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/
    Source: 0000000A.00000002.467232540.0000000000402000.00000040.00000001.sdmp, type: MEMORYMatched rule: NanoCore date = 2014/04, filetype = exe, author = Kevin Breen <kevin@techanarchy.net>, maltype = Remote Access Trojan, ref = http://malwareconfig.com/stats/NanoCore
    Source: 0000000A.00000002.495415659.00000000065C0000.00000004.00000001.sdmp, type: MEMORYMatched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, license = https://creativecommons.org/licenses/by-nc/4.0/, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/
    Source: 0000000A.00000002.495415659.00000000065C0000.00000004.00000001.sdmp, type: MEMORYMatched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = https://creativecommons.org/licenses/by-nc/4.0/
    Source: 0000000A.00000002.494542186.0000000005E10000.00000004.00000001.sdmp, type: MEMORYMatched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, license = https://creativecommons.org/licenses/by-nc/4.0/, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/
    Source: 0000000A.00000002.494542186.0000000005E10000.00000004.00000001.sdmp, type: MEMORYMatched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = https://creativecommons.org/licenses/by-nc/4.0/
    Source: 0000000A.00000002.491386366.0000000004223000.00000004.00000001.sdmp, type: MEMORYMatched rule: NanoCore date = 2014/04, filetype = exe, author = Kevin Breen <kevin@techanarchy.net>, maltype = Remote Access Trojan, ref = http://malwareconfig.com/stats/NanoCore
    Source: 0000000A.00000002.491745715.00000000043D6000.00000004.00000001.sdmp, type: MEMORYMatched rule: NanoCore date = 2014/04, filetype = exe, author = Kevin Breen <kevin@techanarchy.net>, maltype = Remote Access Trojan, ref = http://malwareconfig.com/stats/NanoCore
    Source: 0000000A.00000002.492065013.000000000456E000.00000004.00000001.sdmp, type: MEMORYMatched rule: NanoCore date = 2014/04, filetype = exe, author = Kevin Breen <kevin@techanarchy.net>, maltype = Remote Access Trojan, ref = http://malwareconfig.com/stats/NanoCore
    Source: 0000000A.00000002.495101158.0000000006560000.00000004.00000001.sdmp, type: MEMORYMatched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, license = https://creativecommons.org/licenses/by-nc/4.0/, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/
    Source: 0000000A.00000002.495101158.0000000006560000.00000004.00000001.sdmp, type: MEMORYMatched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = https://creativecommons.org/licenses/by-nc/4.0/
    Source: Process Memory Space: #RFQ ORDER484475577797.exe PID: 1048, type: MEMORYMatched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, license = https://creativecommons.org/licenses/by-nc/4.0/, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/
    Source: Process Memory Space: #RFQ ORDER484475577797.exe PID: 1048, type: MEMORYMatched rule: NanoCore date = 2014/04, filetype = exe, author = Kevin Breen <kevin@techanarchy.net>, maltype = Remote Access Trojan, ref = http://malwareconfig.com/stats/NanoCore
    Source: 10.2.#RFQ ORDER484475577797.exe.2c91ed4.5.unpack, type: UNPACKEDPEMatched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, license = https://creativecommons.org/licenses/by-nc/4.0/, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/
    Source: 10.2.#RFQ ORDER484475577797.exe.2c91ed4.5.unpack, type: UNPACKEDPEMatched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = https://creativecommons.org/licenses/by-nc/4.0/
    Source: 10.2.#RFQ ORDER484475577797.exe.6560000.32.raw.unpack, type: UNPACKEDPEMatched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, license = https://creativecommons.org/licenses/by-nc/4.0/, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/
    Source: 10.2.#RFQ ORDER484475577797.exe.6560000.32.raw.unpack, type: UNPACKEDPEMatched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = https://creativecommons.org/licenses/by-nc/4.0/
    Source: 10.2.#RFQ ORDER484475577797.exe.5e14629.29.raw.unpack, type: UNPACKEDPEMatched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, license = https://creativecommons.org/licenses/by-nc/4.0/, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/
    Source: 10.2.#RFQ ORDER484475577797.exe.5e14629.29.raw.unpack, type: UNPACKEDPEMatched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = https://creativecommons.org/licenses/by-nc/4.0/
    Source: 10.2.#RFQ ORDER484475577797.exe.42d2409.13.unpack, type: UNPACKEDPEMatched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, license = https://creativecommons.org/licenses/by-nc/4.0/, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/
    Source: 10.2.#RFQ ORDER484475577797.exe.42d2409.13.unpack, type: UNPACKEDPEMatched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = https://creativecommons.org/licenses/by-nc/4.0/
    Source: 10.2.#RFQ ORDER484475577797.exe.65c0000.38.unpack, type: UNPACKEDPEMatched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, license = https://creativecommons.org/licenses/by-nc/4.0/, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/
    Source: 10.2.#RFQ ORDER484475577797.exe.65c0000.38.unpack, type: UNPACKEDPEMatched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = https://creativecommons.org/licenses/by-nc/4.0/
    Source: 10.2.#RFQ ORDER484475577797.exe.65e0000.39.unpack, type: UNPACKEDPEMatched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, license = https://creativecommons.org/licenses/by-nc/4.0/, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/
    Source: 10.2.#RFQ ORDER484475577797.exe.65e0000.39.unpack, type: UNPACKEDPEMatched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = https://creativecommons.org/licenses/by-nc/4.0/
    Source: 10.2.#RFQ ORDER484475577797.exe.44df817.19.unpack, type: UNPACKEDPEMatched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, license = https://creativecommons.org/licenses/by-nc/4.0/, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/
    Source: 10.2.#RFQ ORDER484475577797.exe.44df817.19.unpack, type: UNPACKEDPEMatched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = https://creativecommons.org/licenses/by-nc/4.0/
    Source: 10.2.#RFQ ORDER484475577797.exe.400000.0.unpack, type: UNPACKEDPEMatched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, license = https://creativecommons.org/licenses/by-nc/4.0/, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/
    Source: 10.2.#RFQ ORDER484475577797.exe.400000.0.unpack, type: UNPACKEDPEMatched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = https://creativecommons.org/licenses/by-nc/4.0/
    Source: 10.2.#RFQ ORDER484475577797.exe.400000.0.unpack, type: UNPACKEDPEMatched rule: NanoCore date = 2014/04, filetype = exe, author = Kevin Breen <kevin@techanarchy.net>, maltype = Remote Access Trojan, ref = http://malwareconfig.com/stats/NanoCore
    Source: 10.2.#RFQ ORDER484475577797.exe.6590000.35.raw.unpack, type: UNPACKEDPEMatched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, license = https://creativecommons.org/licenses/by-nc/4.0/, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/
    Source: 10.2.#RFQ ORDER484475577797.exe.6590000.35.raw.unpack, type: UNPACKEDPEMatched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = https://creativecommons.org/licenses/by-nc/4.0/
    Source: 10.2.#RFQ ORDER484475577797.exe.5e10000.30.unpack, type: UNPACKEDPEMatched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, license = https://creativecommons.org/licenses/by-nc/4.0/, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/
    Source: 10.2.#RFQ ORDER484475577797.exe.5e10000.30.unpack, type: UNPACKEDPEMatched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = https://creativecommons.org/licenses/by-nc/4.0/
    Source: 10.2.#RFQ ORDER484475577797.exe.65f4c9f.42.raw.unpack, type: UNPACKEDPEMatched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, license = https://creativecommons.org/licenses/by-nc/4.0/, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/
    Source: 10.2.#RFQ ORDER484475577797.exe.65f4c9f.42.raw.unpack, type: UNPACKEDPEMatched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = https://creativecommons.org/licenses/by-nc/4.0/
    Source: 10.2.#RFQ ORDER484475577797.exe.43db548.16.unpack, type: UNPACKEDPEMatched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, license = https://creativecommons.org/licenses/by-nc/4.0/, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/
    Source: 10.2.#RFQ ORDER484475577797.exe.43db548.16.unpack, type: UNPACKEDPEMatched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = https://creativecommons.org/licenses/by-nc/4.0/
    Source: 10.0.#RFQ ORDER484475577797.exe.400000.3.unpack, type: UNPACKEDPEMatched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, license = https://creativecommons.org/licenses/by-nc/4.0/, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/
    Source: 10.0.#RFQ ORDER484475577797.exe.400000.3.unpack, type: UNPACKEDPEMatched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = https://creativecommons.org/licenses/by-nc/4.0/
    Source: 10.0.#RFQ ORDER484475577797.exe.400000.3.unpack, type: UNPACKEDPEMatched rule: NanoCore date = 2014/04, filetype = exe, author = Kevin Breen <kevin@techanarchy.net>, maltype = Remote Access Trojan, ref = http://malwareconfig.com/stats/NanoCore
    Source: 10.2.#RFQ ORDER484475577797.exe.65a0000.36.unpack, type: UNPACKEDPEMatched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, license = https://creativecommons.org/licenses/by-nc/4.0/, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/
    Source: 10.2.#RFQ ORDER484475577797.exe.65a0000.36.unpack, type: UNPACKEDPEMatched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = https://creativecommons.org/licenses/by-nc/4.0/
    Source: 10.2.#RFQ ORDER484475577797.exe.44e8646.20.raw.unpack, type: UNPACKEDPEMatched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, license = https://creativecommons.org/licenses/by-nc/4.0/, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/
    Source: 10.2.#RFQ ORDER484475577797.exe.44e8646.20.raw.unpack, type: UNPACKEDPEMatched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = https://creativecommons.org/licenses/by-nc/4.0/
    Source: 10.2.#RFQ ORDER484475577797.exe.30e86dc.8.raw.unpack, type: UNPACKEDPEMatched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, license = https://creativecommons.org/licenses/by-nc/4.0/, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/
    Source: 10.2.#RFQ ORDER484475577797.exe.30e86dc.8.raw.unpack, type: UNPACKEDPEMatched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = https://creativecommons.org/licenses/by-nc/4.0/
    Source: 10.2.#RFQ ORDER484475577797.exe.30e86dc.8.raw.unpack, type: UNPACKEDPEMatched rule: NanoCore date = 2014/04, filetype = exe, author = Kevin Breen <kevin@techanarchy.net>, maltype = Remote Access Trojan, ref = http://malwareconfig.com/stats/NanoCore
    Source: 10.2.#RFQ ORDER484475577797.exe.65a0000.36.raw.unpack, type: UNPACKEDPEMatched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, license = https://creativecommons.org/licenses/by-nc/4.0/, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/
    Source: 10.2.#RFQ ORDER484475577797.exe.65a0000.36.raw.unpack, type: UNPACKEDPEMatched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = https://creativecommons.org/licenses/by-nc/4.0/
    Source: 10.2.#RFQ ORDER484475577797.exe.65e0000.39.raw.unpack, type: UNPACKEDPEMatched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, license = https://creativecommons.org/licenses/by-nc/4.0/, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/
    Source: 10.2.#RFQ ORDER484475577797.exe.65e0000.39.raw.unpack, type: UNPACKEDPEMatched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = https://creativecommons.org/licenses/by-nc/4.0/
    Source: 10.2.#RFQ ORDER484475577797.exe.2c9e150.4.raw.unpack, type: UNPACKEDPEMatched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, license = https://creativecommons.org/licenses/by-nc/4.0/, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/
    Source: 10.2.#RFQ ORDER484475577797.exe.2c9e150.4.raw.unpack, type: UNPACKEDPEMatched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = https://creativecommons.org/licenses/by-nc/4.0/
    Source: 10.2.#RFQ ORDER484475577797.exe.2c9e150.4.raw.unpack, type: UNPACKEDPEMatched rule: NanoCore date = 2014/04, filetype = exe, author = Kevin Breen <kevin@techanarchy.net>, maltype = Remote Access Trojan, ref = http://malwareconfig.com/stats/NanoCore
    Source: 0.2.#RFQ ORDER484475577797.exe.3742670.1.unpack, type: UNPACKEDPEMatched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, license = https://creativecommons.org/licenses/by-nc/4.0/, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/
    Source: 0.2.#RFQ ORDER484475577797.exe.3742670.1.unpack, type: UNPACKEDPEMatched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = https://creativecommons.org/licenses/by-nc/4.0/
    Source: 0.2.#RFQ ORDER484475577797.exe.3742670.1.unpack, type: UNPACKEDPEMatched rule: NanoCore date = 2014/04, filetype = exe, author = Kevin Breen <kevin@techanarchy.net>, maltype = Remote Access Trojan, ref = http://malwareconfig.com/stats/NanoCore
    Source: 10.2.#RFQ ORDER484475577797.exe.3bfe7b8.10.unpack, type: UNPACKEDPEMatched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, license = https://creativecommons.org/licenses/by-nc/4.0/, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/
    Source: 10.2.#RFQ ORDER484475577797.exe.3bfe7b8.10.unpack, type: UNPACKEDPEMatched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = https://creativecommons.org/licenses/by-nc/4.0/
    Source: 10.2.#RFQ ORDER484475577797.exe.6570000.33.unpack, type: UNPACKEDPEMatched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, license = https://creativecommons.org/licenses/by-nc/4.0/, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/
    Source: 10.2.#RFQ ORDER484475577797.exe.6570000.33.unpack, type: UNPACKEDPEMatched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = https://creativecommons.org/licenses/by-nc/4.0/
    Source: 10.2.#RFQ ORDER484475577797.exe.30f4968.7.unpack, type: UNPACKEDPEMatched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, license = https://creativecommons.org/licenses/by-nc/4.0/, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/
    Source: 10.2.#RFQ ORDER484475577797.exe.30f4968.7.unpack, type: UNPACKEDPEMatched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = https://creativecommons.org/licenses/by-nc/4.0/
    Source: 10.2.#RFQ ORDER484475577797.exe.6630000.43.unpack, type: UNPACKEDPEMatched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, license = https://creativecommons.org/licenses/by-nc/4.0/, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/
    Source: 10.2.#RFQ ORDER484475577797.exe.6630000.43.unpack, type: UNPACKEDPEMatched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = https://creativecommons.org/licenses/by-nc/4.0/
    Source: 10.2.#RFQ ORDER484475577797.exe.6630000.43.raw.unpack, type: UNPACKEDPEMatched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, license = https://creativecommons.org/licenses/by-nc/4.0/, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/
    Source: 10.2.#RFQ ORDER484475577797.exe.6630000.43.raw.unpack, type: UNPACKEDPEMatched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = https://creativecommons.org/licenses/by-nc/4.0/
    Source: 10.2.#RFQ ORDER484475577797.exe.6570000.33.raw.unpack, type: UNPACKEDPEMatched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, license = https://creativecommons.org/licenses/by-nc/4.0/, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/
    Source: 10.2.#RFQ ORDER484475577797.exe.6570000.33.raw.unpack, type: UNPACKEDPEMatched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = https://creativecommons.org/licenses/by-nc/4.0/
    Source: 10.2.#RFQ ORDER484475577797.exe.65b0000.37.raw.unpack, type: UNPACKEDPEMatched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, license = https://creativecommons.org/licenses/by-nc/4.0/, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/
    Source: 10.2.#RFQ ORDER484475577797.exe.65b0000.37.raw.unpack, type: UNPACKEDPEMatched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = https://creativecommons.org/licenses/by-nc/4.0/
    Source: 10.2.#RFQ ORDER484475577797.exe.65b0000.37.unpack, type: UNPACKEDPEMatched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, license = https://creativecommons.org/licenses/by-nc/4.0/, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/
    Source: 10.2.#RFQ ORDER484475577797.exe.65b0000.37.unpack, type: UNPACKEDPEMatched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = https://creativecommons.org/licenses/by-nc/4.0/
    Source: 10.2.#RFQ ORDER484475577797.exe.44f6a76.21.raw.unpack, type: UNPACKEDPEMatched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, license = https://creativecommons.org/licenses/by-nc/4.0/, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/
    Source: 10.2.#RFQ ORDER484475577797.exe.44f6a76.21.raw.unpack, type: UNPACKEDPEMatched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = https://creativecommons.org/licenses/by-nc/4.0/
    Source: 10.2.#RFQ ORDER484475577797.exe.2bdca0c.3.raw.unpack, type: UNPACKEDPEMatched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, license = https://creativecommons.org/licenses/by-nc/4.0/, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/
    Source: 10.2.#RFQ ORDER484475577797.exe.2bdca0c.3.raw.unpack, type: UNPACKEDPEMatched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = https://creativecommons.org/licenses/by-nc/4.0/
    Source: 10.2.#RFQ ORDER484475577797.exe.44f6a76.21.unpack, type: UNPACKEDPEMatched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, license = https://creativecommons.org/licenses/by-nc/4.0/, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/
    Source: 10.2.#RFQ ORDER484475577797.exe.44f6a76.21.unpack, type: UNPACKEDPEMatched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = https://creativecommons.org/licenses/by-nc/4.0/
    Source: 10.2.#RFQ ORDER484475577797.exe.43db548.16.raw.unpack, type: UNPACKEDPEMatched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, license = https://creativecommons.org/licenses/by-nc/4.0/, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/
    Source: 10.2.#RFQ ORDER484475577797.exe.43db548.16.raw.unpack, type: UNPACKEDPEMatched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = https://creativecommons.org/licenses/by-nc/4.0/
    Source: 10.2.#RFQ ORDER484475577797.exe.43db548.16.raw.unpack, type: UNPACKEDPEMatched rule: NanoCore date = 2014/04, filetype = exe, author = Kevin Breen <kevin@techanarchy.net>, maltype = Remote Access Trojan, ref = http://malwareconfig.com/stats/NanoCore
    Source: 10.2.#RFQ ORDER484475577797.exe.65c0000.38.raw.unpack, type: UNPACKEDPEMatched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, license = https://creativecommons.org/licenses/by-nc/4.0/, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/
    Source: 10.2.#RFQ ORDER484475577797.exe.65c0000.38.raw.unpack, type: UNPACKEDPEMatched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = https://creativecommons.org/licenses/by-nc/4.0/
    Source: 10.2.#RFQ ORDER484475577797.exe.2c9e150.4.unpack, type: UNPACKEDPEMatched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, license = https://creativecommons.org/licenses/by-nc/4.0/, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/
    Source: 10.2.#RFQ ORDER484475577797.exe.2c9e150.4.unpack, type: UNPACKEDPEMatched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = https://creativecommons.org/licenses/by-nc/4.0/
    Source: 0.2.#RFQ ORDER484475577797.exe.3742670.1.raw.unpack, type: UNPACKEDPEMatched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, license = https://creativecommons.org/licenses/by-nc/4.0/, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/
    Source: 0.2.#RFQ ORDER484475577797.exe.3742670.1.raw.unpack, type: UNPACKEDPEMatched rule: NanoCore date = 2014/04, filetype = exe, author = Kevin Breen <kevin@techanarchy.net>, maltype = Remote Access Trojan, ref = http://malwareconfig.com/stats/NanoCore
    Source: 10.2.#RFQ ORDER484475577797.exe.44df817.19.raw.unpack, type: UNPACKEDPEMatched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, license = https://creativecommons.org/licenses/by-nc/4.0/, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/
    Source: 10.2.#RFQ ORDER484475577797.exe.44df817.19.raw.unpack, type: UNPACKEDPEMatched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = https://creativecommons.org/licenses/by-nc/4.0/
    Source: 10.2.#RFQ ORDER484475577797.exe.44df817.19.raw.unpack, type: UNPACKEDPEMatched rule: NanoCore date = 2014/04, filetype = exe, author = Kevin Breen <kevin@techanarchy.net>, maltype = Remote Access Trojan, ref = http://malwareconfig.com/stats/NanoCore
    Source: 10.2.#RFQ ORDER484475577797.exe.44e8646.20.unpack, type: UNPACKEDPEMatched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, license = https://creativecommons.org/licenses/by-nc/4.0/, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/
    Source: 10.2.#RFQ ORDER484475577797.exe.44e8646.20.unpack, type: UNPACKEDPEMatched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = https://creativecommons.org/licenses/by-nc/4.0/
    Source: 10.2.#RFQ ORDER484475577797.exe.6530000.31.unpack, type: UNPACKEDPEMatched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, license = https://creativecommons.org/licenses/by-nc/4.0/, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/
    Source: 10.2.#RFQ ORDER484475577797.exe.6530000.31.unpack, type: UNPACKEDPEMatched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = https://creativecommons.org/licenses/by-nc/4.0/
    Source: 10.2.#RFQ ORDER484475577797.exe.6530000.31.raw.unpack, type: UNPACKEDPEMatched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, license = https://creativecommons.org/licenses/by-nc/4.0/, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/
    Source: 10.2.#RFQ ORDER484475577797.exe.6530000.31.raw.unpack, type: UNPACKEDPEMatched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = https://creativecommons.org/licenses/by-nc/4.0/
    Source: 10.2.#RFQ ORDER484475577797.exe.42de63d.15.unpack, type: UNPACKEDPEMatched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, license = https://creativecommons.org/licenses/by-nc/4.0/, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/
    Source: 10.2.#RFQ ORDER484475577797.exe.42de63d.15.unpack, type: UNPACKEDPEMatched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = https://creativecommons.org/licenses/by-nc/4.0/
    Source: 10.2.#RFQ ORDER484475577797.exe.6580000.34.raw.unpack, type: UNPACKEDPEMatched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, license = https://creativecommons.org/licenses/by-nc/4.0/, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/
    Source: 10.2.#RFQ ORDER484475577797.exe.6580000.34.raw.unpack, type: UNPACKEDPEMatched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = https://creativecommons.org/licenses/by-nc/4.0/
    Source: 10.2.#RFQ ORDER484475577797.exe.4573940.24.unpack, type: UNPACKEDPEMatched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, license = https://creativecommons.org/licenses/by-nc/4.0/, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/
    Source: 10.2.#RFQ ORDER484475577797.exe.4573940.24.unpack, type: UNPACKEDPEMatched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = https://creativecommons.org/licenses/by-nc/4.0/
    Source: 10.2.#RFQ ORDER484475577797.exe.30e86dc.8.unpack, type: UNPACKEDPEMatched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, license = https://creativecommons.org/licenses/by-nc/4.0/, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/
    Source: 10.2.#RFQ ORDER484475577797.exe.30e86dc.8.unpack, type: UNPACKEDPEMatched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = https://creativecommons.org/licenses/by-nc/4.0/
    Source: 10.2.#RFQ ORDER484475577797.exe.6580000.34.unpack, type: UNPACKEDPEMatched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, license = https://creativecommons.org/licenses/by-nc/4.0/, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/
    Source: 10.2.#RFQ ORDER484475577797.exe.6580000.34.unpack, type: UNPACKEDPEMatched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = https://creativecommons.org/licenses/by-nc/4.0/
    Source: 10.2.#RFQ ORDER484475577797.exe.5e10000.30.raw.unpack, type: UNPACKEDPEMatched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, license = https://creativecommons.org/licenses/by-nc/4.0/, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/
    Source: 10.2.#RFQ ORDER484475577797.exe.5e10000.30.raw.unpack, type: UNPACKEDPEMatched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = https://creativecommons.org/licenses/by-nc/4.0/
    Source: 10.2.#RFQ ORDER484475577797.exe.3bf9982.11.raw.unpack, type: UNPACKEDPEMatched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, license = https://creativecommons.org/licenses/by-nc/4.0/, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/
    Source: 10.2.#RFQ ORDER484475577797.exe.3bf9982.11.raw.unpack, type: UNPACKEDPEMatched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = https://creativecommons.org/licenses/by-nc/4.0/
    Source: 10.2.#RFQ ORDER484475577797.exe.3bf9982.11.raw.unpack, type: UNPACKEDPEMatched rule: NanoCore date = 2014/04, filetype = exe, author = Kevin Breen <kevin@techanarchy.net>, maltype = Remote Access Trojan, ref = http://malwareconfig.com/stats/NanoCore
    Source: 10.2.#RFQ ORDER484475577797.exe.65fe8a4.41.raw.unpack, type: UNPACKEDPEMatched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, license = https://creativecommons.org/licenses/by-nc/4.0/, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/
    Source: 10.2.#RFQ ORDER484475577797.exe.65fe8a4.41.raw.unpack, type: UNPACKEDPEMatched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = https://creativecommons.org/licenses/by-nc/4.0/
    Source: 10.2.#RFQ ORDER484475577797.exe.5430000.26.raw.unpack, type: UNPACKEDPEMatched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, license = https://creativecommons.org/licenses/by-nc/4.0/, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/
    Source: 10.2.#RFQ ORDER484475577797.exe.5430000.26.raw.unpack, type: UNPACKEDPEMatched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = https://creativecommons.org/licenses/by-nc/4.0/
    Source: 10.2.#RFQ ORDER484475577797.exe.42de63d.15.raw.unpack, type: UNPACKEDPEMatched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, license = https://creativecommons.org/licenses/by-nc/4.0/, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/
    Source: 10.2.#RFQ ORDER484475577797.exe.42de63d.15.raw.unpack, type: UNPACKEDPEMatched rule: NanoCore date = 2014/04, filetype = exe, author = Kevin Breen <kevin@techanarchy.net>, maltype = Remote Access Trojan, ref = http://malwareconfig.com/stats/NanoCore
    Source: 10.2.#RFQ ORDER484475577797.exe.3bfe7b8.10.raw.unpack, type: UNPACKEDPEMatched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, license = https://creativecommons.org/licenses/by-nc/4.0/, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/
    Source: 10.2.#RFQ ORDER484475577797.exe.3bfe7b8.10.raw.unpack, type: UNPACKEDPEMatched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = https://creativecommons.org/licenses/by-nc/4.0/
    Source: 10.0.#RFQ ORDER484475577797.exe.400000.1.unpack, type: UNPACKEDPEMatched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, license = https://creativecommons.org/licenses/by-nc/4.0/, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/
    Source: 10.0.#RFQ ORDER484475577797.exe.400000.1.unpack, type: UNPACKEDPEMatched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = https://creativecommons.org/licenses/by-nc/4.0/
    Source: 10.0.#RFQ ORDER484475577797.exe.400000.1.unpack, type: UNPACKEDPEMatched rule: NanoCore date = 2014/04, filetype = exe, author = Kevin Breen <kevin@techanarchy.net>, maltype = Remote Access Trojan, ref = http://malwareconfig.com/stats/NanoCore
    Source: 10.2.#RFQ ORDER484475577797.exe.65f0000.40.raw.unpack, type: UNPACKEDPEMatched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, license = https://creativecommons.org/licenses/by-nc/4.0/, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/
    Source: 10.2.#RFQ ORDER484475577797.exe.65f0000.40.raw.unpack, type: UNPACKEDPEMatched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = https://creativecommons.org/licenses/by-nc/4.0/
    Source: 10.2.#RFQ ORDER484475577797.exe.65f0000.40.unpack, type: UNPACKEDPEMatched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, license = https://creativecommons.org/licenses/by-nc/4.0/, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/
    Source: 10.2.#RFQ ORDER484475577797.exe.65f0000.40.unpack, type: UNPACKEDPEMatched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = https://creativecommons.org/licenses/by-nc/4.0/
    Source: 10.2.#RFQ ORDER484475577797.exe.3c02de1.12.raw.unpack, type: UNPACKEDPEMatched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, license = https://creativecommons.org/licenses/by-nc/4.0/, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/
    Source: 10.2.#RFQ ORDER484475577797.exe.3c02de1.12.raw.unpack, type: UNPACKEDPEMatched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = https://creativecommons.org/licenses/by-nc/4.0/
    Source: 10.2.#RFQ ORDER484475577797.exe.43d6712.18.raw.unpack, type: UNPACKEDPEMatched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, license = https://creativecommons.org/licenses/by-nc/4.0/, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/
    Source: 10.2.#RFQ ORDER484475577797.exe.43d6712.18.raw.unpack, type: UNPACKEDPEMatched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = https://creativecommons.org/licenses/by-nc/4.0/
    Source: 10.2.#RFQ ORDER484475577797.exe.43d6712.18.raw.unpack, type: UNPACKEDPEMatched rule: NanoCore date = 2014/04, filetype = exe, author = Kevin Breen <kevin@techanarchy.net>, maltype = Remote Access Trojan, ref = http://malwareconfig.com/stats/NanoCore
    Source: 10.2.#RFQ ORDER484475577797.exe.30f4968.7.raw.unpack, type: UNPACKEDPEMatched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, license = https://creativecommons.org/licenses/by-nc/4.0/, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/
    Source: 10.2.#RFQ ORDER484475577797.exe.30f4968.7.raw.unpack, type: UNPACKEDPEMatched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = https://creativecommons.org/licenses/by-nc/4.0/
    Source: 10.2.#RFQ ORDER484475577797.exe.30f4968.7.raw.unpack, type: UNPACKEDPEMatched rule: NanoCore date = 2014/04, filetype = exe, author = Kevin Breen <kevin@techanarchy.net>, maltype = Remote Access Trojan, ref = http://malwareconfig.com/stats/NanoCore
    Source: 10.2.#RFQ ORDER484475577797.exe.3108fe8.9.raw.unpack, type: UNPACKEDPEMatched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, license = https://creativecommons.org/licenses/by-nc/4.0/, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/
    Source: 10.2.#RFQ ORDER484475577797.exe.3108fe8.9.raw.unpack, type: UNPACKEDPEMatched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = https://creativecommons.org/licenses/by-nc/4.0/
    Source: 10.2.#RFQ ORDER484475577797.exe.42d2409.13.raw.unpack, type: UNPACKEDPEMatched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, license = https://creativecommons.org/licenses/by-nc/4.0/, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/
    Source: 10.2.#RFQ ORDER484475577797.exe.42d2409.13.raw.unpack, type: UNPACKEDPEMatched rule: NanoCore date = 2014/04, filetype = exe, author = Kevin Breen <kevin@techanarchy.net>, maltype = Remote Access Trojan, ref = http://malwareconfig.com/stats/NanoCore
    Source: 10.2.#RFQ ORDER484475577797.exe.4577f69.22.raw.unpack, type: UNPACKEDPEMatched rule: NanoCore date = 2014/04, filetype = exe, author = Kevin Breen <kevin@techanarchy.net>, maltype = Remote Access Trojan, ref = http://malwareconfig.com/stats/NanoCore
    Source: 10.2.#RFQ ORDER484475577797.exe.2cb27c0.6.raw.unpack, type: UNPACKEDPEMatched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, license = https://creativecommons.org/licenses/by-nc/4.0/, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/
    Source: 10.2.#RFQ ORDER484475577797.exe.2cb27c0.6.raw.unpack, type: UNPACKEDPEMatched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = https://creativecommons.org/licenses/by-nc/4.0/
    Source: 10.2.#RFQ ORDER484475577797.exe.2cb27c0.6.raw.unpack, type: UNPACKEDPEMatched rule: NanoCore date = 2014/04, filetype = exe, author = Kevin Breen <kevin@techanarchy.net>, maltype = Remote Access Trojan, ref = http://malwareconfig.com/stats/NanoCore
    Source: 10.2.#RFQ ORDER484475577797.exe.2c91ed4.5.raw.unpack, type: UNPACKEDPEMatched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, license = https://creativecommons.org/licenses/by-nc/4.0/, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/
    Source: 10.2.#RFQ ORDER484475577797.exe.2c91ed4.5.raw.unpack, type: UNPACKEDPEMatched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = https://creativecommons.org/licenses/by-nc/4.0/
    Source: 10.2.#RFQ ORDER484475577797.exe.2c91ed4.5.raw.unpack, type: UNPACKEDPEMatched rule: NanoCore date = 2014/04, filetype = exe, author = Kevin Breen <kevin@techanarchy.net>, maltype = Remote Access Trojan, ref = http://malwareconfig.com/stats/NanoCore
    Source: 10.2.#RFQ ORDER484475577797.exe.4573940.24.raw.unpack, type: UNPACKEDPEMatched rule: NanoCore date = 2014/04, filetype = exe, author = Kevin Breen <kevin@techanarchy.net>, maltype = Remote Access Trojan, ref = http://malwareconfig.com/stats/NanoCore
    Source: 10.2.#RFQ ORDER484475577797.exe.42f2c6a.14.raw.unpack, type: UNPACKEDPEMatched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, license = https://creativecommons.org/licenses/by-nc/4.0/, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/
    Source: 10.2.#RFQ ORDER484475577797.exe.42f2c6a.14.raw.unpack, type: UNPACKEDPEMatched rule: NanoCore date = 2014/04, filetype = exe, author = Kevin Breen <kevin@techanarchy.net>, maltype = Remote Access Trojan, ref = http://malwareconfig.com/stats/NanoCore
    Source: 10.2.#RFQ ORDER484475577797.exe.43dfb71.17.raw.unpack, type: UNPACKEDPEMatched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, license = https://creativecommons.org/licenses/by-nc/4.0/, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/
    Source: 10.2.#RFQ ORDER484475577797.exe.43dfb71.17.raw.unpack, type: UNPACKEDPEMatched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = https://creativecommons.org/licenses/by-nc/4.0/
    Source: 10.2.#RFQ ORDER484475577797.exe.43dfb71.17.raw.unpack, type: UNPACKEDPEMatched rule: NanoCore date = 2014/04, filetype = exe, author = Kevin Breen <kevin@techanarchy.net>, maltype = Remote Access Trojan, ref = http://malwareconfig.com/stats/NanoCore
    Source: 10.2.#RFQ ORDER484475577797.exe.456eb0a.23.raw.unpack, type: UNPACKEDPEMatched rule: NanoCore date = 2014/04, filetype = exe, author = Kevin Breen <kevin@techanarchy.net>, maltype = Remote Access Trojan, ref = http://malwareconfig.com/stats/NanoCore
    Source: #RFQ ORDER484475577797.exeStatic PE information: Section: .text IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_READ
    Source: LNSXWuepjsOA.exe.0.drStatic PE information: Section: .text IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_READ
    Source: 10.2.#RFQ ORDER484475577797.exe.400000.0.unpack, u0023u003dqjIje6jGWLd2EOkfZXKqBbgu003du003d.csCryptographic APIs: 'TransformFinalBlock', 'CreateDecryptor'
    Source: 10.2.#RFQ ORDER484475577797.exe.400000.0.unpack, u0023u003dqVxXNKnhAcArgJoGGYXiyyQu003du003d.csCryptographic APIs: 'CreateDecryptor'
    Source: 10.2.#RFQ ORDER484475577797.exe.400000.0.unpack, u0023u003dqVxXNKnhAcArgJoGGYXiyyQu003du003d.csCryptographic APIs: 'TransformFinalBlock'
    Source: 10.0.#RFQ ORDER484475577797.exe.400000.3.unpack, u0023u003dqjIje6jGWLd2EOkfZXKqBbgu003du003d.csCryptographic APIs: 'TransformFinalBlock', 'CreateDecryptor'
    Source: 10.0.#RFQ ORDER484475577797.exe.400000.3.unpack, u0023u003dqVxXNKnhAcArgJoGGYXiyyQu003du003d.csCryptographic APIs: 'CreateDecryptor'
    Source: 10.0.#RFQ ORDER484475577797.exe.400000.3.unpack, u0023u003dqVxXNKnhAcArgJoGGYXiyyQu003du003d.csCryptographic APIs: 'TransformFinalBlock'
    Source: 10.2.#RFQ ORDER484475577797.exe.400000.0.unpack, u0023u003dqjIje6jGWLd2EOkfZXKqBbgu003du003d.csSecurity API names: System.Security.Principal.WindowsIdentity System.Security.Principal.WindowsIdentity::GetCurrent()
    Source: 10.2.#RFQ ORDER484475577797.exe.400000.0.unpack, u0023u003dqjIje6jGWLd2EOkfZXKqBbgu003du003d.csSecurity API names: System.Boolean System.Security.Principal.WindowsPrincipal::IsInRole(System.Security.Principal.WindowsBuiltInRole)
    Source: 10.0.#RFQ ORDER484475577797.exe.400000.3.unpack, u0023u003dqjIje6jGWLd2EOkfZXKqBbgu003du003d.csSecurity API names: System.Security.Principal.WindowsIdentity System.Security.Principal.WindowsIdentity::GetCurrent()
    Source: 10.0.#RFQ ORDER484475577797.exe.400000.3.unpack, u0023u003dqjIje6jGWLd2EOkfZXKqBbgu003du003d.csSecurity API names: System.Boolean System.Security.Principal.WindowsPrincipal::IsInRole(System.Security.Principal.WindowsBuiltInRole)
    Source: classification engineClassification label: mal100.troj.evad.winEXE@15/21@0/1
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeFile created: C:\Users\user\AppData\Roaming\LNSXWuepjsOA.exeJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeMutant created: \Sessions\1\BaseNamedObjects\qbdgyRy
    Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:1968:120:WilError_01
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeMutant created: \Sessions\1\BaseNamedObjects\Global\{44a4f7d4-4e07-4399-aab5-6ba6b60e5392}
    Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:5916:120:WilError_01
    Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:5460:120:WilError_01
    Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:4884:120:WilError_01
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeFile created: C:\Users\user\AppData\Local\Temp\tmp5439.tmpJump to behavior
    Source: #RFQ ORDER484475577797.exeStatic PE information: Section: .text IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_READ
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeSection loaded: C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\a152fe02a317a77aeee36903305e8ba6\mscorlib.ni.dllJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\a152fe02a317a77aeee36903305e8ba6\mscorlib.ni.dllJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\a152fe02a317a77aeee36903305e8ba6\mscorlib.ni.dllJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\a152fe02a317a77aeee36903305e8ba6\mscorlib.ni.dllJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeSection loaded: C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\a152fe02a317a77aeee36903305e8ba6\mscorlib.ni.dll
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeFile read: C:\Users\user\Desktop\desktop.iniJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeKey opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiersJump to behavior
    Source: #RFQ ORDER484475577797.exe, 00000000.00000002.234685013.0000000002611000.00000004.00000001.sdmpBinary or memory string: Select * from Clientes WHERE id=@id;;
    Source: #RFQ ORDER484475577797.exe, 00000000.00000002.234685013.0000000002611000.00000004.00000001.sdmpBinary or memory string: Select * from Aluguel Erro ao listar Banco sql-Aluguel.INSERT INTO Aluguel VALUES(@clienteID, @data);
    Source: #RFQ ORDER484475577797.exe, 00000000.00000002.234685013.0000000002611000.00000004.00000001.sdmpBinary or memory string: Select * from SecurityLogonType WHERE id=@id;
    Source: #RFQ ORDER484475577797.exe, 00000000.00000002.234685013.0000000002611000.00000004.00000001.sdmpBinary or memory string: Select * from SecurityLogonType WHERE modelo=@modelo;
    Source: #RFQ ORDER484475577797.exe, 00000000.00000002.234685013.0000000002611000.00000004.00000001.sdmpBinary or memory string: INSERT INTO Itens_Aluguel VALUES(@aluguelID, @aviaoID, @validade);
    Source: #RFQ ORDER484475577797.exe, 00000000.00000002.234685013.0000000002611000.00000004.00000001.sdmpBinary or memory string: Insert into Clientes values (@nome, @cpf, @rg, @cidade, @endereco, @uf, @telefone);
    Source: #RFQ ORDER484475577797.exe, 00000000.00000002.234685013.0000000002611000.00000004.00000001.sdmpBinary or memory string: INSERT INTO Aluguel VALUES(@clienteID, @data);
    Source: #RFQ ORDER484475577797.exe, 00000000.00000002.234685013.0000000002611000.00000004.00000001.sdmpBinary or memory string: INSERT INTO SecurityLogonType VALUES(@modelo, @fabricante, @ano, @cor);
    Source: #RFQ ORDER484475577797.exe, 00000000.00000002.234685013.0000000002611000.00000004.00000001.sdmpBinary or memory string: Select * from SecurityLogonType*Erro ao listar Banco sql-SecurityLogonType,Select * from SecurityLogonType WHERE id=@id;Select * from SecurityLogonType WHERE (modelo LIKE @modelo)
    Source: #RFQ ORDER484475577797.exeString found in binary or memory: <!--StartFragment -->
    Source: #RFQ ORDER484475577797.exeString found in binary or memory: -start_number {0} -i "{1}{2}"
    Source: #RFQ ORDER484475577797.exeString found in binary or memory: <!--StartFragment -->
    Source: #RFQ ORDER484475577797.exeString found in binary or memory: -start_number {0} -i "{1}{2}"
    Source: #RFQ ORDER484475577797.exeString found in binary or memory: <<<<<<<3+<!--StartFragment -->
    Source: #RFQ ORDER484475577797.exeString found in binary or memory: %0{0}d;-start_number {0} -i "{1}{2}"
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeFile read: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeJump to behavior
    Source: unknownProcess created: C:\Users\user\Desktop\#RFQ ORDER484475577797.exe 'C:\Users\user\Desktop\#RFQ ORDER484475577797.exe'
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeProcess created: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe 'C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe' Add-MpPreference -ExclusionPath 'C:\Users\user\Desktop\#RFQ ORDER484475577797.exe'
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeProcess created: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe 'C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe' Add-MpPreference -ExclusionPath 'C:\Users\user\AppData\Roaming\LNSXWuepjsOA.exe'
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeProcess created: C:\Windows\SysWOW64\schtasks.exe 'C:\Windows\System32\schtasks.exe' /Create /TN 'Updates\LNSXWuepjsOA' /XML 'C:\Users\user\AppData\Local\Temp\tmp5439.tmp'
    Source: C:\Windows\SysWOW64\schtasks.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeProcess created: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe 'C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe' Add-MpPreference -ExclusionPath 'C:\Users\user\AppData\Roaming\LNSXWuepjsOA.exe'
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeProcess created: C:\Users\user\Desktop\#RFQ ORDER484475577797.exe C:\Users\user\Desktop\#RFQ ORDER484475577797.exe
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeProcess created: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe 'C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe' Add-MpPreference -ExclusionPath 'C:\Users\user\Desktop\#RFQ ORDER484475577797.exe'Jump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeProcess created: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe 'C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe' Add-MpPreference -ExclusionPath 'C:\Users\user\AppData\Roaming\LNSXWuepjsOA.exe'Jump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeProcess created: C:\Windows\SysWOW64\schtasks.exe 'C:\Windows\System32\schtasks.exe' /Create /TN 'Updates\LNSXWuepjsOA' /XML 'C:\Users\user\AppData\Local\Temp\tmp5439.tmp'Jump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeProcess created: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe 'C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe' Add-MpPreference -ExclusionPath 'C:\Users\user\AppData\Roaming\LNSXWuepjsOA.exe'Jump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeProcess created: C:\Users\user\Desktop\#RFQ ORDER484475577797.exe C:\Users\user\Desktop\#RFQ ORDER484475577797.exeJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{95E15D0A-66E6-93D9-C53C-76E6219D3341}\InProcServer32Jump to behavior
    Source: Window RecorderWindow detected: More than 3 window changes detected
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeFile opened: C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorrc.dllJump to behavior
    Source: #RFQ ORDER484475577797.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR
    Source: #RFQ ORDER484475577797.exeStatic PE information: NO_SEH, TERMINAL_SERVER_AWARE, DYNAMIC_BASE, NX_COMPAT
    Source: #RFQ ORDER484475577797.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_DEBUG
    Source: Binary string: mscorlib.pdbC source: #RFQ ORDER484475577797.exe, 0000000A.00000003.375988604.000000000103C000.00000004.00000001.sdmp
    Source: Binary string: \??\C:\Windows\symbols\dll\System.pdb*??>' source: #RFQ ORDER484475577797.exe, 0000000A.00000003.375937251.000000000102F000.00000004.00000001.sdmp
    Source: Binary string: mscorlib.pdb source: #RFQ ORDER484475577797.exe, 0000000A.00000002.480095177.000000000105C000.00000004.00000001.sdmp
    Source: Binary string: \??\C:\Windows\symbols\dll\mscorlib.pdb source: #RFQ ORDER484475577797.exe, 0000000A.00000003.375937251.000000000102F000.00000004.00000001.sdmp
    Source: Binary string: C:\Users\Liam\Documents\Visual Studio 2013\Projects\MyNanoCore RemoteScripting\MyClientPlugin\obj\Debug\MyClientPluginNew.pdb source: #RFQ ORDER484475577797.exe, 0000000A.00000002.484331798.0000000002C1C000.00000004.00000001.sdmp
    Source: Binary string: \??\C:\Windows\mscorlib.pdb source: #RFQ ORDER484475577797.exe, 0000000A.00000002.479561466.0000000000FC3000.00000004.00000020.sdmp
    Source: Binary string: C:\Users\Administrator\Desktop\Client\Temp\zUFaivyCht\src\obj\x86\Debug\GuidStyles.pdb source: #RFQ ORDER484475577797.exe
    Source: Binary string: System.pdbd6R source: #RFQ ORDER484475577797.exe, 0000000A.00000003.292891816.0000000001054000.00000004.00000001.sdmp
    Source: Binary string: C:\Users\Liam\Documents\Visual Studio 2013\Projects\NanoCoreStressTester\NanoCoreStressTester\obj\Debug\NanoCoreStressTester.pdb source: #RFQ ORDER484475577797.exe, 0000000A.00000002.491944391.0000000004483000.00000004.00000001.sdmp
    Source: Binary string: C:\Users\Liam\Downloads\NanoCoreSwiss\MyClientPlugin\obj\Debug\MyClientPlugin.pdb source: #RFQ ORDER484475577797.exe, 0000000A.00000002.484331798.0000000002C1C000.00000004.00000001.sdmp
    Source: Binary string: C:\Windows\Microsoft.Net\assembly\GAC_32\mscorlib\v4.0_4.0.0.0__b77a5c561934e089\mscorlib.pdb source: #RFQ ORDER484475577797.exe, 0000000A.00000002.479922631.000000000103C000.00000004.00000001.sdmp
    Source: Binary string: G:\Users\Andy\Documents\Visual Studio 2013\Projects\NanocoreBasicPlugin\NanoCoreBase\obj\Debug\NanoCoreBase.pdb source: #RFQ ORDER484475577797.exe, 0000000A.00000002.484331798.0000000002C1C000.00000004.00000001.sdmp
    Source: Binary string: P:\Visual Studio Projects\Projects 15\NanoNana\MyClientPlugin\obj\Debug\MyClientPlugin.pdb source: #RFQ ORDER484475577797.exe, 0000000A.00000002.491944391.0000000004483000.00000004.00000001.sdmp
    Source: Binary string: C:\Users\Cole\Documents\Visual Studio 2013\Projects\FileBrowserPlugin\FileBrowserClient\obj\Debug\FileBrowserClient.pdb source: #RFQ ORDER484475577797.exe, 0000000A.00000002.484331798.0000000002C1C000.00000004.00000001.sdmp
    Source: Binary string: \??\C:\Windows\System.pdbF` source: #RFQ ORDER484475577797.exe, 0000000A.00000002.479561466.0000000000FC3000.00000004.00000020.sdmp

    Data Obfuscation:

    barindex
    .NET source code contains potential unpackerShow sources
    Source: 10.2.#RFQ ORDER484475577797.exe.400000.0.unpack, u0023u003dqjIje6jGWLd2EOkfZXKqBbgu003du003d.cs.Net Code: #=q_FL69pQf17BUSAFbWYu1SStMAbdu$R1GJ8VY8UL5_EA= System.Reflection.Assembly System.Reflection.Assembly::Load(System.Byte[])
    Source: 10.2.#RFQ ORDER484475577797.exe.400000.0.unpack, u0023u003dqxoz66kOqvxr21iYXZYXWiumy9eZGwFWaiX4C5X8aecUu003d.cs.Net Code: #=qKU0J1fiP8KA33eFK1owekQ== System.Reflection.Assembly System.Reflection.Assembly::Load(System.Byte[])
    Source: 10.0.#RFQ ORDER484475577797.exe.400000.3.unpack, u0023u003dqjIje6jGWLd2EOkfZXKqBbgu003du003d.cs.Net Code: #=q_FL69pQf17BUSAFbWYu1SStMAbdu$R1GJ8VY8UL5_EA= System.Reflection.Assembly System.Reflection.Assembly::Load(System.Byte[])
    Source: 10.0.#RFQ ORDER484475577797.exe.400000.3.unpack, u0023u003dqxoz66kOqvxr21iYXZYXWiumy9eZGwFWaiX4C5X8aecUu003d.cs.Net Code: #=qKU0J1fiP8KA33eFK1owekQ== System.Reflection.Assembly System.Reflection.Assembly::Load(System.Byte[])
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeCode function: 0_2_00176946 push es; iretd 0_2_00176993
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeCode function: 0_2_001769E6 push es; iretd 0_2_00176A33
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeCode function: 0_2_0E451E39 push cs; retf 0_2_0E451E40
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeCode function: 10_2_007F69E6 push es; iretd 10_2_007F6A33
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeCode function: 10_2_007F6946 push es; iretd 10_2_007F6993
    Source: initial sampleStatic PE information: section name: .text entropy: 7.61659853966
    Source: initial sampleStatic PE information: section name: .text entropy: 7.61659853966
    Source: 10.2.#RFQ ORDER484475577797.exe.400000.0.unpack, u0023u003dqJT4I5hOweIku0024xYFEeDszbikglXCuquUdu0024v9AXtyq2nsu003d.csHigh entropy of concatenated method names: '#=qBeOBlH6CwHFnQdZWWBgZ_pemudZ6CfCVcfOQtgpeG$Y=', '#=q5v5cLSMFBaxiTtOEjscx86gN2ozXlfytiL6UmXnyWtg=', '#=q_XA5h2lVGHLcY9dK754wKGrOjAm6aBbwPxcUJXgJThJUz83kMbCL53G5uuOLP6Rq', '#=qIFfr$DrKqIieRc688$vylAlBsEnx9Z3$TxvrDsPURfM=', '#=qejgvNXJQvgM2GomZsygLjreyguSPQ29pQHqjR_a0dWk=', '#=qCGokdf0OOxeMJLDkXSfc3NPmwygIQ29RjKQWj$wbNGB9C1pPgma_891QiNyTRXcA', '#=qDqyUVyJLXCtYqhZ0$opqkomqhUBn2WCeEEvGAXlNQ$I=', '#=qdImPAY1o3YhbLtukwCQ91cISaeIEWRKSYrGZ3dTVnkY=', '#=qza7O1AHrroJC7yRIJz4wINR_Sgo4hDpQrj_OYfIrlJE=', '#=q6Ct3QmvVLFC7my$dL1uEiHGmXJ5qCuK4WIhDwfhPTFs='
    Source: 10.2.#RFQ ORDER484475577797.exe.400000.0.unpack, u0023u003dqWrm21vQ8CBMZP_RBTwpusAu003du003d.csHigh entropy of concatenated method names: '#=qCgU$tDqtOAyz2b$RwfSF7UzBcCAr0rFJWxm16x7Lre0=', '#=qeD3MBfedCIuKIQf9V1u2N3YS4VXE_FOHqw_XAjWtZK8=', '#=q$mvEHEBkZud$AdHPWqsMQnw5Xm5sD4vBSSmqrKuXGOk=', '#=qZaN94n8dM6tBEf$qCdY2kbTZb5BOW8Z134$2tNv7EJs=', '#=qtlZnL8mho$rv1eTFz0Mw9UYFC_yCabEZ0xtVePn6wR5aSHE7ti3UfKg2l7D0_xk8', '#=qVS$QmQjvFfsXSqQAKGSl6HGbkse2SG0XCab4upVjtRJkvhTEk$oIS2I9Zja7id1Q', '#=qxJg7RxTW1v5mnt12xXeJiYJv_bcctbtL2BCD5MjDi45Hlz6t8vwDNTv1Rv7tgIct', '#=qp$ZVC1r9spi890l$D7IwEd3faoKeWHvv42mVq8wIIWM=', '#=qCoWHlVuoVRMkOzC7RZubJCslkxaEWn9yZiIydECf69$ktj0IPD5wAwC2H5Cc8C$L', '#=qqs1moO$mYaS72OXOWe0Z6GycslEb6e9Ipoy7ppW0O5abIp05ajv8doqdJZHlN3cK'
    Source: 10.0.#RFQ ORDER484475577797.exe.400000.3.unpack, u0023u003dqJT4I5hOweIku0024xYFEeDszbikglXCuquUdu0024v9AXtyq2nsu003d.csHigh entropy of concatenated method names: '#=qBeOBlH6CwHFnQdZWWBgZ_pemudZ6CfCVcfOQtgpeG$Y=', '#=q5v5cLSMFBaxiTtOEjscx86gN2ozXlfytiL6UmXnyWtg=', '#=q_XA5h2lVGHLcY9dK754wKGrOjAm6aBbwPxcUJXgJThJUz83kMbCL53G5uuOLP6Rq', '#=qIFfr$DrKqIieRc688$vylAlBsEnx9Z3$TxvrDsPURfM=', '#=qejgvNXJQvgM2GomZsygLjreyguSPQ29pQHqjR_a0dWk=', '#=qCGokdf0OOxeMJLDkXSfc3NPmwygIQ29RjKQWj$wbNGB9C1pPgma_891QiNyTRXcA', '#=qDqyUVyJLXCtYqhZ0$opqkomqhUBn2WCeEEvGAXlNQ$I=', '#=qdImPAY1o3YhbLtukwCQ91cISaeIEWRKSYrGZ3dTVnkY=', '#=qza7O1AHrroJC7yRIJz4wINR_Sgo4hDpQrj_OYfIrlJE=', '#=q6Ct3QmvVLFC7my$dL1uEiHGmXJ5qCuK4WIhDwfhPTFs='
    Source: 10.0.#RFQ ORDER484475577797.exe.400000.3.unpack, u0023u003dqWrm21vQ8CBMZP_RBTwpusAu003du003d.csHigh entropy of concatenated method names: '#=qCgU$tDqtOAyz2b$RwfSF7UzBcCAr0rFJWxm16x7Lre0=', '#=qeD3MBfedCIuKIQf9V1u2N3YS4VXE_FOHqw_XAjWtZK8=', '#=q$mvEHEBkZud$AdHPWqsMQnw5Xm5sD4vBSSmqrKuXGOk=', '#=qZaN94n8dM6tBEf$qCdY2kbTZb5BOW8Z134$2tNv7EJs=', '#=qtlZnL8mho$rv1eTFz0Mw9UYFC_yCabEZ0xtVePn6wR5aSHE7ti3UfKg2l7D0_xk8', '#=qVS$QmQjvFfsXSqQAKGSl6HGbkse2SG0XCab4upVjtRJkvhTEk$oIS2I9Zja7id1Q', '#=qxJg7RxTW1v5mnt12xXeJiYJv_bcctbtL2BCD5MjDi45Hlz6t8vwDNTv1Rv7tgIct', '#=qp$ZVC1r9spi890l$D7IwEd3faoKeWHvv42mVq8wIIWM=', '#=qCoWHlVuoVRMkOzC7RZubJCslkxaEWn9yZiIydECf69$ktj0IPD5wAwC2H5Cc8C$L', '#=qqs1moO$mYaS72OXOWe0Z6GycslEb6e9Ipoy7ppW0O5abIp05ajv8doqdJZHlN3cK'
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeFile created: C:\Users\user\AppData\Roaming\LNSXWuepjsOA.exeJump to dropped file

    Boot Survival:

    barindex
    Uses schtasks.exe or at.exe to add and modify task schedulesShow sources
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeProcess created: C:\Windows\SysWOW64\schtasks.exe 'C:\Windows\System32\schtasks.exe' /Create /TN 'Updates\LNSXWuepjsOA' /XML 'C:\Users\user\AppData\Local\Temp\tmp5439.tmp'

    Hooking and other Techniques for Hiding and Protection:

    barindex
    Hides that the sample has been downloaded from the Internet (zone.identifier)Show sources
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeFile opened: C:\Users\user\Desktop\#RFQ ORDER484475577797.exe:Zone.Identifier read attributes | delete
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeRegistry key monitored for changes: HKEY_CURRENT_USER_ClassesJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeProcess information set: NOOPENFILEERRORBOX

    Malware Analysis System Evasion:

    barindex
    Yara detected AntiVM3Show sources
    Source: Yara matchFile source: 00000000.00000002.234685013.0000000002611000.00000004.00000001.sdmp, type: MEMORY
    Source: Yara matchFile source: Process Memory Space: #RFQ ORDER484475577797.exe PID: 4364, type: MEMORY
    Queries sensitive video device information (via WMI, Win32_VideoController, often done to detect virtual machines)Show sources
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeWMI Queries: IWbemServices::ExecQuery - ROOT\cimv2 : SELECT * FROM Win32_VideoController
    Tries to detect sandboxes and other dynamic analysis tools (process name or module or function)Show sources
    Source: #RFQ ORDER484475577797.exe, 00000000.00000002.234685013.0000000002611000.00000004.00000001.sdmpBinary or memory string: WINE_GET_UNIX_FILE_NAME
    Source: #RFQ ORDER484475577797.exe, 00000000.00000002.234685013.0000000002611000.00000004.00000001.sdmpBinary or memory string: SBIEDLL.DLL
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeRegistry key queried: HKEY_LOCAL_MACHINE\HARDWARE\DEVICEMAP\Scsi\Scsi Port 0\Scsi Bus 0\Target Id 0\Logical Unit Id 0 name: IdentifierJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeRegistry key queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System name: SystemBiosVersionJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeRegistry key queried: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4d36e968-e325-11ce-bfc1-08002be10318}\0000 name: DriverDescJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeFile opened / queried: SCSI#CdRom&Ven_NECVMWar&Prod_VMware_SATA_CD00#5&280b647&0&000000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}Jump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeRegistry key queried: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Disk\Enum name: 0Jump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeRegistry key queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System name: VideoBiosVersionJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeThread delayed: delay time: 922337203685477Jump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477Jump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477Jump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477Jump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeThread delayed: delay time: 922337203685477
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeWindow / User API: threadDelayed 6445Jump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeWindow / User API: threadDelayed 1246Jump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeWindow / User API: threadDelayed 5640Jump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeWindow / User API: threadDelayed 1592Jump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeWindow / User API: threadDelayed 4979Jump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeWindow / User API: threadDelayed 1975Jump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeWindow / User API: threadDelayed 4133
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeWindow / User API: threadDelayed 5415
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeWindow / User API: foregroundWindowGot 865
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exe TID: 492Thread sleep time: -104116s >= -30000sJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exe TID: 5504Thread sleep time: -922337203685477s >= -30000sJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe TID: 4920Thread sleep time: -11068046444225724s >= -30000sJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe TID: 3160Thread sleep count: 5640 > 30Jump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe TID: 592Thread sleep count: 1592 > 30Jump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe TID: 6288Thread sleep count: 60 > 30Jump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe TID: 1956Thread sleep time: -1844674407370954s >= -30000sJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe TID: 6156Thread sleep count: 4979 > 30Jump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe TID: 6284Thread sleep count: 1975 > 30Jump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe TID: 6372Thread sleep count: 70 > 30Jump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe TID: 4804Thread sleep time: -922337203685477s >= -30000sJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exe TID: 6524Thread sleep time: -13835058055282155s >= -30000s
    Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeThread delayed: delay time: 104116Jump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeThread delayed: delay time: 922337203685477Jump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477Jump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477Jump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477Jump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeThread delayed: delay time: 922337203685477
    Source: #RFQ ORDER484475577797.exe, 00000000.00000002.228886588.000000000074C000.00000004.00000001.sdmpBinary or memory string: VMware
    Source: powershell.exe, 00000002.00000003.332663441.00000000051A3000.00000004.00000001.sdmp, powershell.exe, 00000004.00000003.339892232.0000000004EB3000.00000004.00000001.sdmpBinary or memory string: Hyper-V
    Source: #RFQ ORDER484475577797.exe, 0000000A.00000002.480203396.0000000001090000.00000002.00000001.sdmpBinary or memory string: A Virtual Machine could not be started because Hyper-V is not installed.
    Source: #RFQ ORDER484475577797.exe, 00000000.00000002.234685013.0000000002611000.00000004.00000001.sdmpBinary or memory string: vmware
    Source: #RFQ ORDER484475577797.exe, 00000000.00000002.234685013.0000000002611000.00000004.00000001.sdmpBinary or memory string: l%C:\PROGRAM FILES\VMWARE\VMWARE TOOLS\
    Source: #RFQ ORDER484475577797.exe, 00000000.00000002.234685013.0000000002611000.00000004.00000001.sdmpBinary or memory string: C:\PROGRAM FILES\VMWARE\VMWARE TOOLS\
    Source: #RFQ ORDER484475577797.exe, 00000000.00000002.234685013.0000000002611000.00000004.00000001.sdmpBinary or memory string: SOFTWARE\VMware, Inc.\VMware Tools
    Source: #RFQ ORDER484475577797.exe, 00000000.00000002.234685013.0000000002611000.00000004.00000001.sdmpBinary or memory string: VMware SVGA II!Add-MpPreference -ExclusionPath "
    Source: #RFQ ORDER484475577797.exe, 00000000.00000002.234685013.0000000002611000.00000004.00000001.sdmpBinary or memory string: VMWARE
    Source: #RFQ ORDER484475577797.exe, 00000000.00000002.228886588.000000000074C000.00000004.00000001.sdmpBinary or memory string: Win32_VideoController(Standard display types)VMwareLKWLNTHXWin32_VideoControllerY3LRXGNHVideoController120060621000000.000000-000.17.7471display.infMSBDAPHWEDR9KPCI\VEN_15AD&DEV_0405&SUBSYS_040515AD&REV_00\3&61AAA01&0&78OKWin32_ComputerSystemcomputer1280 x 1024 x 4294967296 colorsVATRW578
    Source: #RFQ ORDER484475577797.exe, 00000000.00000002.234685013.0000000002611000.00000004.00000001.sdmpBinary or memory string: InstallPath%C:\PROGRAM FILES\VMWARE\VMWARE TOOLS\
    Source: #RFQ ORDER484475577797.exe, 0000000A.00000002.480203396.0000000001090000.00000002.00000001.sdmpBinary or memory string: A communication protocol error has occurred between the Hyper-V Host and Guest Compute Service.
    Source: #RFQ ORDER484475577797.exe, 0000000A.00000002.480203396.0000000001090000.00000002.00000001.sdmpBinary or memory string: The communication protocol version between the Hyper-V Host and Guest Compute Services is not supported.
    Source: #RFQ ORDER484475577797.exe, 00000000.00000002.234685013.0000000002611000.00000004.00000001.sdmpBinary or memory string: VMware SVGA II
    Source: #RFQ ORDER484475577797.exe, 00000000.00000002.234685013.0000000002611000.00000004.00000001.sdmpBinary or memory string: VMWARE"SOFTWARE\VMware, Inc.\VMware ToolsLHARDWARE\DEVICEMAP\Scsi\Scsi Port 1\Scsi Bus 0\Target Id 0\Logical Unit Id 0LHARDWARE\DEVICEMAP\Scsi\Scsi Port 2\Scsi Bus 0\Target Id 0\Logical Unit Id 0'SYSTEM\ControlSet001\Services\Disk\Enum
    Source: #RFQ ORDER484475577797.exe, 00000000.00000002.234685013.0000000002611000.00000004.00000001.sdmpBinary or memory string: vmwareNSYSTEM\ControlSet001\Control\Class\{4D36E968-E325-11CE-BFC1-08002BE10318}\0000
    Source: #RFQ ORDER484475577797.exe, 00000000.00000002.234685013.0000000002611000.00000004.00000001.sdmpBinary or memory string: l"SOFTWARE\VMware, Inc.\VMware Tools
    Source: #RFQ ORDER484475577797.exe, 0000000A.00000003.375937251.000000000102F000.00000004.00000001.sdmpBinary or memory string: Hyper-V RAW%SystemRoot%\system32\mswsock.dll
    Source: powershell.exe, 00000002.00000003.332663441.00000000051A3000.00000004.00000001.sdmp, powershell.exe, 00000004.00000003.339892232.0000000004EB3000.00000004.00000001.sdmpBinary or memory string: l:C:\Windows\system32\WindowsPowerShell\v1.0\Modules\Hyper-V
    Source: #RFQ ORDER484475577797.exe, 0000000A.00000002.480203396.0000000001090000.00000002.00000001.sdmpBinary or memory string: An unknown internal message was received by the Hyper-V Compute Service.
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeProcess information queried: ProcessInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeProcess token adjusted: DebugJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess token adjusted: DebugJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess token adjusted: DebugJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess token adjusted: DebugJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeProcess token adjusted: Debug
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeMemory allocated: page read and write | page guardJump to behavior

    HIPS / PFW / Operating System Protection Evasion:

    barindex
    Adds a directory exclusion to Windows DefenderShow sources
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeProcess created: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe 'C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe' Add-MpPreference -ExclusionPath 'C:\Users\user\Desktop\#RFQ ORDER484475577797.exe'
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeProcess created: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe 'C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe' Add-MpPreference -ExclusionPath 'C:\Users\user\AppData\Roaming\LNSXWuepjsOA.exe'
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeProcess created: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe 'C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe' Add-MpPreference -ExclusionPath 'C:\Users\user\AppData\Roaming\LNSXWuepjsOA.exe'
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeProcess created: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe 'C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe' Add-MpPreference -ExclusionPath 'C:\Users\user\Desktop\#RFQ ORDER484475577797.exe'Jump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeProcess created: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe 'C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe' Add-MpPreference -ExclusionPath 'C:\Users\user\AppData\Roaming\LNSXWuepjsOA.exe'Jump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeProcess created: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe 'C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe' Add-MpPreference -ExclusionPath 'C:\Users\user\AppData\Roaming\LNSXWuepjsOA.exe'Jump to behavior
    Injects a PE file into a foreign processesShow sources
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeMemory written: C:\Users\user\Desktop\#RFQ ORDER484475577797.exe base: 400000 value starts with: 4D5AJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeProcess created: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe 'C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe' Add-MpPreference -ExclusionPath 'C:\Users\user\Desktop\#RFQ ORDER484475577797.exe'Jump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeProcess created: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe 'C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe' Add-MpPreference -ExclusionPath 'C:\Users\user\AppData\Roaming\LNSXWuepjsOA.exe'Jump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeProcess created: C:\Windows\SysWOW64\schtasks.exe 'C:\Windows\System32\schtasks.exe' /Create /TN 'Updates\LNSXWuepjsOA' /XML 'C:\Users\user\AppData\Local\Temp\tmp5439.tmp'Jump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeProcess created: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe 'C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe' Add-MpPreference -ExclusionPath 'C:\Users\user\AppData\Roaming\LNSXWuepjsOA.exe'Jump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeProcess created: C:\Users\user\Desktop\#RFQ ORDER484475577797.exe C:\Users\user\Desktop\#RFQ ORDER484475577797.exeJump to behavior
    Source: #RFQ ORDER484475577797.exe, 0000000A.00000002.494744634.00000000061AC000.00000004.00000001.sdmpBinary or memory string: Program Manager0U
    Source: #RFQ ORDER484475577797.exe, 0000000A.00000002.485887158.0000000002D81000.00000004.00000001.sdmpBinary or memory string: Program Manager
    Source: #RFQ ORDER484475577797.exe, 0000000A.00000002.482729077.00000000017A0000.00000002.00000001.sdmpBinary or memory string: Shell_TrayWnd
    Source: #RFQ ORDER484475577797.exe, 0000000A.00000002.482729077.00000000017A0000.00000002.00000001.sdmpBinary or memory string: Progman
    Source: #RFQ ORDER484475577797.exe, 0000000A.00000002.485362055.0000000002D1D000.00000004.00000001.sdmpBinary or memory string: Program Managerp
    Source: #RFQ ORDER484475577797.exe, 0000000A.00000002.496240883.0000000006A4A000.00000004.00000001.sdmpBinary or memory string: lProgram Manager0
    Source: #RFQ ORDER484475577797.exe, 0000000A.00000002.484331798.0000000002C1C000.00000004.00000001.sdmpBinary or memory string: Program Managerd+
    Source: #RFQ ORDER484475577797.exe, 0000000A.00000002.482729077.00000000017A0000.00000002.00000001.sdmpBinary or memory string: Progmanlock
    Source: #RFQ ORDER484475577797.exe, 0000000A.00000002.485887158.0000000002D81000.00000004.00000001.sdmpBinary or memory string: Program Manager|$"
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Users\user\Desktop\#RFQ ORDER484475577797.exe VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Drawing\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Accessibility\v4.0_4.0.0.0__b03f5f7f11d50a3a\Accessibility.dll VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Remoting\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\arial.ttf VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\ariali.ttf VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\arialbd.ttf VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\arialbi.ttf VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\ARIALN.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\ariblk.ttf VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\ARIALNI.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\ARIALNB.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\ARIALNBI.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\bahnschrift.ttf VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\calibri.ttf VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\calibril.ttf VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\calibrii.ttf VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\calibrili.ttf VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\calibrib.ttf VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\calibriz.ttf VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\cambria.ttc VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\cambriai.ttf VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\cambriab.ttf VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\cambriaz.ttf VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\Candara.ttf VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\Candarai.ttf VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\Candarab.ttf VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\Candaraz.ttf VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\comic.ttf VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\comici.ttf VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\comicbd.ttf VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\comicz.ttf VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\consola.ttf VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\consolai.ttf VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\consolab.ttf VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\consolaz.ttf VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\constan.ttf VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\constani.ttf VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\constanb.ttf VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\constanz.ttf VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\corbel.ttf VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\corbeli.ttf VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\corbelb.ttf VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\corbelz.ttf VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\cour.ttf VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\couri.ttf VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\courbd.ttf VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\courbi.ttf VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\ebrima.ttf VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\ebrimabd.ttf VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\framd.ttf VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\FRADM.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\framdit.ttf VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\FRADMIT.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\FRAMDCN.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\FRADMCN.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\FRAHV.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\FRAHVIT.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\Gabriola.ttf VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\gadugi.ttf VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\gadugib.ttf VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\georgia.ttf VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\georgiai.ttf VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\georgiab.ttf VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\georgiaz.ttf VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\impact.ttf VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\Inkfree.ttf VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\javatext.ttf VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\LeelawUI.ttf VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\LeelUIsl.ttf VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\LeelaUIb.ttf VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\lucon.ttf VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\l_10646.ttf VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\malgun.ttf VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\malgunsl.ttf VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\malgunbd.ttf VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\himalaya.ttf VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\msjh.ttc VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\msjhl.ttc VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\msjhbd.ttc VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\ntailu.ttf VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\ntailub.ttf VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\phagspa.ttf VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\phagspab.ttf VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\micross.ttf VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\taile.ttf VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\taileb.ttf VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\msyh.ttc VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\msyhl.ttc VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\msyhbd.ttc VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\msyi.ttf VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\mingliub.ttc VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\monbaiti.ttf VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\msgothic.ttc VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\mvboli.ttf VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\mmrtext.ttf VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\mmrtextb.ttf VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\Nirmala.ttf VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\NirmalaS.ttf VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\NirmalaB.ttf VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\pala.ttf VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\palai.ttf VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\palab.ttf VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\palabi.ttf VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\segoepr.ttf VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\segoeprb.ttf VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\segoesc.ttf VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\segoescb.ttf VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\segoeuii.ttf VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\seguisli.ttf VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\seguili.ttf VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\seguisbi.ttf VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\segoeuiz.ttf VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\seguibl.ttf VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\seguibli.ttf VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\seguiemj.ttf VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\seguihis.ttf VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\seguisym.ttf VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\simsun.ttc VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\simsunb.ttf VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\Sitka.ttc VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\SitkaI.ttc VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\SitkaB.ttc VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\SitkaZ.ttc VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\sylfaen.ttf VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\symbol.ttf VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\tahoma.ttf VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\tahomabd.ttf VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\timesi.ttf VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\timesbd.ttf VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\timesbi.ttf VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\trebuc.ttf VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\trebucit.ttf VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\trebucbd.ttf VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\trebucbi.ttf VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\verdana.ttf VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\verdanai.ttf VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\verdanab.ttf VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\verdanaz.ttf VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\webdings.ttf VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\wingding.ttf VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\YuGothR.ttc VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\YuGothM.ttc VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\YuGothL.ttc VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\YuGothB.ttc VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\holomdl2.ttf VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\CENTURY.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\LEELAWAD.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\LEELAWDB.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\MSUIGHUR.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\MSUIGHUB.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\WINGDNG2.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\WINGDNG3.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\TEMPSITC.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\PRISTINA.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\PAPYRUS.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\MISTRAL.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\LHANDW.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\ITCKRIST.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\JUICE___.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\FRSCRIPT.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\FREESCPT.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\BRADHITC.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\OUTLOOK.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\BKANT.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\ANTQUAI.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\ANTQUAB.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\ANTQUABI.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\GARA.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\GARAIT.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\GARABD.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\MTCORSVA.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\GOTHIC.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\GOTHICI.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\GOTHICB.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\GOTHICBI.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\ALGER.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\BASKVILL.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\BAUHS93.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\BELL.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\BELLI.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\BELLB.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\BRLNSR.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\BRLNSDB.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\BRLNSB.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\BERNHC.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\BOD_PSTC.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\BRITANIC.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\BROADW.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\BRUSHSCI.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\CALIFR.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\CALIFI.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\CALIFB.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\CENTAUR.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\CHILLER.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\COLONNA.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\COOPBL.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\FTLTLT.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\HARLOWSI.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\HARNGTON.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\HTOWERT.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\HTOWERTI.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\JOKERMAN.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\KUNSTLER.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\LBRITE.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\LBRITED.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\LBRITEI.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\LBRITEDI.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\LCALLIG.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\LFAX.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\LFAXD.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\LFAXI.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\LFAXDI.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\MAGNETOB.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\MATURASC.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\MOD20.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\NIAGENG.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\NIAGSOL.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\OLDENGL.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\ONYX.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\PARCHM.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\PLAYBILL.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\POORICH.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\RAVIE.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\INFROMAN.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\SHOWG.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\SNAP____.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\STENCIL.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\VINERITC.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\VIVALDII.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\VLADIMIR.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\LATINWD.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\TCM_____.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\TCMI____.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\TCB_____.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\TCBI____.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\TCCM____.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\TCCB____.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\TCCEB.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\SCRIPTBL.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\ROCK.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\ROCKI.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\ROCKB.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\ROCKEB.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\ROCKBI.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\ROCC____.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\ROCCB___.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\RAGE.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\PERTILI.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\PERTIBD.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\PER_____.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\PERI____.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\PERB____.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\PERBI___.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\PALSCRI.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\OCRAEXT.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\MAIAN.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\LTYPE.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\LTYPEO.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\LTYPEB.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\LTYPEBO.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\LSANS.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\LSANSD.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\LSANSI.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\LSANSDI.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\IMPRISHA.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\HATTEN.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\GOUDYSTO.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\GOUDOS.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\GOUDOSI.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\GOUDOSB.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\GLECB.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\GIL_____.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\GILI____.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\GILB____.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\GILBI___.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\GILC____.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\GLSNECB.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\GIGI.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\FRABK.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\FRABKIT.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\FORTE.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\FELIXTI.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\ERASMD.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\ERASLGHT.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\ERASDEMI.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\ERASBD.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\ENGR.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\ELEPHNT.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\ELEPHNTI.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\ITCEDSCR.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\CURLZ___.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\COPRGTL.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\COPRGTB.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\CENSCBK.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\SCHLBKI.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\SCHLBKB.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\SCHLBKBI.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\CASTELAR.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\CALIST.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\CALISTI.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\CALISTB.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\CALISTBI.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\BOOKOS.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\BOOKOSB.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\BOOKOSI.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\BOOKOSBI.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\BOD_R.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\BOD_I.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\BOD_B.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\BOD_BI.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\BOD_CR.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\BOD_BLAR.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\BOD_CI.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\BOD_CB.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\BOD_BLAI.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\BOD_CBI.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\ITCBLKAD.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\ARLRDBD.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\AGENCYR.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\AGENCYB.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\BSSYM7.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\REFSAN.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\REFSPCL.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\MTEXTRA.TTF VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\marlett.ttf VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Fonts\micross.ttf VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Management\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Management.dll VolumeInformationJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.PowerShell.ConsoleHost\v4.0_3.0.0.0__31bf3856ad364e35\Microsoft.PowerShell.ConsoleHost.dll VolumeInformationJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Management.Automation\v4.0_3.0.0.0__31bf3856ad364e35\System.Management.Automation.dll VolumeInformationJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Numerics\v4.0_4.0.0.0__b77a5c561934e089\System.Numerics.dll VolumeInformationJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll VolumeInformationJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Management\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Management.dll VolumeInformationJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformationJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformationJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformationJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package00113~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformationJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.PowerShell.Security\v4.0_3.0.0.0__31bf3856ad364e35\Microsoft.PowerShell.Security.dll VolumeInformationJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll VolumeInformationJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll VolumeInformationJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll VolumeInformationJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\ VolumeInformationJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package00113~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformationJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-GroupPolicy-ClientTools-WOW64-ds-Package~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformationJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-AppManagement-AppV-WOW64-Package~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformationJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\Microsoft.Management.Infrastructure.Native\v4.0_1.0.0.0__31bf3856ad364e35\Microsoft.Management.Infrastructure.Native.dll VolumeInformationJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\AppvClient\Microsoft.AppV.AppVClientPowerShell.dll VolumeInformationJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\Microsoft.AppV.AppvClientComConsumer\v4.0_10.0.0.0__31bf3856ad364e35\Microsoft.AppV.AppvClientComConsumer.dll VolumeInformationJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\Microsoft.AppV.AppvClientComConsumer\v4.0_10.0.0.0__31bf3856ad364e35\Microsoft.AppV.AppvClientComConsumer.dll VolumeInformationJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\Microsoft.AppV.AppvClientComConsumer\v4.0_10.0.0.0__31bf3856ad364e35\Microsoft.AppV.AppvClientComConsumer.dll VolumeInformationJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-SecureStartup-Subsystem-WOW64-base-Package~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformationJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-SecureStartup-Subsystem-WOW64-base-Package~31bf3856ad364e35~amd64~en-US~10.0.17134.1.cat VolumeInformationJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package00113~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformationJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.PowerShell.Commands.Utility\v4.0_3.0.0.0__31bf3856ad364e35\Microsoft.PowerShell.Commands.Utility.dll VolumeInformationJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration.Install\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll VolumeInformationJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package00113~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformationJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package00113~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformationJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\BitLocker\Microsoft.BitLocker.Structures.dll VolumeInformationJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Windows-Defender-Management-Powershell-Group-WOW64-Package~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformationJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Windows-Defender-Management-Powershell-Group-WOW64-Package~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformationJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.PowerShell.Commands.Management\v4.0_3.0.0.0__31bf3856ad364e35\Microsoft.PowerShell.Commands.Management.dll VolumeInformationJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\ VolumeInformationJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package00113~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformationJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.PowerShell.ConsoleHost\v4.0_3.0.0.0__31bf3856ad364e35\Microsoft.PowerShell.ConsoleHost.dll VolumeInformationJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Management.Automation\v4.0_3.0.0.0__31bf3856ad364e35\System.Management.Automation.dll VolumeInformationJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Numerics\v4.0_4.0.0.0__b77a5c561934e089\System.Numerics.dll VolumeInformationJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll VolumeInformationJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Management\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Management.dll VolumeInformationJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformationJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformationJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformationJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package00113~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformationJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.PowerShell.Security\v4.0_3.0.0.0__31bf3856ad364e35\Microsoft.PowerShell.Security.dll VolumeInformationJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll VolumeInformationJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll VolumeInformationJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll VolumeInformationJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\ VolumeInformationJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package00113~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformationJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-GroupPolicy-ClientTools-WOW64-ds-Package~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformationJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-AppManagement-AppV-WOW64-Package~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformationJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\Microsoft.Management.Infrastructure.Native\v4.0_1.0.0.0__31bf3856ad364e35\Microsoft.Management.Infrastructure.Native.dll VolumeInformationJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\AppvClient\Microsoft.AppV.AppVClientPowerShell.dll VolumeInformationJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\Microsoft.AppV.AppvClientComConsumer\v4.0_10.0.0.0__31bf3856ad364e35\Microsoft.AppV.AppvClientComConsumer.dll VolumeInformationJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\Microsoft.AppV.AppvClientComConsumer\v4.0_10.0.0.0__31bf3856ad364e35\Microsoft.AppV.AppvClientComConsumer.dll VolumeInformationJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\Microsoft.AppV.AppvClientComConsumer\v4.0_10.0.0.0__31bf3856ad364e35\Microsoft.AppV.AppvClientComConsumer.dll VolumeInformationJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-SecureStartup-Subsystem-WOW64-base-Package~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformationJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-SecureStartup-Subsystem-WOW64-base-Package~31bf3856ad364e35~amd64~en-US~10.0.17134.1.cat VolumeInformationJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package00113~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformationJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.PowerShell.Commands.Utility\v4.0_3.0.0.0__31bf3856ad364e35\Microsoft.PowerShell.Commands.Utility.dll VolumeInformationJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration.Install\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll VolumeInformationJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package00113~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformationJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package00113~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformationJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\BitLocker\Microsoft.BitLocker.Structures.dll VolumeInformationJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Windows-Defender-Management-Powershell-Group-WOW64-Package~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformationJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Windows-Defender-Management-Powershell-Group-WOW64-Package~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformationJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.PowerShell.Commands.Management\v4.0_3.0.0.0__31bf3856ad364e35\Microsoft.PowerShell.Commands.Management.dll VolumeInformationJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\ VolumeInformationJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package00113~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformationJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\ VolumeInformationJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package00113~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformationJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.PowerShell.ConsoleHost\v4.0_3.0.0.0__31bf3856ad364e35\Microsoft.PowerShell.ConsoleHost.dll VolumeInformationJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Management.Automation\v4.0_3.0.0.0__31bf3856ad364e35\System.Management.Automation.dll VolumeInformationJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package00113~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformationJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Numerics\v4.0_4.0.0.0__b77a5c561934e089\System.Numerics.dll VolumeInformationJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll VolumeInformationJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Management\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Management.dll VolumeInformationJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformationJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformationJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformationJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.PowerShell.Security\v4.0_3.0.0.0__31bf3856ad364e35\Microsoft.PowerShell.Security.dll VolumeInformationJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll VolumeInformationJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll VolumeInformationJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll VolumeInformationJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\ VolumeInformationJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package00113~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformationJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-GroupPolicy-ClientTools-WOW64-ds-Package~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformationJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-AppManagement-AppV-WOW64-Package~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformationJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\Microsoft.Management.Infrastructure.Native\v4.0_1.0.0.0__31bf3856ad364e35\Microsoft.Management.Infrastructure.Native.dll VolumeInformationJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\AppvClient\Microsoft.AppV.AppVClientPowerShell.dll VolumeInformationJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\Microsoft.AppV.AppvClientComConsumer\v4.0_10.0.0.0__31bf3856ad364e35\Microsoft.AppV.AppvClientComConsumer.dll VolumeInformationJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\Microsoft.AppV.AppvClientComConsumer\v4.0_10.0.0.0__31bf3856ad364e35\Microsoft.AppV.AppvClientComConsumer.dll VolumeInformationJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\Microsoft.AppV.AppvClientComConsumer\v4.0_10.0.0.0__31bf3856ad364e35\Microsoft.AppV.AppvClientComConsumer.dll VolumeInformationJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-SecureStartup-Subsystem-WOW64-base-Package~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformationJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-SecureStartup-Subsystem-WOW64-base-Package~31bf3856ad364e35~amd64~en-US~10.0.17134.1.cat VolumeInformationJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package00113~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformationJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.PowerShell.Commands.Utility\v4.0_3.0.0.0__31bf3856ad364e35\Microsoft.PowerShell.Commands.Utility.dll VolumeInformationJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration.Install\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll VolumeInformationJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package00113~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformationJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package00113~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformationJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\BitLocker\Microsoft.BitLocker.Structures.dll VolumeInformationJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Windows-Defender-Management-Powershell-Group-WOW64-Package~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformationJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Windows-Defender-Management-Powershell-Group-WOW64-Package~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformationJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.PowerShell.Commands.Management\v4.0_3.0.0.0__31bf3856ad364e35\Microsoft.PowerShell.Commands.Management.dll VolumeInformationJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\ VolumeInformationJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package00113~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformationJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\ VolumeInformationJump to behavior
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package00113~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformationJump to behavior
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Users\user\Desktop\#RFQ ORDER484475577797.exe VolumeInformation
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll VolumeInformation
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Drawing\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll VolumeInformation
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll VolumeInformation
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Accessibility\v4.0_4.0.0.0__b03f5f7f11d50a3a\Accessibility.dll VolumeInformation
    Source: C:\Users\user\Desktop\#RFQ ORDER484475577797.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography MachineGuidJump to behavior

    Stealing of Sensitive Information:

    barindex
    Yara detected Nanocore RATShow sources
    Source: Yara matchFile source: 0000000A.00000000.222827759.0000000000402000.00000040.00000001.sdmp, type: MEMORY
    Source: Yara matchFile source: 0000000A.00000002.483639790.0000000002BB1000.00000004.00000001.sdmp, type: MEMORY
    Source: Yara matchFile source: 0000000A.00000000.223631637.0000000000402000.00000040.00000001.sdmp, type: MEMORY
    Source: Yara matchFile source: 00000000.00000002.237223638.0000000003611000.00000004.00000001.sdmp, type: MEMORY
    Source: Yara matchFile source: 0000000A.00000002.489457795.0000000003BF9000.00000004.00000001.sdmp, type: MEMORY
    Source: Yara matchFile source: 0000000A.00000002.467232540.0000000000402000.00000040.00000001.sdmp, type: MEMORY
    Source: Yara matchFile source: 0000000A.00000002.494542186.0000000005E10000.00000004.00000001.sdmp, type: MEMORY
    Source: Yara matchFile source: 0000000A.00000002.491386366.0000000004223000.00000004.00000001.sdmp, type: MEMORY
    Source: Yara matchFile source: 0000000A.00000002.491745715.00000000043D6000.00000004.00000001.sdmp, type: MEMORY
    Source: Yara matchFile source: 0000000A.00000002.492065013.000000000456E000.00000004.00000001.sdmp, type: MEMORY
    Source: Yara matchFile source: Process Memory Space: #RFQ ORDER484475577797.exe PID: 1048, type: MEMORY
    Source: Yara matchFile source: 10.2.#RFQ ORDER484475577797.exe.5e14629.29.raw.unpack, type: UNPACKEDPE
    Source: Yara matchFile source: 10.2.#RFQ ORDER484475577797.exe.400000.0.unpack, type: UNPACKEDPE
    Source: Yara matchFile source: 10.2.#RFQ ORDER484475577797.exe.5e10000.30.unpack, type: UNPACKEDPE
    Source: Yara matchFile source: 10.2.#RFQ ORDER484475577797.exe.43db548.16.unpack, type: UNPACKEDPE
    Source: Yara matchFile source: 10.0.#RFQ ORDER484475577797.exe.400000.3.unpack, type: UNPACKEDPE
    Source: Yara matchFile source: 0.2.#RFQ ORDER484475577797.exe.3742670.1.unpack, type: UNPACKEDPE
    Source: Yara matchFile source: 10.2.#RFQ ORDER484475577797.exe.3bfe7b8.10.unpack, type: UNPACKEDPE
    Source: Yara matchFile source: 10.2.#RFQ ORDER484475577797.exe.43db548.16.raw.unpack, type: UNPACKEDPE
    Source: Yara matchFile source: 0.2.#RFQ ORDER484475577797.exe.3742670.1.raw.unpack, type: UNPACKEDPE
    Source: Yara matchFile source: 10.2.#RFQ ORDER484475577797.exe.4573940.24.unpack, type: UNPACKEDPE
    Source: Yara matchFile source: 10.2.#RFQ ORDER484475577797.exe.5e10000.30.raw.unpack, type: UNPACKEDPE
    Source: Yara matchFile source: 10.2.#RFQ ORDER484475577797.exe.3bf9982.11.raw.unpack, type: UNPACKEDPE
    Source: Yara matchFile source: 10.2.#RFQ ORDER484475577797.exe.42de63d.15.raw.unpack, type: UNPACKEDPE
    Source: Yara matchFile source: 10.2.#RFQ ORDER484475577797.exe.3bfe7b8.10.raw.unpack, type: UNPACKEDPE
    Source: Yara matchFile source: 10.0.#RFQ ORDER484475577797.exe.400000.1.unpack, type: UNPACKEDPE
    Source: Yara matchFile source: 10.2.#RFQ ORDER484475577797.exe.3c02de1.12.raw.unpack, type: UNPACKEDPE
    Source: Yara matchFile source: 10.2.#RFQ ORDER484475577797.exe.43d6712.18.raw.unpack, type: UNPACKEDPE
    Source: Yara matchFile source: 10.2.#RFQ ORDER484475577797.exe.4577f69.22.raw.unpack, type: UNPACKEDPE
    Source: Yara matchFile source: 10.2.#RFQ ORDER484475577797.exe.42d2409.13.raw.unpack, type: UNPACKEDPE
    Source: Yara matchFile source: 10.2.#RFQ ORDER484475577797.exe.4573940.24.raw.unpack, type: UNPACKEDPE
    Source: Yara matchFile source: 10.2.#RFQ ORDER484475577797.exe.42f2c6a.14.raw.unpack, type: UNPACKEDPE
    Source: Yara matchFile source: 10.2.#RFQ ORDER484475577797.exe.43dfb71.17.raw.unpack, type: UNPACKEDPE
    Source: Yara matchFile source: 10.2.#RFQ ORDER484475577797.exe.456eb0a.23.raw.unpack, type: UNPACKEDPE

    Remote Access Functionality:

    barindex
    Detected Nanocore RatShow sources
    Source: #RFQ ORDER484475577797.exe, 0000000A.00000002.494989235.0000000006530000.00000004.00000001.sdmpString found in binary or memory: NanoCore.ClientPluginHost
    Source: #RFQ ORDER484475577797.exe, 0000000A.00000002.491944391.0000000004483000.00000004.00000001.sdmpString found in binary or memory: <Module>mscorlibMicrosoft.VisualBasicMyApplicationNanoCoreStressTester.MyMyComputerMyProjectMyWebServicesThreadSafeObjectProvider`1ClientMainNanoCoreStressTesterClientPluginHTTPFloodSlowLorisSYNFloodTCPNanoCoreStressTester.FloodUDPSendSynCommandHandlerResourcesNanoCoreStressTester.My.ResourcesMySettingsMySettingsPropertyCommandsMethodsMicrosoft.VisualBasic.ApplicationServicesApplicationBase.ctorMicrosoft.VisualBasic.DevicesComputerSystemObject.cctorget_Computerm_ComputerObjectProviderget_Applicationm_AppObjectProviderUserget_Userm_UserObjectProviderget_WebServicesm_MyWebServicesObjectProviderApplicationWebServicesEqualsoGetHashCodeTypeGetTypeToStringCreate__Instance__TinstanceDispose__Instance__get_GetInstanceMicrosoft.VisualBasic.MyServices.InternalContextValue`1m_ContextGetInstanceNanoCore.ClientPluginHostIClientLoggingHostLoggingHostIClientNetworkHostNetworkHostIClientDataHostDataHostClientGUIDSendCommandparamsInitializePluginNanoCore.ClientPluginIClientNetwork_networkhost_loggingHost_DataHostBuildingHostCacheConnectionFailedhostportConnectionStateChangedconnectedPipeClosedpipeNamePipeCreatedReadPacketStartHostToAttackArrayUploadDataSiteUserAgentRefererValuesGeneratecodelengthSystem.ThreadingThreadThreadsPortToAttackTimeToAttackThreadstoUseThreadsEndedattacksAttackRunningFloodnewHostnewPortnewTimenewThreadslolStopSlowlorisStressThreadStart_floodingJob_floodingThreadSystem.NetIPEndPoint_ipEo_synClassHostIsEnabledPortSuperSynSocketsStartSuperSynStopSuperSynSystem.Net.SocketsSocketClientIPPacketsPacketSizeMaxPacketsStopFloodmPacketspSize_sockipEosuperSynSockets__1IAsyncResultOnConnectarSendFloodingstopHTTPBytesSentSYNConnectionsHTTPDataSentMethodTargetAddressTargetStatusupdateBytesnewSYNFloodHandleDDOSCommandHandleStopCommandSystem.TimersElapsedEventArgsbytesTimerElapsedsourceeHandleHTTPCommandHandleSlowlorisCommandHandleTCPCommandHandleUDPCommandHandleSYNCommandSystem.ResourcesResourceManagerresourceManSystem.GlobalizationCultureInforesourceCultureget_ResourceManagerget_Cultureset_CultureValueCultureSystem.ConfigurationApplicationSettingsBasedefaultInstanceget_DefaultDefaultget_SettingsSettingsEnumvalue__sendStressCommandupdateStatusColumnstopStressCommandHTTPSlowlorisSYNSystem.ComponentModelEditorBrowsableAttributeEditorBrowsableStateSystem.CodeDom.CompilerGeneratedCodeAttributeSystem.DiagnosticsDebuggerNonUserCodeAttributeDebuggerHiddenAttributeMicrosoft.VisualBasic.CompilerServicesStandardModuleAttributeHideModuleNameAttributeSystem.ComponentModel.DesignHelpKeywordAttributeSystem.Runtime.CompilerServicesRuntimeHelpersGetObjectValueRuntimeTypeHandleGetTypeFromHandleActivatorCreateInstanceMyGroupCollectionAttributeget_Valueset_ValueSystem.Runtime.InteropServicesComVisibleAttributeExceptionSendToServerProjectDataSetProjectErrorClearProjectErrorTimerNanoCoreIClientNameObjectCollectionget_VariablesGetValueset_Intervalset_EnabledElapsedEventHandleradd_ElapsedParamArrayAttributeRandomGuidStringIsNullOrEmptyArgumentNullExceptionArgumentOutOfRangeExce
    Source: #RFQ ORDER484475577797.exe, 0000000A.00000002.484331798.0000000002C1C000.00000004.00000001.sdmpString found in binary or memory: <Module>mscorlibMicrosoft.VisualBasicMyApplicationNanoCoreBase.MyMyComputerMyProjectMyWebServicesThreadSafeObjectProvider`1ClientMainNanoCoreBaseClientPluginCommandHandlerResourcesNanoCoreBase.My.ResourcesMySettingsMySettingsPropertyCommandsMicrosoft.VisualBasic.ApplicationServicesApplicationBase.ctorMicrosoft.VisualBasic.DevicesComputerSystemObject.cctorget_Computerm_ComputerObjectProviderget_Applicationm_AppObjectProviderUserget_Userm_UserObjectProviderget_WebServicesm_MyWebServicesObjectProviderApplicationWebServicesEqualsoGetHashCodeTypeGetTypeToStringCreate__Instance__TinstanceDispose__Instance__get_GetInstanceMicrosoft.VisualBasic.MyServices.InternalContextValue`1m_ContextGetInstanceNanoCore.ClientPluginHostIClientLoggingHostLoggingHostIClientNetworkHostNetworkHostSendCommandparamsInitializePluginNanoCore.ClientPluginIClientNetwork_networkhost_loggingHostBuildingHostCacheConnectionFailedhostportConnectionStateChangedconnectedPipeClosedpipeNamePipeCreatedReadPacketHandleCommandHandleCommandOpenWebsiteHandleCommandMessageBoxSwapMouseButtonfSwapuser32.dllHandleCommandMouseSwapHandleCommandMouseUnswapmciSendStringlpszCommandlpszReturnStringcchReturnLengthhwndCallbackwinmm.dllmciSendStringAHandleCommandCDTrayHandleCommandCDTrayCloseSystem.ResourcesResourceManagerresourceManSystem.GlobalizationCultureInforesourceCultureget_ResourceManagerget_Cultureset_CultureValueCultureSystem.ConfigurationApplicationSettingsBasedefaultInstanceget_DefaultDefaultget_SettingsSettingsEnumvalue__OpenWebsiteMessageBoxCDTrayCDTrayCloseMouseSwapMouseUnswapSystem.ComponentModelEditorBrowsableAttributeEditorBrowsableStateSystem.CodeDom.CompilerGeneratedCodeAttributeSystem.DiagnosticsDebuggerNonUserCodeAttributeDebuggerHiddenAttributeMicrosoft.VisualBasic.CompilerServicesStandardModuleAttributeHideModuleNameAttributeSystem.ComponentModel.DesignHelpKeywordAttributeSystem.Runtime.CompilerServicesRuntimeHelpersGetObjectValueRuntimeTypeHandleGetTypeFromHandleActivatorCreateInstanceMyGroupCollectionAttributeget_Valueset_ValueSystem.Runtime.InteropServicesComVisibleAttributeSendToServerParamArrayAttributeStringProcessStartSystem.Windows.FormsDialogResultShowConversionsReferenceEqualsSystem.ReflectionAssemblyget_AssemblyCompilerGeneratedAttributeSettingsBaseSynchronizedNanoCoreBase.Resources.resourcesDebuggableAttributeDebuggingModesCompilationRelaxationsAttributeRuntimeCompatibilityAttributeAssemblyFileVersionAttributeGuidAttributeAssemblyTrademarkAttributeAssemblyCopyrightAttributeAssemblyProductAttributeAssemblyCompanyAttributeAssemblyDescriptionAttributeAssemblyTitleAttributeNanoCoreBase.dll+set CDAudio door open/set CDAudio door closed-NanoCoreBase.Resources3
    Source: #RFQ ORDER484475577797.exe, 0000000A.00000002.484331798.0000000002C1C000.00000004.00000001.sdmpString found in binary or memory: <Module>mscorlibMicrosoft.VisualBasicMyApplicationFileBrowserClient.MyMyComputerMyProjectMyWebServicesThreadSafeObjectProvider`1ClientMainFileBrowserClientClientPluginCommandHandlersResourcesFileBrowserClient.My.ResourcesMySettingsMySettingsPropertyFunctionsCommandTypesMicrosoft.VisualBasic.ApplicationServicesApplicationBase.ctorMicrosoft.VisualBasic.DevicesComputerSystemObject.cctorget_Computerm_ComputerObjectProviderget_Applicationm_AppObjectProviderUserget_Userm_UserObjectProviderget_WebServicesm_MyWebServicesObjectProviderApplicationWebServicesEqualsoGetHashCodeTypeGetTypeToStringCreate__Instance__TinstanceDispose__Instance__get_GetInstanceMicrosoft.VisualBasic.MyServices.InternalContextValue`1m_ContextGetInstanceNanoCore.ClientPluginHostIClientLoggingHostLoggingHostIClientNetworkHostNetworkHostCurrentDirectoryInitializePluginNanoCore.ClientPluginIClientNetwork_loggingHost_networkHostBuildingHostCacheConnectionFailedhostportConnectionStateChangedconnectedPipeClosedpipeNamePipeCreatedReadPacketparamsHandleCreateDirectoryremoteDirHandleDeleteFileremoteFileisDirectoryHandleOpenFileHandleReceiveFilelocalFileHandleRenameFilenewFileNameHandleSetCurrentDirectorypathHandleDeleteHandleDownloadHandleDrivesHandleFilesHandleGetCurrentDirectoryHandleMachineNameHandleOpenHandleSetCurrentDirectoryPacketHandleUploadHandleRenameHandleCreateSendCurrentDirectorySendDrivesSendFileSendFilesSendMachineNameSystem.ResourcesResourceManagerresourceManSystem.GlobalizationCultureInforesourceCultureget_ResourceManagerget_Cultureset_CulturevalueCultureSystem.ConfigurationApplicationSettingsBasedefaultInstanceget_DefaultDefaultget_SettingsSettingsSystem.Collections.GenericList`1RemoteFilesRemoteFoldersRemoteDrivesEnumerateRemoteFilesEnumerateRemoteDrivesLogMessagemessageEnumvalue__MachineNameDrivesFilesGetCurrentDirectorySetCurrentDirectoryDownloadUploadOpenDeleteCreateDirectoryRenameSystem.ComponentModelEditorBrowsableAttributeEditorBrowsableStateSystem.CodeDom.CompilerGeneratedCodeAttributeSystem.DiagnosticsDebuggerNonUserCodeAttributeDebuggerHiddenAttributeMicrosoft.VisualBasic.CompilerServicesStandardModuleAttributeHideModuleNameAttributeSystem.ComponentModel.DesignHelpKeywordAttributeSystem.Runtime.CompilerServicesRuntimeHelpersGetObjectValueRuntimeTypeHandleGetTypeFromHandleActivatorCreateInstanceMyGroupCollectionAttributeget_Valueset_ValueSystem.Runtime.InteropServicesComVisibleAttributeEnvironmentSpecialFolderGetFolderPathStringFormatSystem.IODirectoryDirectoryInfoProjectDataExceptionSetProjectErrorClearProjectErrorFileLogClientExceptionProcessStartConvertFromBase64StringWriteAllBytesMoveSendToServerConversionsToBooleanInt32NewLateBindingLateIndexGetEnumeratorEmptyGetEnumeratorget_CurrentTrimConcatMoveNextIDisposableDisposeReadAllBytesToBase64StringIsNullOrEmptyget_MachineNameToUpperget_UserNameReferenceEqualsSystem.ReflectionAssemblyget_AssemblyCompilerGeneratedAttributeSettingsBaseSynchronizedFileInfoFileSystemInfoget_FullNameContainsGetDirectoriesget_NameAddGetF
    Source: #RFQ ORDER484475577797.exe, 0000000A.00000002.484331798.0000000002C1C000.00000004.00000001.sdmpString found in binary or memory: <Module>mscorlibMicrosoft.VisualBasicMyApplicationMyClientPlugin.MyMyComputerMyProjectMyWebServicesThreadSafeObjectProvider`1ClientMainMyClientPluginClientPluginMiscCommandHandlerCommandTypeMiscCommandMicrosoft.VisualBasic.ApplicationServicesApplicationBase.ctorMicrosoft.VisualBasic.DevicesComputerSystemObject.cctorget_Computerm_ComputerObjectProviderget_Applicationm_AppObjectProviderUserget_Userm_UserObjectProviderget_WebServicesm_MyWebServicesObjectProviderApplicationWebServicesEqualsoGetHashCodeTypeGetTypeToStringCreate__Instance__TinstanceDispose__Instance__get_GetInstanceMicrosoft.VisualBasic.MyServices.InternalContextValue`1m_ContextGetInstanceNanoCore.ClientPluginHostIClientLoggingHostLoggingHostInitializePluginNanoCore.ClientPluginIClientNetwork_loggingHostBuildingHostCacheConnectionFailedhostportConnectionStateChangedconnectedPipeClosedpipeNamePipeCreatedReadPacketparamsHandleMiscCommandHandleMiscCommandMessageInterpretRecievedcommandtodoloopkeysEnumvalue__MessageStringExceptionMicrosoft.VisualBasic.CompilerServicesOperatorsCompareStringServerComputerMicrosoft.VisualBasic.MyServicesRegistryProxyget_RegistryMicrosoft.Win32RegistryKeyget_LocalMachineConcatInt32SetValueProjectDataSetProjectErrorClearProjectErrorget_LengthStandardModuleAttributeSystem.ComponentModelEditorBrowsableAttributeEditorBrowsableStateSystem.CodeDom.CompilerGeneratedCodeAttributeSystem.DiagnosticsDebuggerNonUserCodeAttributeDebuggerHiddenAttributeHideModuleNameAttributeSystem.ComponentModel.DesignHelpKeywordAttributeSystem.Runtime.CompilerServicesRuntimeHelpersGetObjectValueRuntimeTypeHandleGetTypeFromHandleActivatorCreateInstanceMyGroupCollectionAttributeget_Valueset_ValueSystem.Runtime.InteropServicesComVisibleAttributeDebuggableAttributeDebuggingModesCompilationRelaxationsAttributeRuntimeCompatibilityAttributeSystem.ReflectionAssemblyFileVersionAttributeGuidAttributeAssemblyTrademarkAttributeAssemblyCopyrightAttributeAssemblyProductAttributeAssemblyCompanyAttributeAssemblyDescriptionAttributeAssemblyTitleAttributeMyClientPlugin.dll'DisableWebcamLights
    Source: #RFQ ORDER484475577797.exe, 0000000A.00000002.484331798.0000000002C1C000.00000004.00000001.sdmpString found in binary or memory: <Module>mscorlibMicrosoft.VisualBasicMyApplicationNanoCore.MyMyComputerMyProjectMyWebServicesThreadSafeObjectProvider`1IClientNetworkNanoCore.ClientPluginIClientDataIClientAppIClientDataHostNanoCore.ClientPluginHostIClientNetworkHostIClientUIHostIClientLoggingHostIClientAppHostIClientNameObjectCollectionNanoCoreIClientReadOnlyNameObjectCollectionClientInvokeDelegateMicrosoft.VisualBasic.ApplicationServicesApplicationBase.ctorMicrosoft.VisualBasic.DevicesComputerSystemObject.cctorget_Computerm_ComputerObjectProviderget_Applicationm_AppObjectProviderUserget_Userm_UserObjectProviderget_WebServicesm_MyWebServicesObjectProviderApplicationWebServicesEqualsoGetHashCodeTypeGetTypeToStringCreate__Instance__TinstanceDispose__Instance__get_GetInstanceMicrosoft.VisualBasic.MyServices.InternalContextValue`1m_ContextGetInstanceReadPacketpipeNameparamsPipeCreatedPipeClosedConnectionStateChangedconnectedConnectionFailedhostportBuildingHostCacheVariableChangednameClientSettingChangedPluginUninstallingClientUninstallingget_Variablesget_ClientSettingsget_BuilderSettingsVariablesClientSettingsBuilderSettingsget_ConnectedClosePipePipeExistsRebuildHostCacheAddHostEntryDisconnectSendToServercompressConnectedInvokemethodstateLogClientMessagemessageExceptionLogClientExceptionexsiteRestartShutdownDisableProtectionRestoreProtectionUninstallEntryExistsSystem.Collections.GenericKeyValuePair`2GetEntriesGetValuedefaultValueSetValuevalueRemoveValueMulticastDelegateTargetObjectTargetMethodIAsyncResultAsyncCallbackBeginInvokeDelegateCallbackDelegateAsyncStateEndInvokeDelegateAsyncResultSystem.ComponentModelEditorBrowsableAttributeEditorBrowsableStateSystem.CodeDom.CompilerGeneratedCodeAttributeSystem.DiagnosticsDebuggerHiddenAttributeMicrosoft.VisualBasic.CompilerServicesStandardModuleAttributeHideModuleNameAttributeSystem.ComponentModel.DesignHelpKeywordAttributeSystem.Runtime.CompilerServicesRuntimeHelpersGetObjectValueRuntimeTypeHandleGetTypeFromHandleActivatorCreateInstanceMyGroupCollectionAttributeget_Valueset_ValueSystem.Runtime.InteropServicesComVisibleAttributeParamArrayAttributeCompilationRelaxationsAttributeRuntimeCompatibilityAttributeSystem.ReflectionAssemblyFileVersionAttributeGuidAttributeAssemblyTrademarkAttributeAssemblyCopyrightAttributeAssemblyProductAttributeAssemblyCompanyAttributeAssemblyDescriptionAttributeAssemblyTitleAttributeClientPluginClientPlugin.dll
    Yara detected Nanocore RATShow sources
    Source: Yara matchFile source: 0000000A.00000000.222827759.0000000000402000.00000040.00000001.sdmp, type: MEMORY
    Source: Yara matchFile source: 0000000A.00000002.483639790.0000000002BB1000.00000004.00000001.sdmp, type: MEMORY
    Source: Yara matchFile source: 0000000A.00000000.223631637.0000000000402000.00000040.00000001.sdmp, type: MEMORY
    Source: Yara matchFile source: 00000000.00000002.237223638.0000000003611000.00000004.00000001.sdmp, type: MEMORY
    Source: Yara matchFile source: 0000000A.00000002.489457795.0000000003BF9000.00000004.00000001.sdmp, type: MEMORY
    Source: Yara matchFile source: 0000000A.00000002.467232540.0000000000402000.00000040.00000001.sdmp, type: MEMORY
    Source: Yara matchFile source: 0000000A.00000002.494542186.0000000005E10000.00000004.00000001.sdmp, type: MEMORY
    Source: Yara matchFile source: 0000000A.00000002.491386366.0000000004223000.00000004.00000001.sdmp, type: MEMORY
    Source: Yara matchFile source: 0000000A.00000002.491745715.00000000043D6000.00000004.00000001.sdmp, type: MEMORY
    Source: Yara matchFile source: 0000000A.00000002.492065013.000000000456E000.00000004.00000001.sdmp, type: MEMORY
    Source: Yara matchFile source: Process Memory Space: #RFQ ORDER484475577797.exe PID: 1048, type: MEMORY
    Source: Yara matchFile source: 10.2.#RFQ ORDER484475577797.exe.5e14629.29.raw.unpack, type: UNPACKEDPE
    Source: Yara matchFile source: 10.2.#RFQ ORDER484475577797.exe.400000.0.unpack, type: UNPACKEDPE
    Source: Yara matchFile source: 10.2.#RFQ ORDER484475577797.exe.5e10000.30.unpack, type: UNPACKEDPE
    Source: Yara matchFile source: 10.2.#RFQ ORDER484475577797.exe.43db548.16.unpack, type: UNPACKEDPE
    Source: Yara matchFile source: 10.0.#RFQ ORDER484475577797.exe.400000.3.unpack, type: UNPACKEDPE
    Source: Yara matchFile source: 0.2.#RFQ ORDER484475577797.exe.3742670.1.unpack, type: UNPACKEDPE
    Source: Yara matchFile source: 10.2.#RFQ ORDER484475577797.exe.3bfe7b8.10.unpack, type: UNPACKEDPE
    Source: Yara matchFile source: 10.2.#RFQ ORDER484475577797.exe.43db548.16.raw.unpack, type: UNPACKEDPE
    Source: Yara matchFile source: 0.2.#RFQ ORDER484475577797.exe.3742670.1.raw.unpack, type: UNPACKEDPE
    Source: Yara matchFile source: 10.2.#RFQ ORDER484475577797.exe.4573940.24.unpack, type: UNPACKEDPE
    Source: Yara matchFile source: 10.2.#RFQ ORDER484475577797.exe.5e10000.30.raw.unpack, type: UNPACKEDPE
    Source: Yara matchFile source: 10.2.#RFQ ORDER484475577797.exe.3bf9982.11.raw.unpack, type: UNPACKEDPE
    Source: Yara matchFile source: 10.2.#RFQ ORDER484475577797.exe.42de63d.15.raw.unpack, type: UNPACKEDPE
    Source: Yara matchFile source: 10.2.#RFQ ORDER484475577797.exe.3bfe7b8.10.raw.unpack, type: UNPACKEDPE
    Source: Yara matchFile source: 10.0.#RFQ ORDER484475577797.exe.400000.1.unpack, type: UNPACKEDPE
    Source: Yara matchFile source: 10.2.#RFQ ORDER484475577797.exe.3c02de1.12.raw.unpack, type: UNPACKEDPE
    Source: Yara matchFile source: 10.2.#RFQ ORDER484475577797.exe.43d6712.18.raw.unpack, type: UNPACKEDPE
    Source: Yara matchFile source: 10.2.#RFQ ORDER484475577797.exe.4577f69.22.raw.unpack, type: UNPACKEDPE
    Source: Yara matchFile source: 10.2.#RFQ ORDER484475577797.exe.42d2409.13.raw.unpack, type: UNPACKEDPE
    Source: Yara matchFile source: 10.2.#RFQ ORDER484475577797.exe.4573940.24.raw.unpack, type: UNPACKEDPE
    Source: Yara matchFile source: 10.2.#RFQ ORDER484475577797.exe.42f2c6a.14.raw.unpack, type: UNPACKEDPE
    Source: Yara matchFile source: 10.2.#RFQ ORDER484475577797.exe.43dfb71.17.raw.unpack, type: UNPACKEDPE
    Source: Yara matchFile source: 10.2.#RFQ ORDER484475577797.exe.456eb0a.23.raw.unpack, type: UNPACKEDPE

    Mitre Att&ck Matrix

    Initial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionExfiltrationCommand and ControlNetwork EffectsRemote Service EffectsImpact
    Valid AccountsWindows Management Instrumentation1Scheduled Task/Job1Process Injection112Masquerading1Input Capture11Query Registry1Remote ServicesInput Capture11Exfiltration Over Other Network MediumEncrypted Channel1Eavesdrop on Insecure Network CommunicationRemotely Track Device Without AuthorizationModify System Partition
    Default AccountsCommand and Scripting Interpreter2Boot or Logon Initialization ScriptsScheduled Task/Job1Disable or Modify Tools11LSASS MemorySecurity Software Discovery211Remote Desktop ProtocolArchive Collected Data11Exfiltration Over BluetoothNon-Standard Port1Exploit SS7 to Redirect Phone Calls/SMSRemotely Wipe Data Without AuthorizationDevice Lockout
    Domain AccountsScheduled Task/Job1Logon Script (Windows)Logon Script (Windows)Virtualization/Sandbox Evasion131Security Account ManagerProcess Discovery2SMB/Windows Admin SharesData from Network Shared DriveAutomated ExfiltrationRemote Access Software1Exploit SS7 to Track Device LocationObtain Device Cloud BackupsDelete Device Data
    Local AccountsAt (Windows)Logon Script (Mac)Logon Script (Mac)Process Injection112NTDSVirtualization/Sandbox Evasion131Distributed Component Object ModelInput CaptureScheduled TransferApplication Layer Protocol1SIM Card SwapCarrier Billing Fraud
    Cloud AccountsCronNetwork Logon ScriptNetwork Logon ScriptDeobfuscate/Decode Files or Information1LSA SecretsApplication Window Discovery1SSHKeyloggingData Transfer Size LimitsFallback ChannelsManipulate Device CommunicationManipulate App Store Rankings or Ratings
    Replication Through Removable MediaLaunchdRc.commonRc.commonHidden Files and Directories1Cached Domain CredentialsFile and Directory Discovery1VNCGUI Input CaptureExfiltration Over C2 ChannelMultiband CommunicationJamming or Denial of ServiceAbuse Accessibility Features
    External Remote ServicesScheduled TaskStartup ItemsStartup ItemsObfuscated Files or Information2DCSyncSystem Information Discovery12Windows Remote ManagementWeb Portal CaptureExfiltration Over Alternative ProtocolCommonly Used PortRogue Wi-Fi Access PointsData Encrypted for Impact
    Drive-by CompromiseCommand and Scripting InterpreterScheduled Task/JobScheduled Task/JobSoftware Packing13Proc FilesystemNetwork Service ScanningShared WebrootCredential API HookingExfiltration Over Symmetric Encrypted Non-C2 ProtocolApplication Layer ProtocolDowngrade to Insecure ProtocolsGenerate Fraudulent Advertising Revenue

    Behavior Graph

    Hide Legend

    Legend:

    • Process
    • Signature
    • Created File
    • DNS/IP Info
    • Is Dropped
    • Is Windows Process
    • Number of created Registry Values
    • Number of created Files
    • Visual Basic
    • Delphi
    • Java
    • .Net C# or VB.NET
    • C, C++ or other language
    • Is malicious
    • Internet
    behaviorgraph top1 signatures2 2 Behavior Graph ID: 431672 Sample: #RFQ ORDER484475577797.exe Startdate: 09/06/2021 Architecture: WINDOWS Score: 100 38 Snort IDS alert for network traffic (e.g. based on Emerging Threat rules) 2->38 40 Found malware configuration 2->40 42 Malicious sample detected (through community Yara rule) 2->42 44 11 other signatures 2->44 7 #RFQ ORDER484475577797.exe 7 2->7         started        process3 file4 30 C:\Users\user\AppData\...\LNSXWuepjsOA.exe, PE32 7->30 dropped 32 C:\Users\user\AppData\Local\...\tmp5439.tmp, XML 7->32 dropped 46 Adds a directory exclusion to Windows Defender 7->46 48 Injects a PE file into a foreign processes 7->48 11 #RFQ ORDER484475577797.exe 7->11         started        16 powershell.exe 24 7->16         started        18 powershell.exe 24 7->18         started        20 2 other processes 7->20 signatures5 process6 dnsIp7 36 194.5.98.120, 1604, 49724, 49725 DANILENKODE Netherlands 11->36 34 C:\Users\user\AppData\Roaming\...\run.dat, Non-ISO 11->34 dropped 50 Hides that the sample has been downloaded from the Internet (zone.identifier) 11->50 22 conhost.exe 16->22         started        24 conhost.exe 18->24         started        26 conhost.exe 20->26         started        28 conhost.exe 20->28         started        file8 signatures9 process10

    Screenshots

    Thumbnails

    This section contains all screenshots as thumbnails, including those not shown in the slideshow.

    windows-stand

    Antivirus, Machine Learning and Genetic Malware Detection

    Initial Sample

    No Antivirus matches

    Dropped Files

    SourceDetectionScannerLabelLink
    C:\Users\user\AppData\Roaming\LNSXWuepjsOA.exe4%ReversingLabsWin32.Trojan.GenericML

    Unpacked PE Files

    SourceDetectionScannerLabelLinkDownload
    10.2.#RFQ ORDER484475577797.exe.400000.0.unpack100%AviraTR/Dropper.MSIL.Gen7Download File
    10.0.#RFQ ORDER484475577797.exe.400000.3.unpack100%AviraTR/Dropper.MSIL.Gen7Download File
    10.2.#RFQ ORDER484475577797.exe.5e10000.30.unpack100%AviraTR/NanoCore.fadteDownload File
    10.0.#RFQ ORDER484475577797.exe.400000.1.unpack100%AviraTR/Dropper.MSIL.Gen7Download File

    Domains

    No Antivirus matches

    URLs

    SourceDetectionScannerLabelLink
    http://www.founder.com.cn/cn/bThe0%URL Reputationsafe
    http://www.founder.com.cn/cn/bThe0%URL Reputationsafe
    http://www.founder.com.cn/cn/bThe0%URL Reputationsafe
    http://www.founder.com.cn/cn/bThe0%URL Reputationsafe
    http://www.microsoft.co0%URL Reputationsafe
    http://www.microsoft.co0%URL Reputationsafe
    http://www.microsoft.co0%URL Reputationsafe
    http://www.microsoft.co0%URL Reputationsafe
    http://www.tiro.com0%URL Reputationsafe
    http://www.tiro.com0%URL Reputationsafe
    http://www.tiro.com0%URL Reputationsafe
    http://www.tiro.com0%URL Reputationsafe
    http://www.jiyu-kobo.co.jp/siv0%Avira URL Cloudsafe
    http://www.jiyu-kobo.co.jp/jp/40%Avira URL Cloudsafe
    http://www.goodfont.co.kr0%URL Reputationsafe
    http://www.goodfont.co.kr0%URL Reputationsafe
    http://www.goodfont.co.kr0%URL Reputationsafe
    http://www.fontbureau.comI.TTFu0%Avira URL Cloudsafe
    http://www.sajatypeworks.com0%URL Reputationsafe
    http://www.sajatypeworks.com0%URL Reputationsafe
    http://www.sajatypeworks.com0%URL Reputationsafe
    http://www.founder.com.cn/cnht0%URL Reputationsafe
    http://www.founder.com.cn/cnht0%URL Reputationsafe
    http://www.founder.com.cn/cnht0%URL Reputationsafe
    http://www.typography.netD0%URL Reputationsafe
    http://www.typography.netD0%URL Reputationsafe
    http://www.typography.netD0%URL Reputationsafe
    http://www.founder.com.cn/cn/cThe0%URL Reputationsafe
    http://www.founder.com.cn/cn/cThe0%URL Reputationsafe
    http://www.founder.com.cn/cn/cThe0%URL Reputationsafe
    http://www.galapagosdesign.com/staff/dennis.htm0%URL Reputationsafe
    http://www.galapagosdesign.com/staff/dennis.htm0%URL Reputationsafe
    http://www.galapagosdesign.com/staff/dennis.htm0%URL Reputationsafe
    http://fontfabrik.com0%URL Reputationsafe
    http://fontfabrik.com0%URL Reputationsafe
    http://fontfabrik.com0%URL Reputationsafe
    http://www.jiyu-kobo.co.jp/40%URL Reputationsafe
    http://www.jiyu-kobo.co.jp/40%URL Reputationsafe
    http://www.jiyu-kobo.co.jp/40%URL Reputationsafe
    http://www.jiyu-kobo.co.jp/uet;0%Avira URL Cloudsafe
    http://www.fontbureau.comasv0%Avira URL Cloudsafe
    http://www.fontbureau.com40%Avira URL Cloudsafe
    http://www.jiyu-kobo.co.jp/jp/j0%Avira URL Cloudsafe
    http://www.galapagosdesign.com/DPlease0%URL Reputationsafe
    http://www.galapagosdesign.com/DPlease0%URL Reputationsafe
    http://www.galapagosdesign.com/DPlease0%URL Reputationsafe
    http://www.galapagosdesign.com/staff/dennis.htmJ0%Avira URL Cloudsafe
    http://www.jiyu-kobo.co.jp/)0%URL Reputationsafe
    http://www.jiyu-kobo.co.jp/)0%URL Reputationsafe
    http://www.jiyu-kobo.co.jp/)0%URL Reputationsafe
    http://www.jiyu-kobo.co.jp/Y00%URL Reputationsafe
    http://www.jiyu-kobo.co.jp/Y00%URL Reputationsafe
    http://www.jiyu-kobo.co.jp/Y00%URL Reputationsafe
    http://www.fontbureau.com;0%Avira URL Cloudsafe
    http://www.sajatypeworks.com_0%Avira URL Cloudsafe
    http://www.sandoll.co.kr0%URL Reputationsafe
    http://www.sandoll.co.kr0%URL Reputationsafe
    http://www.sandoll.co.kr0%URL Reputationsafe
    http://www.urwpp.deDPlease0%URL Reputationsafe
    http://www.urwpp.deDPlease0%URL Reputationsafe
    http://www.urwpp.deDPlease0%URL Reputationsafe
    http://www.urwpp.de0%URL Reputationsafe
    http://www.urwpp.de0%URL Reputationsafe
    http://www.urwpp.de0%URL Reputationsafe
    http://www.zhongyicts.com.cn0%URL Reputationsafe
    http://www.zhongyicts.com.cn0%URL Reputationsafe
    http://www.zhongyicts.com.cn0%URL Reputationsafe
    http://www.sakkal.com0%URL Reputationsafe
    http://www.sakkal.com0%URL Reputationsafe
    http://www.sakkal.com0%URL Reputationsafe
    http://www.galapagosdesign.com/0%URL Reputationsafe
    http://www.galapagosdesign.com/0%URL Reputationsafe
    http://www.galapagosdesign.com/0%URL Reputationsafe
    http://www.fontbureau.comF0%URL Reputationsafe
    http://www.fontbureau.comF0%URL Reputationsafe
    http://www.fontbureau.comF0%URL Reputationsafe
    http://www.fonts.comic)0%Avira URL Cloudsafe
    http://pesterbdd.com/images/Pester.png0%URL Reputationsafe
    http://pesterbdd.com/images/Pester.png0%URL Reputationsafe
    http://pesterbdd.com/images/Pester.png0%URL Reputationsafe
    https://go.micro0%URL Reputationsafe
    https://go.micro0%URL Reputationsafe
    https://go.micro0%URL Reputationsafe
    http://www.jiyu-kobo.co.jp/P0%URL Reputationsafe
    http://www.jiyu-kobo.co.jp/P0%URL Reputationsafe
    http://www.jiyu-kobo.co.jp/P0%URL Reputationsafe
    http://www.jiyu-kobo.co.jp/N0%URL Reputationsafe
    http://www.jiyu-kobo.co.jp/N0%URL Reputationsafe
    http://www.jiyu-kobo.co.jp/N0%URL Reputationsafe
    194.5.98.1200%Avira URL Cloudsafe
    http://www.fontbureau.comica0%Avira URL Cloudsafe
    http://www.jiyu-kobo.co.jp/jp/0%URL Reputationsafe
    http://www.jiyu-kobo.co.jp/jp/0%URL Reputationsafe
    http://www.jiyu-kobo.co.jp/jp/0%URL Reputationsafe
    joseedward5001.ddns.net0%Avira URL Cloudsafe
    http://www.fontbureau.comd0%URL Reputationsafe
    http://www.fontbureau.comd0%URL Reputationsafe
    http://www.fontbureau.comd0%URL Reputationsafe
    http://www.carterandcone.coml0%URL Reputationsafe
    http://www.carterandcone.coml0%URL Reputationsafe

    Domains and IPs

    Contacted Domains

    No contacted domains info

    Contacted URLs

    NameMaliciousAntivirus DetectionReputation
    194.5.98.120true
    • Avira URL Cloud: safe
    		unknown
    joseedward5001.ddns.nettrue
    • Avira URL Cloud: safe
    		unknown

    URLs from Memory and Binaries

    NameSourceMaliciousAntivirus DetectionReputation
    http://www.fontbureau.com/designersG#RFQ ORDER484475577797.exe, 00000000.00000002.249815358.00000000067F2000.00000004.00000001.sdmpfalse
      		high
      http://www.fontbureau.com/designers/?#RFQ ORDER484475577797.exe, 00000000.00000002.249815358.00000000067F2000.00000004.00000001.sdmpfalse
        		high
        http://www.founder.com.cn/cn/bThe#RFQ ORDER484475577797.exe, 00000000.00000002.249815358.00000000067F2000.00000004.00000001.sdmpfalse
        • URL Reputation: safe
        • URL Reputation: safe
        • URL Reputation: safe
        • URL Reputation: safe
        		unknown
        http://www.fontbureau.com/designers?#RFQ ORDER484475577797.exe, 00000000.00000002.249815358.00000000067F2000.00000004.00000001.sdmpfalse
          		high
          http://www.microsoft.copowershell.exe, 00000002.00000003.350811381.0000000009493000.00000004.00000001.sdmp, powershell.exe, 00000004.00000003.256253921.000000000745C000.00000004.00000001.sdmpfalse
          • URL Reputation: safe
          • URL Reputation: safe
          • URL Reputation: safe
          • URL Reputation: safe
          		unknown
          http://www.tiro.com#RFQ ORDER484475577797.exe, 00000000.00000002.249815358.00000000067F2000.00000004.00000001.sdmpfalse
          • URL Reputation: safe
          • URL Reputation: safe
          • URL Reputation: safe
          • URL Reputation: safe
          		unknown
          http://www.jiyu-kobo.co.jp/siv#RFQ ORDER484475577797.exe, 00000000.00000003.203771830.00000000055E5000.00000004.00000001.sdmpfalse
          • Avira URL Cloud: safe
          		unknown
          http://www.fontbureau.com/designers#RFQ ORDER484475577797.exe, 00000000.00000002.249815358.00000000067F2000.00000004.00000001.sdmpfalse
            		high
            http://www.jiyu-kobo.co.jp/jp/4#RFQ ORDER484475577797.exe, 00000000.00000003.204321884.00000000055E5000.00000004.00000001.sdmpfalse
            • Avira URL Cloud: safe
            		unknown
            http://www.goodfont.co.kr#RFQ ORDER484475577797.exe, 00000000.00000002.249815358.00000000067F2000.00000004.00000001.sdmpfalse
            • URL Reputation: safe
            • URL Reputation: safe
            • URL Reputation: safe
            		unknown
            https://stackpath.bootstrapcdn.com/bootstrap/4.5.0/css/bootstrap.min.css#RFQ ORDER484475577797.exe, 00000000.00000002.234685013.0000000002611000.00000004.00000001.sdmpfalse
              		high
              http://www.fontbureau.com/designers/ce#RFQ ORDER484475577797.exe, 00000000.00000003.205031179.000000000561E000.00000004.00000001.sdmpfalse
                		high
                http://www.fontbureau.comI.TTFu#RFQ ORDER484475577797.exe, 00000000.00000003.205873226.00000000055E5000.00000004.00000001.sdmpfalse
                • Avira URL Cloud: safe
                		unknown
                http://www.sajatypeworks.com#RFQ ORDER484475577797.exe, 00000000.00000003.199978541.00000000055E3000.00000004.00000001.sdmpfalse
                • URL Reputation: safe
                • URL Reputation: safe
                • URL Reputation: safe
                		unknown
                http://www.founder.com.cn/cnht#RFQ ORDER484475577797.exe, 00000000.00000003.202192893.00000000055ED000.00000004.00000001.sdmpfalse
                • URL Reputation: safe
                • URL Reputation: safe
                • URL Reputation: safe
                		unknown
                http://www.typography.netD#RFQ ORDER484475577797.exe, 00000000.00000002.249815358.00000000067F2000.00000004.00000001.sdmpfalse
                • URL Reputation: safe
                • URL Reputation: safe
                • URL Reputation: safe
                		unknown
                http://www.founder.com.cn/cn/cThe#RFQ ORDER484475577797.exe, 00000000.00000002.249815358.00000000067F2000.00000004.00000001.sdmpfalse
                • URL Reputation: safe
                • URL Reputation: safe
                • URL Reputation: safe
                		unknown
                http://www.galapagosdesign.com/staff/dennis.htm#RFQ ORDER484475577797.exe, 00000000.00000002.249815358.00000000067F2000.00000004.00000001.sdmpfalse
                • URL Reputation: safe
                • URL Reputation: safe
                • URL Reputation: safe
                		unknown
                http://fontfabrik.com#RFQ ORDER484475577797.exe, 00000000.00000002.249815358.00000000067F2000.00000004.00000001.sdmpfalse
                • URL Reputation: safe
                • URL Reputation: safe
                • URL Reputation: safe
                		unknown
                http://www.jiyu-kobo.co.jp/4#RFQ ORDER484475577797.exe, 00000000.00000003.203771830.00000000055E5000.00000004.00000001.sdmpfalse
                • URL Reputation: safe
                • URL Reputation: safe
                • URL Reputation: safe
                		unknown
                http://www.jiyu-kobo.co.jp/uet;#RFQ ORDER484475577797.exe, 00000000.00000003.203771830.00000000055E5000.00000004.00000001.sdmpfalse
                • Avira URL Cloud: safe
                		unknown
                http://www.fontbureau.comasv#RFQ ORDER484475577797.exe, 00000000.00000003.224915984.00000000055E0000.00000004.00000001.sdmpfalse
                • Avira URL Cloud: safe
                		unknown
                http://www.fontbureau.com4#RFQ ORDER484475577797.exe, 00000000.00000003.205873226.00000000055E5000.00000004.00000001.sdmpfalse
                • Avira URL Cloud: safe
                		unknown
                http://www.jiyu-kobo.co.jp/jp/j#RFQ ORDER484475577797.exe, 00000000.00000003.204321884.00000000055E5000.00000004.00000001.sdmpfalse
                • Avira URL Cloud: safe
                		unknown
                http://www.galapagosdesign.com/DPlease#RFQ ORDER484475577797.exe, 00000000.00000002.249815358.00000000067F2000.00000004.00000001.sdmpfalse
                • URL Reputation: safe
                • URL Reputation: safe
                • URL Reputation: safe
                		unknown
                http://www.galapagosdesign.com/staff/dennis.htmJ#RFQ ORDER484475577797.exe, 00000000.00000003.206661212.00000000055F3000.00000004.00000001.sdmpfalse
                • Avira URL Cloud: safe
                		unknown
                http://www.jiyu-kobo.co.jp/)#RFQ ORDER484475577797.exe, 00000000.00000003.204321884.00000000055E5000.00000004.00000001.sdmpfalse
                • URL Reputation: safe
                • URL Reputation: safe
                • URL Reputation: safe
                		unknown
                http://www.jiyu-kobo.co.jp/Y0#RFQ ORDER484475577797.exe, 00000000.00000003.203771830.00000000055E5000.00000004.00000001.sdmpfalse
                • URL Reputation: safe
                • URL Reputation: safe
                • URL Reputation: safe
                		unknown
                http://www.fontbureau.com;#RFQ ORDER484475577797.exe, 00000000.00000003.224915984.00000000055E0000.00000004.00000001.sdmpfalse
                • Avira URL Cloud: safe
                		low
                http://www.sajatypeworks.com_#RFQ ORDER484475577797.exe, 00000000.00000003.199978541.00000000055E3000.00000004.00000001.sdmpfalse
                • Avira URL Cloud: safe
                		low
                http://www.fonts.com#RFQ ORDER484475577797.exe, 00000000.00000002.249815358.00000000067F2000.00000004.00000001.sdmpfalse
                  		high
                  http://www.sandoll.co.kr#RFQ ORDER484475577797.exe, 00000000.00000002.249815358.00000000067F2000.00000004.00000001.sdmpfalse
                  • URL Reputation: safe
                  • URL Reputation: safe
                  • URL Reputation: safe
                  		unknown
                  http://www.urwpp.deDPlease#RFQ ORDER484475577797.exe, 00000000.00000002.249815358.00000000067F2000.00000004.00000001.sdmpfalse
                  • URL Reputation: safe
                  • URL Reputation: safe
                  • URL Reputation: safe
                  		unknown
                  http://www.urwpp.de#RFQ ORDER484475577797.exe, 00000000.00000003.205873226.00000000055E5000.00000004.00000001.sdmpfalse
                  • URL Reputation: safe
                  • URL Reputation: safe
                  • URL Reputation: safe
                  		unknown
                  http://www.zhongyicts.com.cn#RFQ ORDER484475577797.exe, 00000000.00000002.249815358.00000000067F2000.00000004.00000001.sdmpfalse
                  • URL Reputation: safe
                  • URL Reputation: safe
                  • URL Reputation: safe
                  		unknown
                  http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name#RFQ ORDER484475577797.exe, 00000000.00000002.234685013.0000000002611000.00000004.00000001.sdmp, powershell.exe, 00000002.00000002.381527007.0000000004981000.00000004.00000001.sdmpfalse
                    		high
                    http://www.sakkal.com#RFQ ORDER484475577797.exe, 00000000.00000003.204321884.00000000055E5000.00000004.00000001.sdmpfalse
                    • URL Reputation: safe
                    • URL Reputation: safe
                    • URL Reputation: safe
                    		unknown
                    http://www.apache.org/licenses/LICENSE-2.0#RFQ ORDER484475577797.exe, 00000000.00000002.249815358.00000000067F2000.00000004.00000001.sdmpfalse
                      		high
                      http://www.fontbureau.com#RFQ ORDER484475577797.exe, 00000000.00000002.249815358.00000000067F2000.00000004.00000001.sdmpfalse
                        		high
                        http://www.galapagosdesign.com/#RFQ ORDER484475577797.exe, 00000000.00000003.206661212.00000000055F3000.00000004.00000001.sdmpfalse
                        • URL Reputation: safe
                        • URL Reputation: safe
                        • URL Reputation: safe
                        		unknown
                        http://www.fontbureau.comF#RFQ ORDER484475577797.exe, 00000000.00000003.224915984.00000000055E0000.00000004.00000001.sdmpfalse
                        • URL Reputation: safe
                        • URL Reputation: safe
                        • URL Reputation: safe
                        		unknown
                        http://www.fonts.comic)#RFQ ORDER484475577797.exe, 00000000.00000003.200581068.00000000055FB000.00000004.00000001.sdmpfalse
                        • Avira URL Cloud: safe
                        		low
                        http://pesterbdd.com/images/Pester.pngpowershell.exe, 00000002.00000003.333673161.0000000007B8F000.00000004.00000001.sdmp, powershell.exe, 00000008.00000003.351711715.0000000007AA7000.00000004.00000001.sdmpfalse
                        • URL Reputation: safe
                        • URL Reputation: safe
                        • URL Reputation: safe
                        		unknown
                        http://www.apache.org/licenses/LICENSE-2.0.htmlpowershell.exe, 00000002.00000003.333673161.0000000007B8F000.00000004.00000001.sdmp, powershell.exe, 00000008.00000003.396636071.0000000007A98000.00000004.00000001.sdmpfalse
                          		high
                          https://go.micropowershell.exe, 00000002.00000003.327034751.000000000533B000.00000004.00000001.sdmp, powershell.exe, 00000004.00000003.339252363.0000000004D7F000.00000004.00000001.sdmp, powershell.exe, 00000008.00000003.342461886.0000000005253000.00000004.00000001.sdmpfalse
                          • URL Reputation: safe
                          • URL Reputation: safe
                          • URL Reputation: safe
                          		unknown
                          http://www.jiyu-kobo.co.jp/P#RFQ ORDER484475577797.exe, 00000000.00000003.204321884.00000000055E5000.00000004.00000001.sdmpfalse
                          • URL Reputation: safe
                          • URL Reputation: safe
                          • URL Reputation: safe
                          		unknown
                          http://www.jiyu-kobo.co.jp/N#RFQ ORDER484475577797.exe, 00000000.00000003.203771830.00000000055E5000.00000004.00000001.sdmpfalse
                          • URL Reputation: safe
                          • URL Reputation: safe
                          • URL Reputation: safe
                          		unknown
                          http://www.fontbureau.comica#RFQ ORDER484475577797.exe, 00000000.00000003.224915984.00000000055E0000.00000004.00000001.sdmpfalse
                          • Avira URL Cloud: safe
                          		unknown
                          http://www.jiyu-kobo.co.jp/jp/#RFQ ORDER484475577797.exe, 00000000.00000003.203771830.00000000055E5000.00000004.00000001.sdmpfalse
                          • URL Reputation: safe
                          • URL Reputation: safe
                          • URL Reputation: safe
                          		unknown
                          http://www.fontbureau.comd#RFQ ORDER484475577797.exe, 00000000.00000003.205873226.00000000055E5000.00000004.00000001.sdmpfalse
                          • URL Reputation: safe
                          • URL Reputation: safe
                          • URL Reputation: safe
                          		unknown
                          https://github.com/Pester/Pesterpowershell.exe, 00000002.00000003.333673161.0000000007B8F000.00000004.00000001.sdmp, powershell.exe, 00000008.00000003.351711715.0000000007AA7000.00000004.00000001.sdmpfalse
                            		high
                            http://www.carterandcone.coml#RFQ ORDER484475577797.exe, 00000000.00000002.249815358.00000000067F2000.00000004.00000001.sdmpfalse
                            • URL Reputation: safe
                            • URL Reputation: safe
                            • URL Reputation: safe
                            		unknown
                            http://www.founder.com.cn/cn/#RFQ ORDER484475577797.exe, 00000000.00000003.202513228.00000000055E8000.00000004.00000001.sdmpfalse
                            • URL Reputation: safe
                            • URL Reputation: safe
                            • URL Reputation: safe
                            		unknown
                            http://www.fontbureau.com/designers/cabarga.htmlN#RFQ ORDER484475577797.exe, 00000000.00000002.249815358.00000000067F2000.00000004.00000001.sdmpfalse
                              		high
                              http://www.founder.com.cn/cn#RFQ ORDER484475577797.exe, 00000000.00000003.202378192.00000000055E7000.00000004.00000001.sdmp, #RFQ ORDER484475577797.exe, 00000000.00000003.202695742.00000000055E6000.00000004.00000001.sdmpfalse
                              • URL Reputation: safe
                              • URL Reputation: safe
                              • URL Reputation: safe
                              		unknown
                              http://www.fontbureau.com/designers/frere-jones.html#RFQ ORDER484475577797.exe, 00000000.00000003.205395467.00000000055F9000.00000004.00000001.sdmp, #RFQ ORDER484475577797.exe, 00000000.00000002.249815358.00000000067F2000.00000004.00000001.sdmpfalse
                                		high
                                http://www.jiyu-kobo.co.jp/u#RFQ ORDER484475577797.exe, 00000000.00000003.203771830.00000000055E5000.00000004.00000001.sdmpfalse
                                • URL Reputation: safe
                                • URL Reputation: safe
                                • URL Reputation: safe
                                		unknown
                                http://www.jiyu-kobo.co.jp/het#RFQ ORDER484475577797.exe, 00000000.00000003.203771830.00000000055E5000.00000004.00000001.sdmpfalse
                                • Avira URL Cloud: safe
                                		unknown
                                http://www.jiyu-kobo.co.jp/o#RFQ ORDER484475577797.exe, 00000000.00000003.203771830.00000000055E5000.00000004.00000001.sdmpfalse
                                • URL Reputation: safe
                                • URL Reputation: safe
                                • URL Reputation: safe
                                		unknown
                                http://www.jiyu-kobo.co.jp/jp/)#RFQ ORDER484475577797.exe, 00000000.00000003.203771830.00000000055E5000.00000004.00000001.sdmpfalse
                                • Avira URL Cloud: safe
                                		unknown
                                http://www.founder.com.cn/cn3#RFQ ORDER484475577797.exe, 00000000.00000003.202378192.00000000055E7000.00000004.00000001.sdmpfalse
                                • Avira URL Cloud: safe
                                		unknown
                                http://www.jiyu-kobo.co.jp/#RFQ ORDER484475577797.exe, 00000000.00000003.203771830.00000000055E5000.00000004.00000001.sdmpfalse
                                • URL Reputation: safe
                                • URL Reputation: safe
                                • URL Reputation: safe
                                		unknown
                                http://www.founder.com.cn/cn4#RFQ ORDER484475577797.exe, 00000000.00000003.202513228.00000000055E8000.00000004.00000001.sdmpfalse
                                • Avira URL Cloud: safe
                                		unknown
                                http://www.fontbureau.com/designers8#RFQ ORDER484475577797.exe, 00000000.00000002.249815358.00000000067F2000.00000004.00000001.sdmpfalse
                                  		high
                                  http://www.jiyu-kobo.co.jp/j#RFQ ORDER484475577797.exe, 00000000.00000003.203771830.00000000055E5000.00000004.00000001.sdmpfalse
                                  • URL Reputation: safe
                                  • URL Reputation: safe
                                  • URL Reputation: safe
                                  		unknown
                                  http://www.fontbureau.comals#RFQ ORDER484475577797.exe, 00000000.00000003.205873226.00000000055E5000.00000004.00000001.sdmpfalse
                                  • URL Reputation: safe
                                  • URL Reputation: safe
                                  • URL Reputation: safe
                                  		unknown
                                  http://www.jiyu-kobo.co.jp/Y0pP#RFQ ORDER484475577797.exe, 00000000.00000003.203771830.00000000055E5000.00000004.00000001.sdmpfalse
                                  • Avira URL Cloud: safe
                                  		unknown
                                  http://www.fontbureau.comsief#RFQ ORDER484475577797.exe, 00000000.00000003.205873226.00000000055E5000.00000004.00000001.sdmpfalse
                                  • URL Reputation: safe
                                  • URL Reputation: safe
                                  • URL Reputation: safe
                                  		unknown
                                  http://www.fontbureau.comitud#RFQ ORDER484475577797.exe, 00000000.00000003.205873226.00000000055E5000.00000004.00000001.sdmpfalse
                                  • URL Reputation: safe
                                  • URL Reputation: safe
                                  • URL Reputation: safe
                                  		unknown

                                  Contacted IPs

                                  • No. of IPs < 25%
                                  • 25% < No. of IPs < 50%
                                  • 50% < No. of IPs < 75%
                                  • 75% < No. of IPs

                                  Public

                                  IPDomainCountryFlagASNASN NameMalicious
                                  194.5.98.120
                                  		unknownNetherlands
                                  		208476DANILENKODEtrue

                                  General Information

                                  Joe Sandbox Version:32.0.0 Black Diamond
                                  Analysis ID:431672
                                  Start date:09.06.2021
                                  Start time:06:00:18
                                  Joe Sandbox Product:CloudBasic
                                  Overall analysis duration:0h 10m 51s
                                  Hypervisor based Inspection enabled:false
                                  Report type:full
                                  Sample file name:#RFQ ORDER484475577797.exe
                                  Cookbook file name:default.jbs
                                  Analysis system description:Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 85, IE 11, Adobe Reader DC 19, Java 8 Update 211
                                  Number of analysed new started processes analysed:33
                                  Number of new started drivers analysed:0
                                  Number of existing processes analysed:0
                                  Number of existing drivers analysed:0
                                  Number of injected processes analysed:0
                                  Technologies:
                                  • HCA enabled
                                  • EGA enabled
                                  • HDC enabled
                                  • AMSI enabled
                                  Analysis Mode:default
                                  Analysis stop reason:Timeout
                                  Detection:MAL
                                  Classification:mal100.troj.evad.winEXE@15/21@0/1
                                  EGA Information:Failed
                                  HDC Information:
                                  • Successful, ratio: 0.1% (good quality ratio 0.1%)
                                  • Quality average: 43.8%
                                  • Quality standard deviation: 34.6%
                                  HCA Information:
                                  • Successful, ratio: 96%
                                  • Number of executed functions: 95
                                  • Number of non-executed functions: 29
                                  Cookbook Comments:
                                  • Adjust boot time
                                  • Enable AMSI
                                  • Found application associated with file extension: .exe
                                  Warnings:
                                  Show All
                                  • Behavior information exceeds normal sizes, reducing to normal. Report will have missing behavior information.
                                  • Exclude process from analysis (whitelisted): taskhostw.exe, MpCmdRun.exe, BackgroundTransferHost.exe, backgroundTaskHost.exe, SgrmBroker.exe, conhost.exe, WmiPrvSE.exe, svchost.exe, UsoClient.exe
                                  • Not all processes where analyzed, report is missing behavior information
                                  • Report size exceeded maximum capacity and may have missing behavior information.
                                  • Report size exceeded maximum capacity and may have missing network information.
                                  • Report size getting too big, too many NtAllocateVirtualMemory calls found.
                                  • Report size getting too big, too many NtOpenKeyEx calls found.
                                  • Report size getting too big, too many NtProtectVirtualMemory calls found.
                                  • Report size getting too big, too many NtQueryValueKey calls found.

                                  Simulations

                                  Behavior and APIs

                                  TimeTypeDescription
                                  06:01:10API Interceptor968x Sleep call for process: #RFQ ORDER484475577797.exe modified
                                  06:01:50API Interceptor97x Sleep call for process: powershell.exe modified

                                  Joe Sandbox View / Context

                                  IPs

                                  MatchAssociated Sample Name / URLSHA 256DetectionLinkContext
                                  194.5.98.120Purchase_Order_Form_4667ROO3.exeGet hashmaliciousBrowse
                                    IMG-06-05-345678909876543.exeGet hashmaliciousBrowse

                                      Domains

                                      No context

                                      ASN

                                      MatchAssociated Sample Name / URLSHA 256DetectionLinkContext
                                      DANILENKODEb6yzWugw8V.exeGet hashmaliciousBrowse
                                      • 194.5.98.107
                                      0041#Receipt.pif.exeGet hashmaliciousBrowse
                                      • 194.5.98.180
                                      j07ghiByDq.exeGet hashmaliciousBrowse
                                      • 194.5.97.146
                                      j07ghiByDq.exeGet hashmaliciousBrowse
                                      • 194.5.97.146
                                      PROOF OF PAYMENT.exeGet hashmaliciousBrowse
                                      • 194.5.97.18
                                      SecuriteInfo.com.Trojan.PackedNET.820.24493.exeGet hashmaliciousBrowse
                                      • 194.5.97.61
                                      DHL_file.exeGet hashmaliciousBrowse
                                      • 194.5.98.145
                                      BBS FX.xlsxGet hashmaliciousBrowse
                                      • 194.5.97.61
                                      GpnPv433gb.exeGet hashmaliciousBrowse
                                      • 194.5.98.11
                                      Kj7tTd1Zimp0ciI.exeGet hashmaliciousBrowse
                                      • 194.5.97.197
                                      Resume.exeGet hashmaliciousBrowse
                                      • 194.5.98.8
                                      SecuriteInfo.com.Trojan.DownLoader39.38629.28832.exeGet hashmaliciousBrowse
                                      • 194.5.98.145
                                      SecuriteInfo.com.Variant.Razy.840898.18291.exeGet hashmaliciousBrowse
                                      • 194.5.98.144
                                      8LtwhjD2Qm.exeGet hashmaliciousBrowse
                                      • 194.5.98.107
                                      Receiptn.exeGet hashmaliciousBrowse
                                      • 194.5.98.180
                                      soa5.exeGet hashmaliciousBrowse
                                      • 194.5.98.48
                                      soa5.exeGet hashmaliciousBrowse
                                      • 194.5.98.48
                                      68Aj4oxPok.exeGet hashmaliciousBrowse
                                      • 194.5.98.144
                                      Ysur2E8xPs.exeGet hashmaliciousBrowse
                                      • 194.5.97.61
                                      HI4B6mZPHx.exeGet hashmaliciousBrowse
                                      • 194.5.98.55

                                      JA3 Fingerprints

                                      No context

                                      Dropped Files

                                      No context

                                      Created / dropped Files

                                      C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\#RFQ ORDER484475577797.exe.log
                                      Process:C:\Users\user\Desktop\#RFQ ORDER484475577797.exe
                                      File Type:ASCII text, with CRLF line terminators
                                      Category:modified
                                      Size (bytes):1406
                                      Entropy (8bit):5.341099307467139
                                      Encrypted:false
                                      SSDEEP:24:MLU84jE4K5E4Ks2E1qE4qXKDE4KhK3VZ9pKhPKIE4oKFKHKoZAE4Kzr7FE4sAmER:MgvjHK5HKXE1qHiYHKhQnoPtHoxHhAHg
                                      MD5:E5FA1A53BA6D70E18192AF6AF7CFDBFA
                                      SHA1:1C076481F11366751B8DA795C98A54DE8D1D82D5
                                      SHA-256:1D7BAA6D3EB5A504FD4652BC01A0864DEE898D35D9E29D03EB4A60B0D6405D83
                                      SHA-512:77850814E24DB48E3DDF9DF5B6A8110EE1A823BAABA800F89CD353EAC7F72E48B13F3F4A4DC8E5F0FAA707A7F14ED90577CF1CB106A0422F0BEDD1EFD2E940E4
                                      Malicious:false
                                      Reputation:moderate, very likely benign file
                                      Preview: 1,"fusion","GAC",0..1,"WinRT","NotApp",1..2,"Microsoft.VisualBasic, Version=10.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a",0..2,"System.Windows.Forms, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089",0..3,"System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089","C:\Windows\assembly\NativeImages_v4.0.30319_32\System\4f0a7eefa3cd3e0ba98b5ebddbbc72e6\System.ni.dll",0..2,"System.Drawing, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a",0..3,"System.Core, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089","C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\f1d8480152e0da9a60ad49c6d16a3b6d\System.Core.ni.dll",0..3,"System.Configuration, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a","C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\8d67d92724ba494b6c7fd089d6f25b48\System.Configuration.ni.dll",0..3,"System.Xml, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a
                                      C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\ModuleAnalysisCache
                                      Process:C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
                                      File Type:data
                                      Category:dropped
                                      Size (bytes):14734
                                      Entropy (8bit):4.993014478972177
                                      Encrypted:false
                                      SSDEEP:384:cBVoGIpN6KQkj2Wkjh4iUxtaKdROdBLNXp5nYoGib4J:cBV3IpNBQkj2Lh4iUxtaKdROdBLNZBYH
                                      MD5:8D5E194411E038C060288366D6766D3D
                                      SHA1:DC1A8229ED0B909042065EA69253E86E86D71C88
                                      SHA-256:44EEE632DEDFB83A545D8C382887DF3EE7EF551F73DD55FEDCDD8C93D390E31F
                                      SHA-512:21378D13D42FBFA573DE91C1D4282B03E0AA1317B0C37598110DC53900C6321DB2B9DF27B2816D6EE3B3187E54BF066A96DB9EC1FF47FF86FEA36282AB906367
                                      Malicious:false
                                      Reputation:moderate, very likely benign file
                                      Preview: PSMODULECACHE......<.e...Y...C:\Program Files (x86)\WindowsPowerShell\Modules\PowerShellGet\1.0.0.1\PowerShellGet.psd1........Uninstall-Module........inmo........fimo........Install-Module........New-ScriptFileInfo........Publish-Module........Install-Script........Update-Script........Find-Command........Update-ModuleManifest........Find-DscResource........Save-Module........Save-Script........upmo........Uninstall-Script........Get-InstalledScript........Update-Module........Register-PSRepository........Find-Script........Unregister-PSRepository........pumo........Test-ScriptFileInfo........Update-ScriptFileInfo........Set-PSRepository........Get-PSRepository........Get-InstalledModule........Find-Module........Find-RoleCapability........Publish-Script.........<.e...T...C:\Program Files (x86)\WindowsPowerShell\Modules\PowerShellGet\1.0.0.1\PSModule.psm1*.......Install-Script........Save-Module........Publish-Module........Find-Module........Download-Package........Update-Module....
                                      C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
                                      Process:C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
                                      File Type:data
                                      Category:dropped
                                      Size (bytes):22432
                                      Entropy (8bit):5.601026317548112
                                      Encrypted:false
                                      SSDEEP:384:BtCDFL9zhSggIRkGnTnRel4KnOsIiP7Y9gFSJUeRe1BMrmKZ1AV7nD2He64I+qzg:KkG+4KOsdrFXeNT4e4V
                                      MD5:D441FECFBC90075FAD33775038F0095C
                                      SHA1:55927F378AE17EC0A7DF2DDAE83D7848FB2F041B
                                      SHA-256:293AC01B9F1A15C9CCE0E416EE3DF851C39475E82DE6014A22847EB21BF28068
                                      SHA-512:027A8FFD08983312AB767AE0537D800E890ECB4F71423231AE98A487D3A38526455C9B3FB6945421A3830AA5C1DE484AF3A8E961845B6DE104A0CEC780EC534C
                                      Malicious:false
                                      Reputation:low
                                      Preview: @...e...................................X............@..........H...............<@.^.L."My...:P..... .Microsoft.PowerShell.ConsoleHostD...............fZve...F.....x.)........System.Management.Automation4...............[...{a.C..%6..h.........System.Core.0...............G-.o...A...4B..........System..4................Zg5..:O..g..q..........System.Xml..L...............7.....J@......~.......#.Microsoft.Management.Infrastructure.8................'....L..}............System.Numerics.@................Lo...QN......<Q........System.DirectoryServices<................H..QN.Y.f............System.Management...4....................].D.E.....#.......System.Data.H................. ....H..m)aUu.........Microsoft.PowerShell.Security...<.................~.[L.D.Z.>..m.........System.Transactions.<................):gK..G...$.1.q........System.ConfigurationP................./.C..J..%...].......%.Microsoft.PowerShell.Commands.Utility...D..................-.D.F.<;.nt.1........System.Configuration.Ins
                                      C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_5tg0nxmy.vv5.psm1
                                      Process:C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
                                      File Type:very short file (no magic)
                                      Category:dropped
                                      Size (bytes):1
                                      Entropy (8bit):0.0
                                      Encrypted:false
                                      SSDEEP:3:U:U
                                      MD5:C4CA4238A0B923820DCC509A6F75849B
                                      SHA1:356A192B7913B04C54574D18C28D46E6395428AB
                                      SHA-256:6B86B273FF34FCE19D6B804EFF5A3F5747ADA4EAA22F1D49C01E52DDB7875B4B
                                      SHA-512:4DFF4EA340F0A823F15D3F4F01AB62EAE0E5DA579CCB851F8DB9DFE84C58B2B37B89903A740E1EE172DA793A6E79D560E5F7F9BD058A12A280433ED6FA46510A
                                      Malicious:false
                                      Preview: 1
                                      C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_a4oghqwf.k1g.ps1
                                      Process:C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
                                      File Type:very short file (no magic)
                                      Category:dropped
                                      Size (bytes):1
                                      Entropy (8bit):0.0
                                      Encrypted:false
                                      SSDEEP:3:U:U
                                      MD5:C4CA4238A0B923820DCC509A6F75849B
                                      SHA1:356A192B7913B04C54574D18C28D46E6395428AB
                                      SHA-256:6B86B273FF34FCE19D6B804EFF5A3F5747ADA4EAA22F1D49C01E52DDB7875B4B
                                      SHA-512:4DFF4EA340F0A823F15D3F4F01AB62EAE0E5DA579CCB851F8DB9DFE84C58B2B37B89903A740E1EE172DA793A6E79D560E5F7F9BD058A12A280433ED6FA46510A
                                      Malicious:false
                                      Preview: 1
                                      C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_hjifbzqp.is4.psm1
                                      Process:C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
                                      File Type:very short file (no magic)
                                      Category:dropped
                                      Size (bytes):1
                                      Entropy (8bit):0.0
                                      Encrypted:false
                                      SSDEEP:3:U:U
                                      MD5:C4CA4238A0B923820DCC509A6F75849B
                                      SHA1:356A192B7913B04C54574D18C28D46E6395428AB
                                      SHA-256:6B86B273FF34FCE19D6B804EFF5A3F5747ADA4EAA22F1D49C01E52DDB7875B4B
                                      SHA-512:4DFF4EA340F0A823F15D3F4F01AB62EAE0E5DA579CCB851F8DB9DFE84C58B2B37B89903A740E1EE172DA793A6E79D560E5F7F9BD058A12A280433ED6FA46510A
                                      Malicious:false
                                      Preview: 1
                                      C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_ugjy2ffl.kar.ps1
                                      Process:C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
                                      File Type:very short file (no magic)
                                      Category:dropped
                                      Size (bytes):1
                                      Entropy (8bit):0.0
                                      Encrypted:false
                                      SSDEEP:3:U:U
                                      MD5:C4CA4238A0B923820DCC509A6F75849B
                                      SHA1:356A192B7913B04C54574D18C28D46E6395428AB
                                      SHA-256:6B86B273FF34FCE19D6B804EFF5A3F5747ADA4EAA22F1D49C01E52DDB7875B4B
                                      SHA-512:4DFF4EA340F0A823F15D3F4F01AB62EAE0E5DA579CCB851F8DB9DFE84C58B2B37B89903A740E1EE172DA793A6E79D560E5F7F9BD058A12A280433ED6FA46510A
                                      Malicious:false
                                      Preview: 1
                                      C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_xagkqtsl.tds.ps1
                                      Process:C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
                                      File Type:very short file (no magic)
                                      Category:dropped
                                      Size (bytes):1
                                      Entropy (8bit):0.0
                                      Encrypted:false
                                      SSDEEP:3:U:U
                                      MD5:C4CA4238A0B923820DCC509A6F75849B
                                      SHA1:356A192B7913B04C54574D18C28D46E6395428AB
                                      SHA-256:6B86B273FF34FCE19D6B804EFF5A3F5747ADA4EAA22F1D49C01E52DDB7875B4B
                                      SHA-512:4DFF4EA340F0A823F15D3F4F01AB62EAE0E5DA579CCB851F8DB9DFE84C58B2B37B89903A740E1EE172DA793A6E79D560E5F7F9BD058A12A280433ED6FA46510A
                                      Malicious:false
                                      Preview: 1
                                      C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_zpenzzls.5ci.psm1
                                      Process:C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
                                      File Type:very short file (no magic)
                                      Category:dropped
                                      Size (bytes):1
                                      Entropy (8bit):0.0
                                      Encrypted:false
                                      SSDEEP:3:U:U
                                      MD5:C4CA4238A0B923820DCC509A6F75849B
                                      SHA1:356A192B7913B04C54574D18C28D46E6395428AB
                                      SHA-256:6B86B273FF34FCE19D6B804EFF5A3F5747ADA4EAA22F1D49C01E52DDB7875B4B
                                      SHA-512:4DFF4EA340F0A823F15D3F4F01AB62EAE0E5DA579CCB851F8DB9DFE84C58B2B37B89903A740E1EE172DA793A6E79D560E5F7F9BD058A12A280433ED6FA46510A
                                      Malicious:false
                                      Preview: 1
                                      C:\Users\user\AppData\Local\Temp\tmp5439.tmp
                                      Process:C:\Users\user\Desktop\#RFQ ORDER484475577797.exe
                                      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
                                      Category:dropped
                                      Size (bytes):1645
                                      Entropy (8bit):5.19563600381544
                                      Encrypted:false
                                      SSDEEP:24:2dH4+SEqC/Q7hxlNMFp1/rlMhEMjnGpwjpIgUYODOLD9RJh7h8gKBatn:cbh47TlNQ//rydbz9I3YODOLNdq3+
                                      MD5:9446876F31244201872510015A7EA95E
                                      SHA1:CB825B2C983C682796CF98AAB272F0ADEC79F18D
                                      SHA-256:CD02449A4809FA4ED344985993AA17AB08E25B76F70C75B84FEC26BEFA36B8B5
                                      SHA-512:2639393CDE51B79BA31DD5666E341A14AD76DED15E169BF98A517DFDC0E34AFBD792F819D7EE1A51F6281FD482DFFF85B31929A5094CF6A84B98AC69EB90A768
                                      Malicious:true
                                      Preview: <?xml version="1.0" encoding="UTF-16"?>..<Task version="1.2" xmlns="http://schemas.microsoft.com/windows/2004/02/mit/task">.. <RegistrationInfo>.. <Date>2014-10-25T14:27:44.8929027</Date>.. <Author>computer\user</Author>.. </RegistrationInfo>.. <Triggers>.. <LogonTrigger>.. <Enabled>true</Enabled>.. <UserId>computer\user</UserId>.. </LogonTrigger>.. <RegistrationTrigger>.. <Enabled>false</Enabled>.. </RegistrationTrigger>.. </Triggers>.. <Principals>.. <Principal id="Author">.. <UserId>computer\user</UserId>.. <LogonType>InteractiveToken</LogonType>.. <RunLevel>LeastPrivilege</RunLevel>.. </Principal>.. </Principals>.. <Settings>.. <MultipleInstancesPolicy>StopExisting</MultipleInstancesPolicy>.. <DisallowStartIfOnBatteries>false</DisallowStartIfOnBatteries>.. <StopIfGoingOnBatteries>true</StopIfGoingOnBatteries>.. <AllowHardTerminate>false</AllowHardTerminate>.. <StartWhenAvailable>true
                                      C:\Users\user\AppData\Roaming\D06ED635-68F6-4E9A-955C-4899F5F57B9A\catalog.dat
                                      Process:C:\Users\user\Desktop\#RFQ ORDER484475577797.exe
                                      File Type:data
                                      Category:dropped
                                      Size (bytes):3480
                                      Entropy (8bit):7.024371743172393
                                      Encrypted:false
                                      SSDEEP:96:flC0IlC0IlC0IlC0IlC0IlC0IlC0IlC0IlC0IlC0IlC0IlC0IlC0IlC0IlC08:f8L8L8L8L8L8L8L8L8L8L8L8L8L8L8r
                                      MD5:E1AFCDE67424226B8B4FC4209A77391C
                                      SHA1:B66E69ED31F39B8B0EFB652C514C43BCB42B5D28
                                      SHA-256:72826C35B0442BC1ACA3EE1C0CAA2DE87A694FC344BBF47A853082D26D6906F8
                                      SHA-512:313502CC6AF6482EF66C3CC10A65CBC60DBCF4C5EA4DA344833198902EE08996175FA60B12D05E7B5B887E08341B0468D47CD4CC578DF5D265E70CDE4F33F3D5
                                      Malicious:false
                                      Preview: Gj.h\.3.A...5.x..&...i+..c(1.P..P.cLT...A.b........4h...t.+..Z\.. .i.....@.3..{...grv+V...B.......].P...W.4C}uL.....s~..F...}......E......E...6E.....{...{.yS...7..".hK.!.x.2..i..zJ... ....f..?._....0.:e[7w{1.!.4.....&.Gj.h\.3.A...5.x..&...i+..c(1.P..P.cLT...A.b........4h...t.+..Z\.. .i.....@.3..{...grv+V...B.......].P...W.4C}uL.....s~..F...}......E......E...6E.....{...{.yS...7..".hK.!.x.2..i..zJ... ....f..?._....0.:e[7w{1.!.4.....&.Gj.h\.3.A...5.x..&...i+..c(1.P..P.cLT...A.b........4h...t.+..Z\.. .i.....@.3..{...grv+V...B.......].P...W.4C}uL.....s~..F...}......E......E...6E.....{...{.yS...7..".hK.!.x.2..i..zJ... ....f..?._....0.:e[7w{1.!.4.....&.Gj.h\.3.A...5.x..&...i+..c(1.P..P.cLT...A.b........4h...t.+..Z\.. .i.....@.3..{...grv+V...B.......].P...W.4C}uL.....s~..F...}......E......E...6E.....{...{.yS...7..".hK.!.x.2..i..zJ... ....f..?._....0.:e[7w{1.!.4.....&.Gj.h\.3.A...5.x..&...i+..c(1.P..P.cLT...A.b........4h...t.+..Z\.. .i.
                                      C:\Users\user\AppData\Roaming\D06ED635-68F6-4E9A-955C-4899F5F57B9A\run.dat
                                      Process:C:\Users\user\Desktop\#RFQ ORDER484475577797.exe
                                      File Type:Non-ISO extended-ASCII text, with no line terminators
                                      Category:dropped
                                      Size (bytes):8
                                      Entropy (8bit):3.0
                                      Encrypted:false
                                      SSDEEP:3:M:M
                                      MD5:94F847755D0DE54CF6CA9961C9C969EE
                                      SHA1:B63BC791DB5FDE76F962C652F651E4461B797BED
                                      SHA-256:071211A30D041059B4C4E674D2F22C953645E3FE5C09171202CE1B5267D36870
                                      SHA-512:957E701B2177E95E41722AAF63F5AFA480C8363681865AA0540DAD2937F48C3D74E8E0E43253EDC9AB95D8236E3110FD57961D4E6AE73EC082BFD67F5687BA3B
                                      Malicious:true
                                      Preview: .].F+.H
                                      C:\Users\user\AppData\Roaming\LNSXWuepjsOA.exe
                                      Process:C:\Users\user\Desktop\#RFQ ORDER484475577797.exe
                                      File Type:PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
                                      Category:dropped
                                      Size (bytes):800768
                                      Entropy (8bit):7.563112762527505
                                      Encrypted:false
                                      SSDEEP:12288:qB4w15tyPvHv4nO1eklMV40J4o9MBfpXjgp6PSPxM6Grfs768VN21zX4y8:qY4O1ekULCXgp6PSPxMtE768VN2J
                                      MD5:18E38261E8EA6AE0077C5448F809CCB6
                                      SHA1:BBFAF42987014BA9571C75D1982843D7AD7155AC
                                      SHA-256:3CB5C285D5E7F163C9764EF3E99467F5460B7F704C996FFA8E5E2982A2A86693
                                      SHA-512:8E2FFA93BFDCA6E2B4A362FA85A21963A5C7425DC37C82D0259F522289EC4CFF515DB5899C03887FC0B0F83F4947BFBB97F509C2AC0806F38EBAD2AC46B9A3FB
                                      Malicious:true
                                      Antivirus:
                                      • Antivirus: ReversingLabs, Detection: 4%
                                      Preview: MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L....!.`..............P......N........... ... ....@.. ....................................@.................................h...O.... ..hK..........................0................................................ ............... ..H............text........ ...................... ..`.rsrc...hK... ...L..................@..@.reloc...............6..............@..B........................H...........d<..........x...."...........................................0............(....( .........(.....o!....*.....................("......(#......($......(%......(&....*N..(....oS...('....*&..((....*.s)........s*........s+........s,........s-........*....0...........~....o.....+..*.0...........~....o/....+..*.0...........~....o0....+..*.0...........~....o1....+..*.0...........~....o2....+..*..(3...*6..o4...(5...*&...o6...*.0..............,...+...(7...s8.....*&..(3....*.
                                      C:\Users\user\AppData\Roaming\LNSXWuepjsOA.exe:Zone.Identifier
                                      Process:C:\Users\user\Desktop\#RFQ ORDER484475577797.exe
                                      File Type:ASCII text, with CRLF line terminators
                                      Category:dropped
                                      Size (bytes):26
                                      Entropy (8bit):3.95006375643621
                                      Encrypted:false
                                      SSDEEP:3:ggPYV:rPYV
                                      MD5:187F488E27DB4AF347237FE461A079AD
                                      SHA1:6693BA299EC1881249D59262276A0D2CB21F8E64
                                      SHA-256:255A65D30841AB4082BD9D0EEA79D49C5EE88F56136157D8D6156AEF11C12309
                                      SHA-512:89879F237C0C051EBE784D0690657A6827A312A82735DA42DAD5F744D734FC545BEC9642C19D14C05B2F01FF53BC731530C92F7327BB7DC9CDE1B60FB21CD64E
                                      Malicious:false
                                      Preview: [ZoneTransfer]....ZoneId=0
                                      C:\Users\user\Documents\20210609\PowerShell_transcript.138727.QzgMIEIQ.20210609060115.txt
                                      Process:C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
                                      File Type:UTF-8 Unicode (with BOM) text, with CRLF line terminators
                                      Category:dropped
                                      Size (bytes):5797
                                      Entropy (8bit):5.415713008653414
                                      Encrypted:false
                                      SSDEEP:96:BZ+hENktqDo1ZzZ3PhENktqDo1ZddsWUjZrhENktqDo1Z7BEEFZy:S
                                      MD5:CA824DEAD6121491D79217A2C39FD399
                                      SHA1:73BCD105A1A14FCF1C1A4EDC38D649DA14D553AC
                                      SHA-256:43ECA14E267592783142ED5926C122025770383F743E346BD2D9D64AEA5A87EF
                                      SHA-512:4B1EC19081DAAB57743D001801B43ECD5A7D4CA74750C448B5853D577E49C065EE64F05637221BCE1F489A0B080B7EE86E119B39FD32C0A5340728E41837D165
                                      Malicious:false
                                      Preview: .**********************..Windows PowerShell transcript start..Start time: 20210609060141..Username: computer\user..RunAs User: computer\user..Configuration Name: ..Machine: 138727 (Microsoft Windows NT 10.0.17134.0)..Host Application: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe Add-MpPreference -ExclusionPath C:\Users\user\AppData\Roaming\LNSXWuepjsOA.exe..Process ID: 6052..PSVersion: 5.1.17134.1..PSEdition: Desktop..PSCompatibleVersions: 1.0, 2.0, 3.0, 4.0, 5.0, 5.1.17134.1..BuildVersion: 10.0.17134.1..CLRVersion: 4.0.30319.42000..WSManStackVersion: 3.0..PSRemotingProtocolVersion: 2.3..SerializationVersion: 1.1.0.1..**********************..**********************..Command start time: 20210609060141..**********************..PS>Add-MpPreference -ExclusionPath C:\Users\user\AppData\Roaming\LNSXWuepjsOA.exe..**********************..Windows PowerShell transcript start..Start time: 20210609060805..Username: computer\user..RunAs User: computer\
                                      C:\Users\user\Documents\20210609\PowerShell_transcript.138727.X6ZuAXXc.20210609060117.txt
                                      Process:C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
                                      File Type:UTF-8 Unicode (with BOM) text, with CRLF line terminators
                                      Category:dropped
                                      Size (bytes):5797
                                      Entropy (8bit):5.417979553216565
                                      Encrypted:false
                                      SSDEEP:96:BZ4hENmyqDo1Z4ZlhENmyqDo1ZxsWUjZ/hENmyqDo1ZkBEEhZa:oFz2
                                      MD5:5A7AD0849A4D8940ECB0224D99ED685F
                                      SHA1:BEFB48FDC96A6843CFDBEAB178B4ABAFF24440CF
                                      SHA-256:FDF27A85345399236C5F8069C8071016A0FCA637B4FBAFB49D1F88DCE305A73A
                                      SHA-512:0E0765D188913C6A020A32490E71621DE1B43820F5701D30DA838F6456EF5D448F862F1F958DFAE9A836D1CBDE503162A322015E6887035E5D1C14600F9050AF
                                      Malicious:false
                                      Preview: .**********************..Windows PowerShell transcript start..Start time: 20210609060143..Username: computer\user..RunAs User: computer\user..Configuration Name: ..Machine: 138727 (Microsoft Windows NT 10.0.17134.0)..Host Application: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe Add-MpPreference -ExclusionPath C:\Users\user\AppData\Roaming\LNSXWuepjsOA.exe..Process ID: 3292..PSVersion: 5.1.17134.1..PSEdition: Desktop..PSCompatibleVersions: 1.0, 2.0, 3.0, 4.0, 5.0, 5.1.17134.1..BuildVersion: 10.0.17134.1..CLRVersion: 4.0.30319.42000..WSManStackVersion: 3.0..PSRemotingProtocolVersion: 2.3..SerializationVersion: 1.1.0.1..**********************..**********************..Command start time: 20210609060144..**********************..PS>Add-MpPreference -ExclusionPath C:\Users\user\AppData\Roaming\LNSXWuepjsOA.exe..**********************..Windows PowerShell transcript start..Start time: 20210609060656..Username: computer\user..RunAs User: computer\
                                      C:\Users\user\Documents\20210609\PowerShell_transcript.138727.sxkKCi0R.20210609060114.txt
                                      Process:C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
                                      File Type:UTF-8 Unicode (with BOM) text, with CRLF line terminators
                                      Category:dropped
                                      Size (bytes):3587
                                      Entropy (8bit):5.41331628562482
                                      Encrypted:false
                                      SSDEEP:96:BZahENfeqDo1ZlOhZchENfeqDo1ZWqHBW0cBW0cBW0UZn:nk2GWFWFWl
                                      MD5:5CA658B9BC39C8A62F3C84EDB61C78AA
                                      SHA1:4975C9EC7BD674BEF41B9B330E4419DCCD4C4A94
                                      SHA-256:D444FE345A5D102C2962A23E9DB454FE43FC90945C5F16EA144961C549B445CA
                                      SHA-512:E95C7BD3A3982E643E6752D954905B17CCE040EA64C8C6581DF9F53B64ECD87BE194BE3ABE31A98C9E8F5A9F2B6F102F770817C9C1B303588F8082FF4D7EE602
                                      Malicious:false
                                      Preview: .**********************..Windows PowerShell transcript start..Start time: 20210609060134..Username: computer\user..RunAs User: computer\user..Configuration Name: ..Machine: 138727 (Microsoft Windows NT 10.0.17134.0)..Host Application: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe Add-MpPreference -ExclusionPath C:\Users\user\Desktop\#RFQ ORDER484475577797.exe..Process ID: 5616..PSVersion: 5.1.17134.1..PSEdition: Desktop..PSCompatibleVersions: 1.0, 2.0, 3.0, 4.0, 5.0, 5.1.17134.1..BuildVersion: 10.0.17134.1..CLRVersion: 4.0.30319.42000..WSManStackVersion: 3.0..PSRemotingProtocolVersion: 2.3..SerializationVersion: 1.1.0.1..**********************..**********************..Command start time: 20210609060135..**********************..PS>Add-MpPreference -ExclusionPath C:\Users\user\Desktop\#RFQ ORDER484475577797.exe..**********************..Command start time: 20210609060424..**********************..PS>TerminatingError(Add-MpPreference): "A positional parameter

                                      Static File Info

                                      General

                                      File type:PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
                                      Entropy (8bit):7.563112762527505
                                      TrID:
                                      • Win32 Executable (generic) Net Framework (10011505/4) 49.80%
                                      • Win32 Executable (generic) a (10002005/4) 49.75%
                                      • Generic CIL Executable (.NET, Mono, etc.) (73296/58) 0.36%
                                      • Windows Screen Saver (13104/52) 0.07%
                                      • Generic Win/DOS Executable (2004/3) 0.01%
                                      File name:#RFQ ORDER484475577797.exe
                                      File size:800768
                                      MD5:18e38261e8ea6ae0077c5448f809ccb6
                                      SHA1:bbfaf42987014ba9571c75d1982843d7ad7155ac
                                      SHA256:3cb5c285d5e7f163c9764ef3e99467f5460b7f704c996ffa8e5e2982a2a86693
                                      SHA512:8e2ffa93bfdca6e2b4a362fa85a21963a5c7425dc37c82d0259f522289ec4cff515db5899c03887fc0b0f83f4947bfbb97f509c2ac0806f38ebad2ac46b9a3fb
                                      SSDEEP:12288:qB4w15tyPvHv4nO1eklMV40J4o9MBfpXjgp6PSPxM6Grfs768VN21zX4y8:qY4O1ekULCXgp6PSPxMtE768VN2J
                                      File Content Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L....!.`..............P......N........... ... ....@.. ....................................@................................

                                      File Icon

                                      Icon Hash:b6f8c8dccce06110

                                      Static PE Info

                                      General

                                      Entrypoint:0x4c07ba
                                      Entrypoint Section:.text
                                      Digitally signed:false
                                      Imagebase:0x400000
                                      Subsystem:windows gui
                                      Image File Characteristics:32BIT_MACHINE, EXECUTABLE_IMAGE
                                      DLL Characteristics:NO_SEH, TERMINAL_SERVER_AWARE, DYNAMIC_BASE, NX_COMPAT
                                      Time Stamp:0x60C021FC [Wed Jun 9 02:05:48 2021 UTC]
                                      TLS Callbacks:
                                      CLR (.Net) Version:v4.0.30319
                                      OS Version Major:4
                                      OS Version Minor:0
                                      File Version Major:4
                                      File Version Minor:0
                                      Subsystem Version Major:4
                                      Subsystem Version Minor:0
                                      Import Hash:f34d5f2d4577ed6d9ceec516c1f5a744

                                      Entrypoint Preview

                                      Instruction
                                      jmp dword ptr [00402000h]
                                      add byte ptr [eax], al
                                      add byte ptr [eax], al
                                      add byte ptr [eax], al
                                      add byte ptr [eax], al
                                      add byte ptr [eax], al
                                      add byte ptr [eax], al
                                      add byte ptr [eax], al
                                      add byte ptr [eax], al
                                      add byte ptr [eax], al
                                      add byte ptr [eax], al
                                      add byte ptr [eax], al
                                      add byte ptr [eax], al
                                      add byte ptr [eax], al
                                      add byte ptr [eax], al
                                      add byte ptr [eax], al
                                      add byte ptr [eax], al
                                      add byte ptr [eax], al
                                      add byte ptr [eax], al
                                      add byte ptr [eax], al
                                      add byte ptr [eax], al
                                      add byte ptr [eax], al
                                      add byte ptr [eax], al
                                      add byte ptr [eax], al
                                      add byte ptr [eax], al
                                      add byte ptr [eax], al
                                      add byte ptr [eax], al
                                      add byte ptr [eax], al
                                      add byte ptr [eax], al
                                      add byte ptr [eax], al
                                      add byte ptr [eax], al
                                      add byte ptr [eax], al
                                      add byte ptr [eax], al
                                      add byte ptr [eax], al
                                      add byte ptr [eax], al
                                      add byte ptr [eax], al
                                      add byte ptr [eax], al
                                      add byte ptr [eax], al
                                      add byte ptr [eax], al
                                      add byte ptr [eax], al
                                      add byte ptr [eax], al
                                      add byte ptr [eax], al
                                      add byte ptr [eax], al
                                      add byte ptr [eax], al
                                      add byte ptr [eax], al
                                      add byte ptr [eax], al
                                      add byte ptr [eax], al
                                      add byte ptr [eax], al
                                      add byte ptr [eax], al
                                      add byte ptr [eax], al
                                      add byte ptr [eax], al
                                      add byte ptr [eax], al
                                      add byte ptr [eax], al
                                      add byte ptr [eax], al
                                      add byte ptr [eax], al
                                      add byte ptr [eax], al
                                      add byte ptr [eax], al
                                      add byte ptr [eax], al
                                      add byte ptr [eax], al
                                      add byte ptr [eax], al
                                      add byte ptr [eax], al
                                      add byte ptr [eax], al
                                      add byte ptr [eax], al
                                      add byte ptr [eax], al
                                      add byte ptr [eax], al
                                      add byte ptr [eax], al
                                      add byte ptr [eax], al
                                      add byte ptr [eax], al
                                      add byte ptr [eax], al
                                      add byte ptr [eax], al
                                      add byte ptr [eax], al
                                      add byte ptr [eax], al
                                      add byte ptr [eax], al
                                      add byte ptr [eax], al
                                      add byte ptr [eax], al
                                      add byte ptr [eax], al
                                      add byte ptr [eax], al
                                      add byte ptr [eax], al
                                      add byte ptr [eax], al
                                      add byte ptr [eax], al
                                      add byte ptr [eax], al
                                      add byte ptr [eax], al
                                      add byte ptr [eax], al
                                      add byte ptr [eax], al
                                      add byte ptr [eax], al
                                      add byte ptr [eax], al
                                      add byte ptr [eax], al
                                      add byte ptr [eax], al
                                      add byte ptr [eax], al
                                      add byte ptr [eax], al
                                      add byte ptr [eax], al
                                      add byte ptr [eax], al
                                      add byte ptr [eax], al
                                      add byte ptr [eax], al
                                      add byte ptr [eax], al
                                      add byte ptr [eax], al
                                      add byte ptr [eax], al
                                      add byte ptr [eax], al

                                      Data Directories

                                      NameVirtual AddressVirtual Size Is in Section
                                      IMAGE_DIRECTORY_ENTRY_EXPORT0x00x0
                                      IMAGE_DIRECTORY_ENTRY_IMPORT0xc07680x4f.text
                                      IMAGE_DIRECTORY_ENTRY_RESOURCE0xc20000x4b68.rsrc
                                      IMAGE_DIRECTORY_ENTRY_EXCEPTION0x00x0
                                      IMAGE_DIRECTORY_ENTRY_SECURITY0x00x0
                                      IMAGE_DIRECTORY_ENTRY_BASERELOC0xc80000xc.reloc
                                      IMAGE_DIRECTORY_ENTRY_DEBUG0xc06300x1c.text
                                      IMAGE_DIRECTORY_ENTRY_COPYRIGHT0x00x0
                                      IMAGE_DIRECTORY_ENTRY_GLOBALPTR0x00x0
                                      IMAGE_DIRECTORY_ENTRY_TLS0x00x0
                                      IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG0x00x0
                                      IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT0x00x0
                                      IMAGE_DIRECTORY_ENTRY_IAT0x20000x8.text
                                      IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT0x00x0
                                      IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR0x20080x48.text
                                      IMAGE_DIRECTORY_ENTRY_RESERVED0x00x0

                                      Sections

                                      NameVirtual AddressVirtual SizeRaw SizeXored PEZLIB ComplexityFile TypeEntropyCharacteristics
                                      .text0x20000xbe7c00xbe800False0.817270033629data7.61659853966IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_READ
                                      .rsrc0xc20000x4b680x4c00False0.469161184211data4.53099175809IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
                                      .reloc0xc80000xc0x200False0.041015625data0.0776331623432IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_DISCARDABLE, IMAGE_SCN_MEM_READ

                                      Resources

                                      NameRVASizeTypeLanguageCountry
                                      RT_ICON0xc21600x25a8dBase III DBT, version number 0, next free block index 40
                                      RT_ICON0xc47180x10a8data
                                      RT_ICON0xc57d00x988dBase III DBT, version number 0, next free block index 40
                                      RT_ICON0xc61680x468GLS_BINARY_LSB_FIRST
                                      RT_GROUP_ICON0xc65e00x3edata
                                      RT_VERSION0xc66300x338data
                                      RT_MANIFEST0xc69780x1eaXML 1.0 document, UTF-8 Unicode (with BOM) text, with CRLF line terminators

                                      Imports

                                      DLLImport
                                      mscoree.dll_CorExeMain

                                      Version Infos

                                      DescriptionData
                                      Translation0x0000 0x04b0
                                      LegalCopyrightCopyright Kanal 2 2012
                                      Assembly Version2.0.0.0
                                      InternalNameGuidStyles.exe
                                      FileVersion2.0.0.0
                                      CompanyNameKanal 2
                                      LegalTrademarks
                                      Comments
                                      ProductNameeg2012
                                      ProductVersion2.0.0.0
                                      FileDescriptioneg2012
                                      OriginalFilenameGuidStyles.exe

                                      Network Behavior

                                      Network Port Distribution

                                      TCP Packets

                                      TimestampSource PortDest PortSource IPDest IP
                                      Jun 9, 2021 06:01:23.657923937 CEST497241604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:23.909126043 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:23.910470009 CEST497241604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:24.001805067 CEST497241604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:24.272228956 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:24.289108038 CEST497241604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:24.544272900 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:24.586102962 CEST497241604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:24.597913027 CEST497241604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:24.904112101 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:24.904311895 CEST497241604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:24.922751904 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:24.923223019 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:24.923409939 CEST497241604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:24.924278021 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:24.924470901 CEST497241604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:24.925234079 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:24.925379038 CEST497241604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:25.201769114 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:25.201817036 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:25.201967001 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:25.202028036 CEST497241604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:25.202506065 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:25.202531099 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:25.202605009 CEST497241604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:25.204250097 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:25.204279900 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:25.204344034 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:25.206068993 CEST497241604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:25.481287003 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:25.481332064 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:25.481389046 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:25.481440067 CEST497241604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:25.482259989 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:25.482340097 CEST497241604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:25.483195066 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:25.483230114 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:25.483298063 CEST497241604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:25.485656977 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:25.485688925 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:25.485765934 CEST497241604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:25.485794067 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:25.486406088 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:25.486483097 CEST497241604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:25.487308025 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:25.487389088 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:25.491221905 CEST497241604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:25.505601883 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:25.505738974 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:25.505923033 CEST497241604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:25.507271051 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:25.509533882 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:25.509803057 CEST497241604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:25.587065935 CEST497241604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:25.753612995 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:25.753657103 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:25.753766060 CEST497241604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:25.755264044 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:25.755295038 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:25.755381107 CEST497241604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:25.756509066 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:25.756591082 CEST497241604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:25.757268906 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:25.757353067 CEST497241604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:25.759304047 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:25.759335995 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:25.759421110 CEST497241604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:25.761343956 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:25.761426926 CEST497241604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:25.763221025 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:25.763252974 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:25.763333082 CEST497241604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:25.765229940 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:25.765261889 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:25.765300035 CEST497241604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:25.765362978 CEST497241604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:25.787883043 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:25.788768053 CEST497241604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:25.802500963 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:25.802546024 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:25.802592039 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:25.802623034 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:25.802659988 CEST497241604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:25.802664995 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:25.802691936 CEST497241604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:25.802705050 CEST497241604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:25.802711964 CEST497241604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:25.802711964 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:25.802759886 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:25.802798033 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:25.802803040 CEST497241604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:25.802829981 CEST497241604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:25.802845001 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:25.802881002 CEST497241604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:25.802891016 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:25.802905083 CEST497241604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:25.802938938 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:25.802947044 CEST497241604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:25.802983999 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:25.803004026 CEST497241604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:25.803059101 CEST497241604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:25.805223942 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:25.805258036 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:25.805342913 CEST497241604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:25.826001883 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:25.826174021 CEST497241604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:25.826344013 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:25.826425076 CEST497241604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:25.828737974 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:25.828772068 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:25.828857899 CEST497241604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:25.876449108 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:26.040472984 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:26.041222095 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:26.041266918 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:26.041318893 CEST497241604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:26.042238951 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:26.042279005 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:26.042439938 CEST497241604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:26.044589996 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:26.044694901 CEST497241604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:26.045269012 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:26.045309067 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:26.045634985 CEST497241604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:26.046175957 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:26.047235012 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:26.047265053 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:26.047338963 CEST497241604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:26.064203978 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:26.065319061 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:26.065438986 CEST497241604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:26.066113949 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:26.066900969 CEST497241604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:26.068281889 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:26.077343941 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:26.077387094 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:26.077433109 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:26.077466965 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:26.077491045 CEST497241604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:26.077512026 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:26.077516079 CEST497241604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:26.077559948 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:26.077626944 CEST497241604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:26.078157902 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:26.078234911 CEST497241604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:26.080291033 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:26.081244946 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:26.082629919 CEST497241604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:26.083224058 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:26.084307909 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:26.085578918 CEST497241604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:26.104306936 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:26.105149031 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:26.106925011 CEST497241604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:26.107256889 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:26.108247995 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:26.108334064 CEST497241604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:26.110270977 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:26.111217022 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:26.111310005 CEST497241604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:26.113152981 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:26.122169018 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:26.122211933 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:26.122241974 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:26.122271061 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:26.122309923 CEST497241604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:26.122313976 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:26.122342110 CEST497241604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:26.122363091 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:26.122431040 CEST497241604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:26.124180079 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:26.124753952 CEST497241604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:26.125132084 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:26.145250082 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:26.145365953 CEST497241604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:26.146184921 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:26.148191929 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:26.149172068 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:26.149264097 CEST497241604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:26.151273966 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:26.152159929 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:26.152235985 CEST497241604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:26.154237986 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:26.154311895 CEST497241604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:26.155255079 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:26.157433033 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:26.157505989 CEST497241604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:26.158164978 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:26.211225986 CEST497241604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:26.304321051 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:26.306299925 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:26.306386948 CEST497241604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:26.307136059 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:26.308130980 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:26.308427095 CEST497241604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:26.309148073 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:26.310635090 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:26.312278986 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:26.312360048 CEST497241604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:26.314172983 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:26.314300060 CEST497241604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:26.315572023 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:26.316184998 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:26.317208052 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:26.317852020 CEST497241604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:26.319168091 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:26.319340944 CEST497241604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:26.320208073 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:26.325201035 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:26.325378895 CEST497241604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:26.353590012 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:26.354351997 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:26.355964899 CEST497241604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:26.356374025 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:26.358292103 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:26.358757019 CEST497241604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:26.367465973 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:26.367515087 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:26.367543936 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:26.367577076 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:26.367615938 CEST497241604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:26.367672920 CEST497241604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:26.367676020 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:26.384423018 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:26.385931969 CEST497241604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:26.386408091 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:26.388222933 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:26.388999939 CEST497241604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:26.389429092 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:26.393476009 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:26.394336939 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:26.394462109 CEST497241604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:26.396399021 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:26.397206068 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:26.397259951 CEST497241604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:26.399369955 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:26.399472952 CEST497241604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:26.400361061 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:26.402996063 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:26.403151035 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:26.404990911 CEST497241604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:26.405317068 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:26.405508995 CEST497241604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:26.424480915 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:26.426409960 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:26.426582098 CEST497241604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:26.427203894 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:26.429368973 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:26.429594994 CEST497241604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:26.430413008 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:26.432334900 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:26.432456970 CEST497241604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:26.433733940 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:26.435400963 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:26.435920954 CEST497241604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:26.436319113 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:26.438724041 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:26.439333916 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:26.440357924 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:26.440443039 CEST497241604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:26.440864086 CEST497241604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:26.442332983 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:26.472636938 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:26.474973917 CEST497241604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:26.560920954 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:26.560983896 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:26.561155081 CEST497241604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:26.562254906 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:26.562288046 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:26.562431097 CEST497241604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:26.586016893 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:26.592504978 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:26.593722105 CEST497241604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:26.593738079 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:26.595376968 CEST497241604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:26.602313042 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:26.602349043 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:26.602376938 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:26.602406025 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:26.602463007 CEST497241604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:26.602502108 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:26.602538109 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:26.602545023 CEST497241604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:26.602585077 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:26.602655888 CEST497241604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:26.603508949 CEST497241604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:26.648410082 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:26.648479939 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:26.648514032 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:26.648567915 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:26.648611069 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:26.648637056 CEST497241604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:26.648664951 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:26.648683071 CEST497241604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:26.648789883 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:26.648844004 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:26.648850918 CEST497241604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:26.648875952 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:26.648925066 CEST497241604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:26.648930073 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:26.648962021 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:26.649008989 CEST497241604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:26.649096966 CEST497241604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:26.650418043 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:26.650681973 CEST497241604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:26.680757999 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:26.680820942 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:26.680854082 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:26.680917978 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:26.680911064 CEST497241604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:26.680951118 CEST497241604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:26.680983067 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:26.680984020 CEST497241604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:26.681022882 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:26.681082010 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:26.681098938 CEST497241604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:26.681130886 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:26.681138992 CEST497241604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:26.681154966 CEST497241604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:26.681221962 CEST497241604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:26.681284904 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:26.681391001 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:26.681444883 CEST497241604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:26.681457043 CEST497241604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:26.681536913 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:26.681632042 CEST497241604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:26.681642056 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:26.681777954 CEST497241604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:26.686820030 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:26.686852932 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:26.686907053 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:26.687032938 CEST497241604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:26.689970970 CEST497241604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:26.712260962 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:26.712392092 CEST497241604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:26.713428020 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:26.715111017 CEST497241604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:26.715786934 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:26.715926886 CEST497241604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:26.716424942 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:26.716516972 CEST497241604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:26.718307018 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:26.718338966 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:26.718404055 CEST497241604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:26.719316959 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:26.720602036 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:26.720772982 CEST497241604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:26.722450018 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:26.723469019 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:26.723582983 CEST497241604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:26.724354029 CEST497241604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:26.802597046 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:26.803777933 CEST497241604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:26.811336040 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:26.811369896 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:26.811425924 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:26.811508894 CEST497241604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:26.811577082 CEST497241604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:26.864253044 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:26.865207911 CEST160449724194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:26.866429090 CEST497241604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:30.619973898 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:30.869246960 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:30.869414091 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:30.917892933 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:31.184212923 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:31.184577942 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:31.432439089 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:31.433723927 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:31.752598047 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:31.752774954 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:31.753931999 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:31.754040003 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:31.754959106 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:31.755045891 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:31.755301952 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:31.755374908 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:32.025248051 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:32.025424957 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:32.026312113 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:32.026532888 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:32.027234077 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:32.027318954 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:32.028830051 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:32.028983116 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:32.029153109 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:32.029493093 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:32.030139923 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:32.030328989 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:32.288759947 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:32.288817883 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:32.288856983 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:32.288892984 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:32.288922071 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:32.288942099 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:32.288965940 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:32.288985968 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:32.289025068 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:32.289038897 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:32.289066076 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:32.289103985 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:32.289140940 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:32.289158106 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:32.289187908 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:32.305267096 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:32.306190968 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:32.306277990 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:32.308206081 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:32.310158014 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:32.310239077 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:32.311361074 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:32.312227964 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:32.312290907 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:32.560476065 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:32.560520887 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:32.560559034 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:32.560595989 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:32.560642958 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:32.560647964 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:32.560688972 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:32.564233065 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:32.564357996 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:32.565233946 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:32.565263033 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:32.565335989 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:32.566353083 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:32.566394091 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:32.566440105 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:32.566483021 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:32.566513062 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:32.566523075 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:32.566554070 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:32.566555023 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:32.566632986 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:32.584263086 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:32.586271048 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:32.586364031 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:32.587733030 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:32.588593960 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:32.589195967 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:32.589251041 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:32.590218067 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:32.590307951 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:32.591203928 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:32.592705011 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:32.594317913 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:32.594440937 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:32.595277071 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:32.596472979 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:32.596631050 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:32.597755909 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:32.598567963 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:32.599139929 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:32.600272894 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:32.600455999 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:32.601222992 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:32.602663994 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:32.602780104 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:32.604542017 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:32.605238914 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:32.605310917 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:32.619527102 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:32.826427937 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:32.826495886 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:32.826589108 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:32.826591015 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:32.826668978 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:32.827312946 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:32.827356100 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:32.827425957 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:32.828583002 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:32.828891993 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:32.829201937 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:32.829252958 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:32.829267979 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:32.829349041 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:32.830265045 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:32.831639051 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:32.835179090 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:32.837923050 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:32.838002920 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:32.838136911 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:32.838195086 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:32.838362932 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:32.838429928 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:32.838582993 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:32.838613033 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:32.838644981 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:32.838660002 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:32.838691950 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:32.840802908 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:32.840881109 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:32.841279984 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:32.841335058 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:32.841347933 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:32.841382027 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:32.842297077 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:32.842376947 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:32.843647003 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:32.843734026 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:32.844182014 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:32.844247103 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:32.845082998 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:32.845150948 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:32.849554062 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:32.849580050 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:32.849677086 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:32.864461899 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:32.864571095 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:32.865261078 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:32.865473032 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:32.866225958 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:32.866318941 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:32.867633104 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:32.868985891 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:32.873291016 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:32.874882936 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:32.875323057 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:32.875457048 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:32.875739098 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:32.875812054 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:32.876183033 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:32.876363993 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:32.877340078 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:32.878135920 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:32.878273964 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:32.878535986 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:32.879244089 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:32.880942106 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:32.881028891 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:32.881109953 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:32.881165981 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:32.882384062 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:32.882474899 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:32.883219957 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:32.883296967 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:32.884259939 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:32.884324074 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:32.885858059 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:32.887149096 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:32.906466961 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:32.906584024 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:32.912188053 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:32.912245035 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:32.912281990 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:32.912328959 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:32.912331104 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:32.912363052 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:32.912405014 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:32.912439108 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:32.912446976 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:32.912476063 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:32.912487984 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:32.912503958 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:32.912549019 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:32.915199995 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.072419882 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.073184967 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.073626995 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:33.074235916 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.074402094 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.074493885 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:33.075293064 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.076303959 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.076399088 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:33.077291012 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.078707933 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.080466986 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:33.105284929 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.112401962 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.112559080 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:33.113672018 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.114279032 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.115242004 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.115509987 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:33.116225958 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.116332054 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:33.117311001 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.118609905 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.118767977 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.118856907 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:33.119302988 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.119458914 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:33.120270014 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.122270107 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.122358084 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:33.123569965 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.124213934 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.124298096 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:33.125099897 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.144573927 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.144864082 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:33.145215988 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.146220922 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.147140026 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.147249937 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:33.148240089 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.148538113 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:33.149234056 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.150202990 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.150285959 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:33.151212931 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.152350903 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.153242111 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.153701067 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:33.154223919 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.154314995 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:33.156213999 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.156236887 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.156316042 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:33.157145023 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.158122063 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.158986092 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:33.159226894 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.160294056 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.160432100 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:33.161269903 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.162257910 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.162461996 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:33.163295031 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.264194965 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.264225006 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.264314890 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.264347076 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.264353991 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:33.264365911 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.264385939 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.264393091 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:33.264405966 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.264425039 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:33.264509916 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:33.352346897 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.353187084 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.353313923 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.353369951 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:33.354392052 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.354470968 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:33.360289097 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.361074924 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.361124992 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.361154079 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:33.362592936 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.363137007 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:33.392488003 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.393202066 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.394697905 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.394745111 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.394906998 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:33.395240068 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.396162033 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.396266937 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:33.397144079 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.397270918 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.397382021 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:33.398202896 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.399554014 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.399970055 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:33.400245905 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.400309086 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.400398970 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:33.401211023 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.402421951 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.402565956 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:33.404684067 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.405051947 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.405145884 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:33.424367905 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.425138950 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.425312042 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:33.426117897 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.427086115 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.427215099 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:33.428646088 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.429541111 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.430120945 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.430423975 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:33.432147026 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.432535887 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:33.433063984 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.442172050 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.442203045 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.442241907 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.442266941 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.442291975 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.442306995 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:33.442316055 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.442326069 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:33.442342043 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.442367077 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.442384005 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:33.442428112 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:33.443291903 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.443422079 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:33.517492056 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.518285036 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.519177914 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.519331932 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:33.520648003 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.521678925 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.522114992 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:33.530410051 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.530467987 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.530570030 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:33.531807899 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.535387039 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:33.587579012 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:33.753278971 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.753717899 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.753793955 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:33.753833055 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:33.754162073 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.754231930 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:33.754246950 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.754331112 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:33.760668993 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.760818958 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:33.761265039 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.761348963 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:33.770492077 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.770529985 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.770590067 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.770621061 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.770627975 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:33.770665884 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.770719051 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:33.776441097 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:33.784733057 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.785295963 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.785403013 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:33.786345005 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.787156105 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.787194014 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:33.787240982 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:33.788239956 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.788321972 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:33.790299892 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.791230917 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.791263103 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.791273117 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:33.791321039 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:33.792217016 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.792711973 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:33.793123960 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.794655085 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.795198917 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:33.796287060 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.796901941 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:33.797231913 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.797363043 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:33.798341036 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.798394918 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:33.799787998 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.800204992 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.800297022 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:33.801315069 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.802220106 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.802297115 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:33.803587914 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.804502964 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:33.805160046 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.805252075 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:33.824356079 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.824529886 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:33.825233936 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.825457096 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:33.826306105 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.827325106 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.827657938 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:33.829216003 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.830147028 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.830236912 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:33.831293106 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.831845045 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:33.832180023 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.832263947 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:33.833803892 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.833865881 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:33.834356070 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.834470034 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:33.836131096 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.837369919 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.838711977 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.838717937 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:33.839268923 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.839289904 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:33.839319944 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:33.840296984 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.841181993 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:33.842173100 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.842277050 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:33.843952894 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.844088078 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:33.844285965 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.844367981 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:33.845262051 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.845340014 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:33.864468098 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.865684032 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:33.866136074 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.866215944 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:33.867178917 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.868302107 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.868388891 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:33.869358063 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.870222092 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.870245934 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:33.870285034 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:33.872242928 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.873255968 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.873353958 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:33.874233007 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.875237942 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:33.875336885 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.875957012 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:33.877219915 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.877286911 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:33.878274918 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.878351927 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:33.879249096 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.879643917 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:33.880179882 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.881397963 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.881428957 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:33.881515980 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:33.882261038 CEST160449725194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:33.883650064 CEST497251604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:37.604602098 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:37.842205048 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:37.843714952 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:38.000895023 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:38.275064945 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:38.278043032 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:38.543279886 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:38.587404013 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:38.588980913 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:38.880193949 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:38.944407940 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:38.945146084 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:38.945318937 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:38.947293043 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:38.949440002 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:38.949558973 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:39.198473930 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:39.199331999 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:39.199403048 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:39.200129032 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:39.200197935 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:39.201744080 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:39.201800108 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:39.201822996 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:39.201860905 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:39.223906040 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:39.223968029 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:39.224282026 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:39.224345922 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:39.225255013 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:39.225320101 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:39.227828979 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:39.227999926 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:39.465167999 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:39.465893984 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:39.466068983 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:39.466240883 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:39.466265917 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:39.466332912 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:39.467171907 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:39.468127012 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:39.468210936 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:39.469182014 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:39.470205069 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:39.470273018 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:39.474962950 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:39.475011110 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:39.475049973 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:39.475120068 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:39.477029085 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:39.477097034 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:39.477977991 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:39.478912115 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:39.479012012 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:39.479609013 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:39.479651928 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:39.479729891 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:39.720999956 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:39.722048998 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:39.722150087 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:39.722201109 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:39.722946882 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:39.723012924 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:39.723082066 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:39.723248005 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:39.723331928 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:39.723594904 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:39.726624012 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:39.726701975 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:39.751347065 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:39.752391100 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:39.752492905 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:39.753221989 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:39.754187107 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:39.754272938 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:39.755388021 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:39.756189108 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:39.756269932 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:39.757271051 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:39.758107901 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:39.758189917 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:39.759238958 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:39.760276079 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:39.760348082 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:39.761214018 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:39.762236118 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:39.762312889 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:39.763228893 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:39.783298016 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:39.783446074 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:39.784235954 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:39.786124945 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:39.786216974 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:39.788285017 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:39.789474964 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:39.789549112 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:39.791204929 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:39.801081896 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:39.801193953 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:39.801255941 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:39.801312923 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:39.801367044 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:39.801394939 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:39.801440001 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:39.801491976 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:39.932501078 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:39.991292953 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:39.991343975 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:39.991429090 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:39.991485119 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:39.993156910 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:39.993292093 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:39.994178057 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:39.994220972 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:39.994287968 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:39.994319916 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:39.995033026 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:39.995125055 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:39.995974064 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:39.996428013 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:39.997072935 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:39.997113943 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:39.997180939 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:39.997237921 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:39.998075962 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:39.998116970 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:39.998168945 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:39.998203039 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:39.999161959 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:39.999243975 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:40.000049114 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.000129938 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:40.001965046 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.002070904 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:40.003273964 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.003519058 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:40.004126072 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.004208088 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:40.030211926 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.030318022 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:40.031193018 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.031307936 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:40.032007933 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.032114983 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:40.033126116 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.033225060 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:40.035037041 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.035207987 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:40.036104918 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.036180019 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:40.037056923 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.037123919 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:40.038178921 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.038245916 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:40.039165974 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.039242983 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:40.040131092 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.040200949 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:40.041098118 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.041155100 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:40.042128086 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.042196035 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:40.043180943 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.043257952 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:40.063458920 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.063564062 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:40.064265966 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.064340115 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:40.066332102 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.066472054 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:40.067374945 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.067593098 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:40.069312096 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.069399118 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:40.070156097 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.070221901 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:40.072133064 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.072232008 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:40.073137999 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.073221922 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:40.083304882 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.083327055 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.083338976 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.083350897 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.083363056 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.083425045 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:40.083436966 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.083466053 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:40.083482981 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:40.104602098 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.104629040 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.104726076 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:40.104773998 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:40.106106043 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.106201887 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:40.108288050 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.108383894 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:40.111224890 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.111249924 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.111335039 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:40.113189936 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.113277912 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:40.115575075 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.115667105 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:40.223072052 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.279305935 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.279403925 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:40.280298948 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.281115055 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.281188011 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:40.282231092 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.283092976 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.283163071 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.283257961 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:40.284193993 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.284297943 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:40.285202980 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.286222935 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.286309958 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:40.303262949 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.305109024 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.305208921 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:40.306128025 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.308248997 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.308315039 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:40.319195986 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.319240093 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.319277048 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.319314003 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.319320917 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:40.319350958 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.319369078 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:40.320125103 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.320229053 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:40.322208881 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.324224949 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.324310064 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:40.344182014 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.346076012 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.346239090 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:40.347183943 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.349031925 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.349127054 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:40.351241112 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.353180885 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.353259087 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:40.354080915 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.356050968 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.356265068 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:40.358056068 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.360124111 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.360352993 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:40.361148119 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.363075972 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.363182068 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:40.383172989 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.385231972 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.385324955 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:40.386213064 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.388097048 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.390072107 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.390161037 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:40.391179085 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.391292095 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:40.394114017 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.396111965 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.397058010 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.397173882 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:40.399069071 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.399173021 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:40.401518106 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.404371977 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.404454947 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:40.423181057 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.425235033 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.425416946 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:40.426368952 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.428318977 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.428426027 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:40.430051088 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.543311119 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.543569088 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:40.544183969 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.553512096 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.553854942 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:40.554743052 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.554792881 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.554835081 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.554872036 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.554905891 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:40.554912090 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.554923058 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:40.554950953 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.557112932 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:40.563133955 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.563211918 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.563241959 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.563349009 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:40.567195892 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.567333937 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:40.583189964 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.585171938 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.585355997 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:40.587213039 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.596168995 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.596204042 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.596229076 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.596252918 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.596277952 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.596386909 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:40.596436977 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:40.596445084 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:40.679826021 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.679874897 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.679920912 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.679984093 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:40.683054924 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.683108091 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.683209896 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.683285952 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.683346033 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.683357954 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:40.683386087 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.683396101 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:40.683402061 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:40.684226036 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.684307098 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:40.704171896 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.705734968 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.705843925 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:40.707063913 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.708069086 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.708189011 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:40.710663080 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.711163044 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.711266041 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:40.713052988 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.714000940 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.714106083 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:40.716166973 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.718116999 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.718346119 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:40.719080925 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.721084118 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.721237898 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:40.723542929 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.724050045 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.724179029 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:40.744693041 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.746105909 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.747494936 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:40.748142958 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.749114990 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.749407053 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:40.807252884 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.807302952 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.807444096 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:40.831410885 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.833303928 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.833508968 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:40.835272074 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.836180925 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.836275101 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:40.837253094 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.838207960 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.838340044 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:40.840156078 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.841128111 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.841233969 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:40.842358112 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.844172001 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.845206976 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:40.863482952 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.865318060 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.865952015 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:40.866162062 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.868376970 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.868489027 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:40.870100975 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.872230053 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.872327089 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:40.873361111 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.875278950 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.875370979 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:40.877326012 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.878242016 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.878323078 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:40.943319082 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.945158958 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.945240974 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:40.946229935 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.947205067 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.948033094 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:40.951208115 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.952094078 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.953126907 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.953210115 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:40.955189943 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.955286980 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:40.956139088 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.956971884 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.957056046 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:40.959197044 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.960016966 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.960186005 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:40.960979939 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.963061094 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.964127064 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.964283943 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:40.980962992 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:40.984205961 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.984308004 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:40.985161066 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.985713005 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:40.990453959 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.990793943 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.990923882 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:40.991718054 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.991833925 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:40.993360043 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.993436098 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:40.994438887 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.994539976 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:40.995573044 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.995654106 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:40.997235060 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.999061108 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:40.999514103 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.999557018 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:40.999623060 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:41.003473997 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:41.004673004 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:41.004774094 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:41.005301952 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:41.005408049 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:41.024141073 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:41.024844885 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:41.033312082 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:41.033354998 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:41.033411980 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:41.033462048 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:41.033463001 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:41.033510923 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:41.033518076 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:41.042202950 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:41.042251110 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:41.042315006 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:41.042341948 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:41.042414904 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:41.042427063 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:41.042469978 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:41.042480946 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:41.042489052 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:41.042496920 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:41.042789936 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:41.043184996 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:41.044483900 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:41.044574976 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:41.045346975 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:41.047147036 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:41.064227104 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:41.064275026 CEST160449732194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:41.064490080 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:41.064539909 CEST497321604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:45.055089951 CEST497331604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:45.306473017 CEST160449733194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:45.306623936 CEST497331604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:45.307147026 CEST497331604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:45.586307049 CEST160449733194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:45.586620092 CEST497331604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:45.852411032 CEST160449733194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:45.978575945 CEST497331604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:46.210580111 CEST497331604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:46.504441977 CEST160449733194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:46.506877899 CEST497331604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:46.829340935 CEST160449733194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:46.872539043 CEST160449733194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:46.872566938 CEST160449733194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:46.872703075 CEST497331604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:46.874443054 CEST160449733194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:46.874466896 CEST160449733194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:46.874525070 CEST497331604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:47.160917997 CEST160449733194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:47.160947084 CEST160449733194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:47.160983086 CEST160449733194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:47.161016941 CEST160449733194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:47.161145926 CEST497331604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:47.161191940 CEST497331604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:47.164288998 CEST160449733194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:47.164382935 CEST160449733194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:47.164417982 CEST160449733194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:47.164433956 CEST160449733194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:47.164510012 CEST497331604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:47.165647984 CEST497331604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:47.428278923 CEST160449733194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:47.432393074 CEST160449733194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:47.432481050 CEST497331604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:47.433429956 CEST160449733194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:47.434987068 CEST160449733194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:47.435051918 CEST497331604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:47.435236931 CEST160449733194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:47.436248064 CEST160449733194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:47.439996004 CEST497331604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:47.446046114 CEST160449733194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:47.446089983 CEST160449733194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:47.446126938 CEST160449733194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:47.446163893 CEST160449733194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:47.446192980 CEST497331604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:47.446202040 CEST160449733194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:47.446222067 CEST497331604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:47.449927092 CEST497331604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:47.450479984 CEST160449733194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:47.450517893 CEST160449733194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:47.450565100 CEST160449733194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:47.450598955 CEST497331604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:47.450632095 CEST497331604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:47.466336966 CEST160449733194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:47.469753981 CEST497331604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:47.469811916 CEST160449733194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:47.469887972 CEST497331604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:47.704377890 CEST160449733194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:47.705288887 CEST497331604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:47.705333948 CEST160449733194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:47.705449104 CEST497331604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:47.706737995 CEST160449733194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:47.706835032 CEST497331604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:47.708889008 CEST160449733194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:47.708966970 CEST497331604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:47.715878010 CEST160449733194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:47.715965033 CEST160449733194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:47.715965033 CEST497331604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:47.716057062 CEST497331604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:47.722219944 CEST160449733194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:47.722270012 CEST160449733194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:47.722299099 CEST160449733194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:47.722341061 CEST497331604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:47.722368002 CEST497331604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:47.722399950 CEST160449733194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:47.722429991 CEST160449733194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:47.722471952 CEST160449733194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:47.722491980 CEST497331604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:47.722518921 CEST160449733194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:47.722523928 CEST497331604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:47.722569942 CEST497331604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:47.723252058 CEST160449733194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:47.723325014 CEST497331604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:47.725172997 CEST160449733194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:47.725253105 CEST497331604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:47.744373083 CEST160449733194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:47.745719910 CEST497331604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:47.746253967 CEST160449733194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:47.746463060 CEST497331604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:47.747770071 CEST160449733194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:47.747828007 CEST497331604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:47.749201059 CEST160449733194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:47.749265909 CEST497331604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:47.750195980 CEST160449733194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:47.751856089 CEST497331604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:51.581101894 CEST497341604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:51.826222897 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:51.826348066 CEST497341604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:51.827162027 CEST497341604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:52.081320047 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:52.092948914 CEST497341604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:52.344310999 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:52.344455957 CEST497341604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:52.632353067 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:52.634224892 CEST497341604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:52.924350023 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:53.000473976 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:53.000502110 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:53.000534058 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:53.000551939 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:53.000591993 CEST497341604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:53.000633955 CEST497341604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:53.264579058 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:53.266472101 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:53.266573906 CEST497341604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:53.267395973 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:53.268337011 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:53.268408060 CEST497341604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:53.269417048 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:53.270396948 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:53.270473957 CEST497341604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:53.272380114 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:53.273428917 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:53.273508072 CEST497341604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:53.333795071 CEST497341604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:53.531018972 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:53.531085014 CEST497341604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:53.531544924 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:53.531614065 CEST497341604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:53.532826900 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:53.532886028 CEST497341604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:53.533190966 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:53.533231974 CEST497341604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:53.544351101 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:53.544493914 CEST497341604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:53.545252085 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:53.545331955 CEST497341604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:53.546546936 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:53.546613932 CEST497341604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:53.549969912 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:53.550072908 CEST497341604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:53.556442022 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:53.556525946 CEST497341604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:53.557629108 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:53.557692051 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:53.557729959 CEST497341604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:53.557749987 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:53.557751894 CEST497341604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:53.557796001 CEST497341604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:53.557806969 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:53.557848930 CEST497341604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:53.561460972 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:53.561530113 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:53.561527014 CEST497341604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:53.561577082 CEST497341604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:53.561585903 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:53.561630964 CEST497341604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:53.625294924 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:53.793250084 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:53.793363094 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:53.793426037 CEST497341604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:53.794477940 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:53.795540094 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:53.795622110 CEST497341604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:53.796380997 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:53.805511951 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:53.805558920 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:53.805578947 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:53.805643082 CEST497341604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:53.805670023 CEST497341604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:53.805676937 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:53.805789948 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:53.805840015 CEST497341604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:53.805865049 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:53.825448036 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:53.825546026 CEST497341604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:53.826493025 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:53.828990936 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:53.829063892 CEST497341604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:53.833978891 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:53.835445881 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:53.835510015 CEST497341604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:53.836534023 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:53.838963985 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:53.839025974 CEST497341604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:53.839425087 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:53.841336966 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:53.841389894 CEST497341604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:53.842387915 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:53.844420910 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:53.844494104 CEST497341604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:53.845370054 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:53.864552975 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:53.864624023 CEST497341604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:53.866414070 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:53.868623972 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:53.868688107 CEST497341604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:53.869421005 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:53.871532917 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:53.871611118 CEST497341604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:53.873481989 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:53.874432087 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:53.874527931 CEST497341604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:53.876543999 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:53.878407001 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:53.878493071 CEST497341604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:53.879260063 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:53.979195118 CEST497341604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:54.067409992 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:54.080511093 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:54.080699921 CEST497341604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:54.081389904 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:54.082283020 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:54.082321882 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:54.082406044 CEST497341604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:54.084363937 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:54.084404945 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:54.084417105 CEST497341604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:54.085417986 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:54.085494995 CEST497341604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:54.090823889 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:54.090854883 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:54.090872049 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:54.090958118 CEST497341604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:54.104501963 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:54.104561090 CEST497341604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:54.106460094 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:54.107353926 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:54.107418060 CEST497341604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:54.109565973 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:54.110409021 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:54.110483885 CEST497341604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:54.112438917 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:54.114058971 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:54.114193916 CEST497341604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:54.115323067 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:54.116419077 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:54.116492033 CEST497341604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:54.118360996 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:54.120066881 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:54.120148897 CEST497341604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:54.121402025 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:54.122338057 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:54.122406960 CEST497341604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:54.124752998 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:54.144817114 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:54.144994974 CEST497341604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:54.146343946 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:54.147330999 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:54.147440910 CEST497341604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:54.150085926 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:54.151318073 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:54.151432991 CEST497341604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:54.152327061 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:54.154890060 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:54.154954910 CEST497341604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:54.156496048 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:54.158421040 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:54.158521891 CEST497341604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:54.159817934 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:54.161596060 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:54.161943913 CEST497341604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:54.163414001 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:54.164732933 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:54.164808989 CEST497341604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:54.184899092 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:54.186431885 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:54.186531067 CEST497341604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:54.187310934 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:54.188364029 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:54.188476086 CEST497341604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:54.190453053 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:54.192492008 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:54.192590952 CEST497341604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:54.193382025 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:54.195310116 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:54.195414066 CEST497341604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:54.196377993 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:54.198457956 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:54.198530912 CEST497341604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:54.199486017 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:54.201374054 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:54.201450109 CEST497341604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:54.232503891 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:54.292402983 CEST497341604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:54.325330019 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:54.325453997 CEST497341604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:54.344347000 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:54.344481945 CEST497341604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:54.353492022 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:54.353610992 CEST497341604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:54.355123997 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:54.355164051 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:54.355240107 CEST497341604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:54.355263948 CEST497341604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:54.355290890 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:54.355364084 CEST497341604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:54.356218100 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:54.356276035 CEST497341604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:54.357212067 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:54.357292891 CEST497341604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:54.358146906 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:54.358289003 CEST497341604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:54.359322071 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:54.359441042 CEST497341604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:54.360244989 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:54.360333920 CEST497341604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:54.361191034 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:54.361264944 CEST497341604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:54.362121105 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:54.362217903 CEST497341604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:54.363250017 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:54.363373041 CEST497341604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:54.370238066 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:54.370343924 CEST497341604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:54.384340048 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:54.384447098 CEST497341604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:54.390530109 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:54.390682936 CEST497341604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:54.390753031 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:54.390822887 CEST497341604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:54.393663883 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:54.393749952 CEST497341604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:54.394360065 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:54.394424915 CEST497341604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:54.396317959 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:54.396400928 CEST497341604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:54.397294998 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:54.397377968 CEST497341604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:54.398293972 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:54.398396969 CEST497341604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:54.399249077 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:54.399338007 CEST497341604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:54.400460005 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:54.400553942 CEST497341604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:54.406104088 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:54.406208992 CEST497341604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:54.406440020 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:54.406481981 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:54.406510115 CEST497341604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:54.406539917 CEST497341604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:54.432518005 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:54.432600975 CEST497341604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:54.434325933 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:54.434364080 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:54.434454918 CEST497341604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:54.435362101 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:54.435439110 CEST497341604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:54.436708927 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:54.436800957 CEST497341604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:54.438491106 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:54.438577890 CEST497341604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:54.443449020 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:54.443465948 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:54.443527937 CEST497341604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:54.444799900 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:54.444889069 CEST497341604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:54.466439009 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:54.466571093 CEST497341604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:54.467714071 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:54.467794895 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:54.467840910 CEST497341604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:54.467845917 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:54.467864037 CEST497341604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:54.467906952 CEST497341604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:54.469424009 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:54.469528913 CEST497341604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:54.473635912 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:54.473692894 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:54.473722935 CEST497341604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:54.473740101 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:54.473761082 CEST497341604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:54.473870993 CEST497341604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:54.474414110 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:54.474524021 CEST497341604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:54.475249052 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:54.475331068 CEST497341604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:54.477298021 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:54.477379084 CEST497341604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:54.478750944 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:54.478826046 CEST497341604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:54.482630968 CEST160449734194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:54.482712984 CEST497341604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:58.315831900 CEST497361604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:58.584153891 CEST160449736194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:58.584377050 CEST497361604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:58.584803104 CEST497361604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:58.865447998 CEST160449736194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:58.865981102 CEST497361604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:59.122937918 CEST160449736194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:59.124111891 CEST497361604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:59.442605019 CEST160449736194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:59.442804098 CEST497361604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:59.475284100 CEST160449736194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:59.475306034 CEST160449736194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:59.475462914 CEST497361604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:59.482126951 CEST160449736194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:59.482148886 CEST160449736194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:59.482260942 CEST497361604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:59.752361059 CEST160449736194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:59.753634930 CEST160449736194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:59.753820896 CEST497361604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:59.755106926 CEST160449736194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:59.756572008 CEST160449736194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:59.756656885 CEST497361604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:59.758033037 CEST160449736194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:59.759210110 CEST160449736194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:59.759310007 CEST497361604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:01:59.761663914 CEST160449736194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:59.762191057 CEST160449736194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:01:59.762274027 CEST497361604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:00.032255888 CEST160449736194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:00.033313990 CEST160449736194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:00.033391953 CEST497361604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:00.034456015 CEST160449736194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:00.036168098 CEST160449736194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:00.036245108 CEST497361604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:00.037264109 CEST160449736194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:00.038141966 CEST160449736194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:00.038219929 CEST497361604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:00.040580034 CEST160449736194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:00.041930914 CEST160449736194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:00.042048931 CEST497361604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:00.042248011 CEST160449736194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:00.043608904 CEST160449736194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:00.043809891 CEST497361604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:00.045192957 CEST160449736194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:00.064238071 CEST160449736194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:00.064320087 CEST497361604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:00.066171885 CEST160449736194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:00.067040920 CEST160449736194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:00.067210913 CEST497361604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:00.068543911 CEST160449736194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:00.069181919 CEST160449736194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:00.069271088 CEST497361604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:00.304342031 CEST160449736194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:00.306556940 CEST160449736194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:00.306890965 CEST497361604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:00.307147026 CEST160449736194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:00.307259083 CEST160449736194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:00.307322979 CEST497361604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:00.312331915 CEST160449736194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:00.313294888 CEST160449736194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:00.313407898 CEST497361604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:00.314132929 CEST160449736194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:00.315862894 CEST160449736194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:00.316015005 CEST497361604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:00.316293001 CEST160449736194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:00.317306995 CEST160449736194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:00.317380905 CEST497361604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:00.318207026 CEST160449736194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:00.319256067 CEST160449736194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:00.319339991 CEST497361604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:00.320745945 CEST160449736194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:00.321276903 CEST160449736194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:00.322259903 CEST160449736194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:00.322263956 CEST497361604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:00.324229002 CEST160449736194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:00.324294090 CEST497361604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:00.325656891 CEST160449736194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:00.344400883 CEST160449736194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:00.344907999 CEST497361604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:00.346416950 CEST160449736194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:00.347598076 CEST160449736194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:00.348861933 CEST497361604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:00.353363037 CEST160449736194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:00.354258060 CEST160449736194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:00.355170965 CEST160449736194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:00.355289936 CEST497361604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:00.356100082 CEST160449736194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:00.357093096 CEST497361604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:00.357809067 CEST160449736194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:00.358315945 CEST160449736194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:00.358485937 CEST497361604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:00.360199928 CEST160449736194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:00.361145020 CEST160449736194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:00.361268044 CEST497361604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:00.362554073 CEST160449736194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:00.363190889 CEST160449736194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:00.363293886 CEST497361604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:00.364185095 CEST160449736194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:00.384783983 CEST160449736194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:00.385155916 CEST497361604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:00.386524916 CEST497361604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:00.592276096 CEST160449736194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:00.592324972 CEST160449736194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:00.592408895 CEST497361604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:00.594868898 CEST160449736194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:00.594959974 CEST497361604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:00.595587015 CEST160449736194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:00.595663071 CEST497361604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:00.596863031 CEST160449736194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:00.596895933 CEST160449736194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:00.596934080 CEST160449736194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:00.596966028 CEST160449736194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:00.596997976 CEST160449736194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:00.597006083 CEST497361604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:00.597028971 CEST160449736194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:00.597034931 CEST497361604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:00.597044945 CEST497361604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:00.597076893 CEST497361604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:00.597671032 CEST160449736194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:00.597773075 CEST497361604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:00.600122929 CEST160449736194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:00.600220919 CEST497361604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:00.650388002 CEST160449736194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:00.650432110 CEST160449736194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:00.650477886 CEST160449736194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:00.650506973 CEST160449736194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:00.650528908 CEST497361604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:00.650572062 CEST497361604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:00.664299965 CEST160449736194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:00.664534092 CEST497361604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:00.665158987 CEST160449736194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:00.665236950 CEST497361604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:00.666763067 CEST160449736194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:00.666981936 CEST497361604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:00.667300940 CEST160449736194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:00.668812990 CEST160449736194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:00.668889046 CEST497361604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:00.670173883 CEST160449736194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:00.670263052 CEST497361604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:00.671163082 CEST160449736194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:00.671253920 CEST497361604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:00.672081947 CEST160449736194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:00.672899961 CEST497361604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:00.673136950 CEST160449736194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:00.674448013 CEST497361604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:00.674843073 CEST160449736194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:00.675169945 CEST160449736194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:00.675192118 CEST497361604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:00.675216913 CEST497361604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:00.676170111 CEST160449736194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:00.676743031 CEST497361604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:00.677120924 CEST160449736194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:00.677175999 CEST497361604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:00.678695917 CEST160449736194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:00.678775072 CEST497361604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:00.679662943 CEST160449736194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:00.679723024 CEST497361604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:00.680200100 CEST160449736194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:00.680861950 CEST497361604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:00.706993103 CEST160449736194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:00.707180977 CEST160449736194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:00.707271099 CEST497361604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:00.708631039 CEST160449736194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:00.709089994 CEST160449736194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:00.709163904 CEST497361604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:00.744668007 CEST160449736194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:00.744827032 CEST497361604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:00.746836901 CEST160449736194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:00.747209072 CEST160449736194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:00.747242928 CEST497361604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:00.747287989 CEST497361604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:00.748651981 CEST160449736194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:00.749185085 CEST160449736194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:00.749298096 CEST497361604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:00.750274897 CEST160449736194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:00.750376940 CEST497361604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:00.751620054 CEST160449736194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:00.751739979 CEST497361604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:00.752578020 CEST160449736194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:00.752919912 CEST497361604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:00.753572941 CEST160449736194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:00.753664017 CEST497361604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:00.754168987 CEST160449736194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:00.754230022 CEST497361604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:00.755198956 CEST160449736194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:00.755264044 CEST497361604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:00.756099939 CEST160449736194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:00.756155968 CEST497361604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:00.824493885 CEST160449736194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:00.825217962 CEST160449736194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:00.825278997 CEST497361604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:00.825316906 CEST497361604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:04.402985096 CEST497371604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:04.642347097 CEST160449737194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:04.642460108 CEST497371604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:04.643059969 CEST497371604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:04.904649019 CEST160449737194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:04.904956102 CEST497371604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:05.312397003 CEST160449737194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:05.480168104 CEST497371604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:05.505523920 CEST497371604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:05.842458963 CEST160449737194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:05.842497110 CEST160449737194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:05.842523098 CEST160449737194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:05.842547894 CEST160449737194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:05.842596054 CEST497371604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:05.842628002 CEST497371604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:06.146317005 CEST160449737194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:06.147258043 CEST160449737194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:06.147393942 CEST497371604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:06.148178101 CEST160449737194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:06.150196075 CEST160449737194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:06.150336981 CEST497371604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:06.151166916 CEST160449737194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:06.152120113 CEST160449737194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:06.152257919 CEST497371604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:06.154139996 CEST160449737194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:06.155062914 CEST160449737194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:06.155144930 CEST497371604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:06.433254957 CEST160449737194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:06.448214054 CEST160449737194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:06.448441982 CEST497371604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:06.449244022 CEST160449737194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:06.449378014 CEST160449737194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:06.449428082 CEST497371604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:06.449450970 CEST160449737194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:06.449481010 CEST160449737194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:06.449523926 CEST497371604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:06.449532032 CEST160449737194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:06.464271069 CEST160449737194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:06.464358091 CEST497371604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:06.465183020 CEST160449737194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:06.474248886 CEST160449737194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:06.474340916 CEST497371604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:06.475840092 CEST160449737194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:06.475873947 CEST160449737194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:06.475893974 CEST160449737194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:06.475910902 CEST160449737194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:06.475925922 CEST497371604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:06.475955963 CEST497371604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:06.475975037 CEST160449737194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:06.475997925 CEST160449737194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:06.476053953 CEST497371604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:06.482176065 CEST497371604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:06.722309113 CEST160449737194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:06.722414017 CEST497371604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:06.723231077 CEST160449737194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:06.723309040 CEST497371604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:06.724296093 CEST160449737194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:06.724381924 CEST497371604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:06.725583076 CEST160449737194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:06.725671053 CEST497371604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:06.744261026 CEST160449737194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:06.744385958 CEST497371604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:06.745703936 CEST160449737194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:06.745790958 CEST497371604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:06.747237921 CEST160449737194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:06.747325897 CEST497371604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:06.756746054 CEST160449737194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:06.756889105 CEST497371604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:06.757139921 CEST160449737194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:06.757158041 CEST160449737194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:06.757196903 CEST497371604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:06.757215977 CEST160449737194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:06.757222891 CEST497371604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:06.757266045 CEST497371604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:06.757289886 CEST160449737194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:06.757308960 CEST160449737194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:06.757339001 CEST497371604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:06.757359982 CEST497371604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:06.758229971 CEST160449737194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:06.758291960 CEST497371604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:06.759164095 CEST160449737194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:06.759237051 CEST497371604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:06.761571884 CEST160449737194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:06.761641026 CEST497371604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:06.827294111 CEST160449737194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:06.827358961 CEST497371604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:06.828682899 CEST160449737194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:06.828743935 CEST497371604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:06.829165936 CEST160449737194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:06.829220057 CEST497371604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:06.830168009 CEST160449737194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:06.830236912 CEST497371604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:06.832096100 CEST160449737194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:06.832182884 CEST497371604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:06.833556890 CEST160449737194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:06.833636045 CEST497371604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:06.834167004 CEST160449737194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:06.834217072 CEST497371604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:06.835212946 CEST160449737194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:06.835282087 CEST497371604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:06.836122036 CEST160449737194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:06.836169958 CEST497371604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:06.838536978 CEST160449737194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:06.838596106 CEST497371604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:06.839042902 CEST160449737194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:06.839091063 CEST497371604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:06.840275049 CEST160449737194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:06.840377092 CEST497371604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:06.841336012 CEST160449737194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:06.841413021 CEST497371604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:06.842211962 CEST160449737194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:06.842279911 CEST497371604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:06.843580961 CEST160449737194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:06.843656063 CEST497371604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:06.844177961 CEST160449737194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:06.844245911 CEST497371604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:10.498847961 CEST497391604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:10.744308949 CEST160449739194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:10.744445086 CEST497391604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:10.745166063 CEST497391604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:11.024382114 CEST160449739194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:11.024806023 CEST497391604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:11.312378883 CEST160449739194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:11.313987970 CEST497391604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:11.624321938 CEST160449739194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:11.624404907 CEST497391604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:11.680264950 CEST160449739194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:11.680387974 CEST497391604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:11.681255102 CEST160449739194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:11.681335926 CEST497391604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:11.682094097 CEST160449739194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:11.682121038 CEST160449739194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:11.682163000 CEST497391604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:11.682207108 CEST497391604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:11.944385052 CEST160449739194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:11.952332973 CEST160449739194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:11.953563929 CEST160449739194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:11.953651905 CEST497391604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:11.962286949 CEST160449739194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:11.962321997 CEST160449739194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:11.962367058 CEST160449739194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:11.962392092 CEST497391604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:11.962408066 CEST160449739194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:11.962435007 CEST160449739194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:11.962459087 CEST497391604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:11.962464094 CEST160449739194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:11.962508917 CEST497391604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:12.232700109 CEST160449739194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:12.236450911 CEST160449739194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:12.236490011 CEST160449739194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:12.236516953 CEST160449739194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:12.236597061 CEST497391604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:12.236634016 CEST497391604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:12.248219013 CEST160449739194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:12.248258114 CEST160449739194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:12.248303890 CEST497391604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:12.250070095 CEST160449739194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:12.251199961 CEST160449739194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:12.251296997 CEST160449739194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:12.251298904 CEST497391604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:12.252137899 CEST160449739194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:12.252245903 CEST497391604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:12.253211021 CEST160449739194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:12.265183926 CEST160449739194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:12.265295982 CEST497391604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:12.266141891 CEST160449739194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:12.267096996 CEST160449739194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:12.267169952 CEST497391604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:12.268537998 CEST160449739194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:12.269143105 CEST160449739194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:12.269201040 CEST497391604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:12.497575045 CEST497391604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:12.520482063 CEST160449739194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:12.520638943 CEST497391604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:12.521939039 CEST160449739194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:12.522036076 CEST497391604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:12.522258997 CEST160449739194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:12.522361994 CEST497391604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:12.523809910 CEST160449739194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:12.523840904 CEST160449739194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:12.523925066 CEST497391604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:12.523945093 CEST497391604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:12.524391890 CEST160449739194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:12.524466038 CEST497391604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:12.527211905 CEST160449739194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:12.527254105 CEST160449739194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:12.527271986 CEST160449739194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:12.527287960 CEST160449739194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:12.527302027 CEST497391604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:12.527322054 CEST497391604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:12.527373075 CEST497391604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:12.547610044 CEST160449739194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:12.547708035 CEST497391604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:12.548613071 CEST160449739194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:12.548679113 CEST497391604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:12.549957037 CEST160449739194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:12.550012112 CEST160449739194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:12.550024986 CEST160449739194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:12.550052881 CEST497391604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:12.550076962 CEST497391604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:12.551470041 CEST160449739194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:12.551523924 CEST497391604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:12.555907011 CEST160449739194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:12.555979013 CEST497391604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:12.556236029 CEST160449739194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:12.556293964 CEST497391604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:12.564209938 CEST160449739194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:12.564238071 CEST160449739194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:12.564256907 CEST160449739194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:12.564275980 CEST160449739194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:12.564281940 CEST497391604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:12.564308882 CEST160449739194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:12.564320087 CEST160449739194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:12.564328909 CEST497391604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:12.564337969 CEST160449739194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:12.564353943 CEST160449739194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:12.564366102 CEST497391604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:12.564404011 CEST497391604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:12.584604979 CEST160449739194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:12.584722996 CEST497391604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:12.585283995 CEST160449739194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:12.585356951 CEST497391604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:12.587654114 CEST160449739194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:12.587713957 CEST497391604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:12.589924097 CEST160449739194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:12.589982986 CEST497391604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:12.590035915 CEST160449739194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:12.590137005 CEST497391604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:12.590261936 CEST160449739194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:12.590316057 CEST497391604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:16.515360117 CEST497401604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:16.789349079 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:16.789448023 CEST497401604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:16.826307058 CEST497401604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:17.104943991 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:17.235603094 CEST497401604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:17.504465103 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:17.508203983 CEST497401604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:18.080563068 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:18.080677032 CEST497401604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:18.082087040 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:18.082359076 CEST497401604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:18.106451035 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:18.106535912 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:18.106631994 CEST497401604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:18.352521896 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:18.361700058 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:18.361814976 CEST497401604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:18.362090111 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:18.362149000 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:18.362221003 CEST497401604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:18.384377956 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:18.385409117 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:18.386174917 CEST497401604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:18.386588097 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:18.387314081 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:18.387403965 CEST497401604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:18.529175997 CEST497401604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:18.644639015 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:18.644783974 CEST497401604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:18.645653009 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:18.645778894 CEST497401604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:18.647221088 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:18.647238970 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:18.647404909 CEST497401604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:18.647435904 CEST497401604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:18.648705959 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:18.648792982 CEST497401604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:18.649241924 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:18.649307013 CEST497401604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:18.650578022 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:18.650616884 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:18.650652885 CEST497401604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:18.650721073 CEST497401604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:18.664261103 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:18.664387941 CEST497401604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:18.666197062 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:18.666295052 CEST497401604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:18.667633057 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:18.667696953 CEST497401604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:18.668648958 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:18.668699980 CEST497401604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:18.669260979 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:18.669322968 CEST497401604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:18.671209097 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:18.671297073 CEST497401604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:18.672578096 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:18.672640085 CEST497401604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:18.682729006 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:18.682818890 CEST497401604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:18.836211920 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:18.920887947 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:18.921195984 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:18.921269894 CEST497401604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:18.922302008 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:18.922341108 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:18.922388077 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:18.922394991 CEST497401604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:18.924657106 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:18.924743891 CEST497401604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:18.925622940 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:18.926248074 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:18.926290989 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:18.926316977 CEST497401604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:18.927217960 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:18.927259922 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:18.927319050 CEST497401604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:18.945202112 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:18.945282936 CEST497401604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:18.955256939 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:18.955316067 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:18.955354929 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:18.955398083 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:18.955398083 CEST497401604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:18.955449104 CEST497401604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:18.956758022 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:18.958362103 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:18.958430052 CEST497401604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:18.968903065 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:18.968969107 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:18.969011068 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:18.969031096 CEST497401604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:18.969048977 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:18.969103098 CEST497401604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:18.984276056 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:18.986660957 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:18.986752987 CEST497401604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:18.988670111 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:18.989315033 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:18.989425898 CEST497401604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:18.992043018 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:18.993212938 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:18.993304968 CEST497401604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:18.994252920 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:18.997163057 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:18.997227907 CEST497401604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:19.005888939 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:19.005913973 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:19.005954981 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:19.005986929 CEST497401604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:19.090784073 CEST497401604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:19.200469971 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:19.200527906 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:19.200577021 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:19.200608969 CEST497401604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:19.200624943 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:19.200668097 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:19.200684071 CEST497401604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:19.200712919 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:19.200763941 CEST497401604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:19.202286959 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:19.203282118 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:19.203360081 CEST497401604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:19.205857038 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:19.224169970 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:19.224278927 CEST497401604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:19.227061987 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:19.227310896 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:19.227377892 CEST497401604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:19.229326963 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:19.231848955 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:19.231947899 CEST497401604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:19.233782053 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:19.235949039 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:19.236025095 CEST497401604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:19.236293077 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:19.238914013 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:19.239001036 CEST497401604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:19.239645958 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:19.241281986 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:19.241368055 CEST497401604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:19.243637085 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:19.245929003 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:19.245984077 CEST497401604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:19.265532017 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:19.266968012 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:19.267076969 CEST497401604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:19.268667936 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:19.270327091 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:19.270401001 CEST497401604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:19.272207975 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:19.273650885 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:19.273732901 CEST497401604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:19.275535107 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:19.277251005 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:19.277324915 CEST497401604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:19.279714108 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:19.280272961 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:19.280345917 CEST497401604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:19.282993078 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:19.284358978 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:19.284437895 CEST497401604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:19.305000067 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:19.314780951 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:19.314848900 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:19.314893007 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:19.314891100 CEST497401604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:19.314940929 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:19.314958096 CEST497401604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:19.320276022 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:19.320318937 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:19.320377111 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:19.320436954 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:19.320487976 CEST497401604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:19.320518017 CEST497401604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:19.322161913 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:19.322263002 CEST497401604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:19.322299957 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:19.324815989 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:19.324918032 CEST497401604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:19.344790936 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:19.346359968 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:19.346473932 CEST497401604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:19.348210096 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:19.349632025 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:19.349802971 CEST497401604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:19.351265907 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:19.480608940 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:19.480634928 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:19.480705023 CEST497401604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:19.482413054 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:19.482435942 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:19.482508898 CEST497401604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:19.484672070 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:19.484750032 CEST497401604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:19.485518932 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:19.485855103 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:19.485876083 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:19.485943079 CEST497401604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:19.512362003 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:19.512501001 CEST497401604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:19.513266087 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:19.515846968 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:19.515974998 CEST497401604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:19.516781092 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:19.517549992 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:19.517640114 CEST497401604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:19.519166946 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:19.520992041 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:19.521064043 CEST497401604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:19.522061110 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:19.523178101 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:19.523247957 CEST497401604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:19.524445057 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:19.544442892 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:19.544558048 CEST497401604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:19.554946899 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:19.554990053 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:19.555027008 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:19.555062056 CEST497401604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:19.555099964 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:19.555155039 CEST497401604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:19.555263996 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:19.556849003 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:19.556936979 CEST497401604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:19.557194948 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:19.559300900 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:19.559381008 CEST497401604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:19.560694933 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:19.563600063 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:19.563673973 CEST497401604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:19.564290047 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:19.584714890 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:19.584785938 CEST497401604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:19.586220026 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:19.587193012 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:19.587270021 CEST497401604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:19.589382887 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:19.593697071 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:19.593765974 CEST497401604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:19.595360041 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:19.599533081 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:19.599656105 CEST497401604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:19.607024908 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:19.607059956 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:19.607084990 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:19.607106924 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:19.607204914 CEST497401604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:19.607232094 CEST497401604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:19.625966072 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:19.627054930 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:19.627161026 CEST497401604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:19.629045010 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:19.630831957 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:19.630867958 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:19.630938053 CEST497401604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:19.632514000 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:19.632579088 CEST497401604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:19.636507034 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:19.636789083 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:19.636869907 CEST497401604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:19.638628960 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:19.684824944 CEST497401604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:19.698045015 CEST497401604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:19.746257067 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:19.746391058 CEST497401604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:19.748548985 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:19.748708010 CEST497401604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:19.754920006 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:19.754973888 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:19.755018950 CEST497401604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:19.755055904 CEST497401604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:19.755753994 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:19.755826950 CEST497401604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:19.757896900 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:19.757988930 CEST497401604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:19.758335114 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:19.758457899 CEST497401604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:19.765629053 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:19.765685081 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:19.765712023 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:19.765722036 CEST497401604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:19.765782118 CEST497401604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:19.765791893 CEST497401604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:19.785916090 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:19.786015987 CEST497401604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:19.787497997 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:19.787575960 CEST497401604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:19.788099051 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:19.788163900 CEST497401604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:19.788217068 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:19.788270950 CEST497401604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:19.793291092 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:19.793368101 CEST497401604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:19.796063900 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:19.796099901 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:19.796139002 CEST497401604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:19.796159029 CEST497401604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:19.797952890 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:19.798046112 CEST497401604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:19.832307100 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:19.832437992 CEST497401604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:19.842364073 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:19.842421055 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:19.842459917 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:19.842500925 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:19.842510939 CEST497401604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:19.842542887 CEST497401604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:19.842546940 CEST497401604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:19.842564106 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:19.842609882 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:19.842622995 CEST497401604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:19.842660904 CEST497401604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:19.843055010 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:19.843125105 CEST497401604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:19.843579054 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:19.843652010 CEST497401604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:19.848134995 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:19.848253012 CEST497401604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:19.865231991 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:19.865344048 CEST497401604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:19.867300987 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:19.867348909 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:19.867412090 CEST497401604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:19.867436886 CEST497401604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:19.869251966 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:19.869323969 CEST497401604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:19.870724916 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:19.870820045 CEST497401604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:19.873437881 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:19.873610973 CEST497401604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:19.875001907 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:19.875117064 CEST497401604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:19.875907898 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:19.875998020 CEST497401604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:19.876230955 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:19.876307964 CEST497401604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:19.879359961 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:19.879503012 CEST497401604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:19.879823923 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:19.879906893 CEST497401604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:19.881180048 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:19.881259918 CEST497401604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:19.882333040 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:19.882421017 CEST497401604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:19.912707090 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:19.912910938 CEST497401604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:19.914787054 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:19.914875984 CEST497401604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:19.915263891 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:19.915340900 CEST497401604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:19.916187048 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:19.916270971 CEST497401604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:19.918143034 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:19.918220997 CEST497401604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:19.919610977 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:19.919673920 CEST497401604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:19.920212030 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:19.920300961 CEST497401604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:19.922235012 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:19.922316074 CEST497401604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:19.952722073 CEST160449740194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:19.952892065 CEST497401604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:23.826986074 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:24.066556931 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:24.066780090 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:24.067572117 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:24.345810890 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:24.346326113 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:24.592376947 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:24.592488050 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:24.884577990 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:24.884675980 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:25.184148073 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:25.280194998 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:25.281790972 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:25.281805038 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:25.281891108 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:25.282130003 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:25.282250881 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:25.560401917 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:25.560465097 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:25.560504913 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:25.560543060 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:25.560583115 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:25.560612917 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:25.560626984 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:25.560652018 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:25.560667992 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:25.560674906 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:25.560689926 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:25.560743093 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:25.832247019 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:25.833162069 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:25.833276987 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:25.834171057 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:25.834211111 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:25.834275007 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:25.835206985 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:25.836199999 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:25.836240053 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:25.836282015 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:25.837259054 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:25.837341070 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:25.838179111 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:25.839181900 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:25.839225054 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:25.839288950 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:25.840107918 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:25.840197086 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:25.841259003 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:25.843183041 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:25.843266010 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:25.844259024 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:25.845324993 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:25.845405102 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:26.127388954 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:26.128607035 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:26.128699064 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:26.129404068 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:26.130143881 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:26.130239964 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:26.130292892 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:26.131784916 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:26.131855011 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:26.132344007 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:26.132524014 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:26.132574081 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:26.144361973 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:26.146904945 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:26.146992922 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:26.147176981 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:26.149250031 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:26.149327993 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:26.151801109 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:26.152198076 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:26.152265072 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:26.154247046 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:26.156872988 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:26.156972885 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:26.157250881 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:26.158248901 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:26.159236908 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:26.159334898 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:26.161798954 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:26.161895990 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:26.163695097 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:26.163789034 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:26.164190054 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:26.164257050 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:26.192914009 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:26.193003893 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:26.193002939 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:26.193070889 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:26.193087101 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:26.193136930 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:26.193154097 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:26.193176985 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:26.193207026 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:26.193238020 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:26.194186926 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:26.194248915 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:26.196563005 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:26.196646929 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:26.198350906 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:26.198445082 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:26.200206041 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:26.200278997 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:26.202702045 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:26.202812910 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:26.205249071 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:26.205338001 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:26.400322914 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:26.400502920 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:26.401808023 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:26.401954889 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:26.402543068 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:26.402605057 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:26.402667046 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:26.402724981 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:26.404189110 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:26.404324055 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:26.405266047 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:26.405459881 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:26.406825066 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:26.406958103 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:26.407095909 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:26.407128096 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:26.407188892 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:26.407238960 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:26.424391031 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:26.424494982 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:26.427736998 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:26.427906036 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:26.428215027 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:26.428371906 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:26.430268049 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:26.430398941 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:26.432327032 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:26.433118105 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:26.434348106 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:26.434444904 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:26.437338114 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:26.437500000 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:26.438519001 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:26.438651085 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:26.440223932 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:26.440315008 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:26.441800117 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:26.441891909 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:26.443278074 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:26.443377972 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:26.445354939 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:26.445607901 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:26.466115952 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:26.466295958 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:26.467231035 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:26.467339993 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:26.468703032 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:26.468816996 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:26.471040964 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:26.471174002 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:26.472383022 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:26.472518921 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:26.473731041 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:26.473851919 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:26.475754976 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:26.475888968 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:26.477284908 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:26.477420092 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:26.479315042 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:26.479445934 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:26.481477976 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:26.481615067 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:26.482256889 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:26.482422113 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:26.484344959 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:26.504390955 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:26.504570007 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:26.507409096 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:26.508922100 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:26.509094000 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:26.510730982 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:26.511866093 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:26.512038946 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:26.513884068 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:26.515269041 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:26.515619040 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:26.517318010 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:26.518826962 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:26.518971920 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:26.520307064 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:26.522814035 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:26.522969961 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:26.524893045 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:26.525145054 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:26.525280952 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:26.545722008 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:26.547264099 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:26.547461987 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:26.549165964 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:26.551733017 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:26.551861048 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:26.553275108 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:26.606983900 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:26.645373106 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:26.672858953 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:26.673038960 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:26.673722982 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:26.674217939 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:26.674294949 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:26.675193071 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:26.676801920 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:26.676891088 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:26.677903891 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:26.678538084 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:26.678617954 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:26.679267883 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:26.680363894 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:26.680475950 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:26.681452036 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:26.682560921 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:26.682651043 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:26.684226990 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:26.685221910 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:26.685587883 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:26.712656975 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:26.714267015 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:26.714442015 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:26.715806007 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:26.716258049 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:26.716363907 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:26.719094038 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:26.719315052 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:26.719460964 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:26.721255064 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:26.722599030 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:26.722728014 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:26.723829031 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:26.725359917 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:26.725472927 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:26.744832993 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:26.745254993 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:26.745351076 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:26.760436058 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:26.760473013 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:26.760499001 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:26.760526896 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:26.760557890 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:26.760642052 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:26.760725021 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:26.761744022 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:26.761924028 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:26.762428045 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:26.764766932 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:26.764904022 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:26.784255028 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:26.786957979 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:26.787111044 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:26.792860031 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:26.794162035 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:26.794298887 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:26.796331882 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:26.798880100 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:26.799005032 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:26.799262047 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:26.801211119 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:26.801314116 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:26.803976059 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:26.805924892 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:26.806118965 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:26.825954914 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:26.828850985 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:26.828989029 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:26.829303026 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:26.831562996 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:26.831662893 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:26.842314959 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:26.873928070 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:26.874051094 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:26.945467949 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:26.946237087 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:26.946350098 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:26.952361107 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:26.953743935 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:26.953855991 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:26.954973936 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:26.956722021 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:26.956810951 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:26.957396030 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:26.958724022 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:26.958800077 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:26.959235907 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:26.960174084 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:26.960237980 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:26.961808920 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:26.962240934 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:26.962322950 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:26.963684082 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:26.964534998 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:26.964605093 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:26.984289885 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:26.985728025 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:26.985858917 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:26.987029076 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:26.988192081 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:26.988302946 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:26.989173889 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:26.991775990 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:26.991924047 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:26.992223978 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:26.993812084 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:26.993931055 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:26.995776892 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:26.996073961 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:26.996193886 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:26.998629093 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:26.999463081 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:26.999577045 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:27.032285929 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:27.034312010 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:27.034425020 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:27.035881996 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:27.036360025 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:27.036427021 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:27.038980961 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:27.039249897 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:27.039314985 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:27.040607929 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:27.042115927 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:27.042202950 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:27.043657064 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:27.044259071 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:27.044326067 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:27.056051970 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:27.064207077 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:27.065507889 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:27.065597057 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:27.067260027 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:27.068224907 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:27.068306923 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:27.078278065 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:27.078314066 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:27.078430891 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:27.079674959 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:27.125123978 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:27.304363012 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:27.304519892 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:27.321926117 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:27.321974039 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:27.322046041 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:27.322191954 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:27.322257042 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:27.322331905 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:27.322391987 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:27.346988916 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:27.347099066 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:27.349526882 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:27.349569082 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:27.349644899 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:27.349666119 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:27.349967957 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:27.350002050 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:27.350028038 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:27.350038052 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:27.350070953 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:27.358278990 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:27.358354092 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:27.359227896 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:27.359317064 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:27.368174076 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:27.368241072 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:27.368247032 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:27.368298054 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:27.368299961 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:27.368339062 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:27.368346930 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:27.368393898 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:27.368448973 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:27.368474007 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:27.368493080 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:27.368506908 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:27.368518114 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:27.368535995 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:27.368561983 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:27.368576050 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:27.384181976 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:27.384354115 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:27.386308908 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:27.386466026 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:27.388072014 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:27.388225079 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:27.389238119 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:27.389322042 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:27.391186953 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:27.391268015 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:27.392096996 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:27.392190933 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:27.394172907 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:27.394283056 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:27.396161079 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:27.396254063 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:27.405328989 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:27.405366898 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:27.405391932 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:27.405416965 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:27.405420065 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:27.405441046 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:27.405441999 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:27.405467033 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:27.405498028 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:27.424221992 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:27.424359083 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:27.426178932 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:27.426266909 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:27.428622007 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:27.428706884 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:27.430100918 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:27.430180073 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:27.431170940 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:27.431251049 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:27.433734894 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:27.433813095 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:27.435261011 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:27.435353041 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:27.437144041 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:27.437242031 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:27.438663006 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:27.438750982 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:27.440082073 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:27.440208912 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:27.442161083 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:27.442323923 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:27.444232941 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:27.444346905 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:27.464250088 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:27.464396954 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:27.466126919 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:27.466237068 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:27.468775988 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:27.468887091 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:27.470175028 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:27.470266104 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:27.472346067 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:27.472434044 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:27.475205898 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:27.475306988 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:27.478199005 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:27.478279114 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:27.480389118 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:27.480478048 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:27.482302904 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:27.482418060 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:27.484719038 CEST160449746194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:27.484884977 CEST497461604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:31.140019894 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:31.387231112 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:31.387350082 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:31.388221979 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:31.680398941 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:31.680680990 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:31.923276901 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:31.926063061 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:32.265383005 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:32.265533924 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:32.270309925 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:32.270385027 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:32.272160053 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:32.272231102 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:32.273109913 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:32.273174047 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:32.274528980 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:32.274595976 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:32.546346903 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:32.547825098 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:32.547898054 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:32.561484098 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:32.561525106 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:32.561549902 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:32.561572075 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:32.561594963 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:32.561604977 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:32.561616898 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:32.561664104 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:32.561691999 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:32.801316977 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:32.802807093 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:32.802920103 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:32.804358006 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:32.825007915 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:32.825172901 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:32.831197023 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:32.833211899 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:32.833297968 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:32.835196972 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:32.836220980 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:32.836293936 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:32.837243080 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:32.839667082 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:32.839755058 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:32.840264082 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:32.841375113 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:32.841455936 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:32.843417883 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:32.844196081 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:32.844300032 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:32.864281893 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:32.865340948 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:32.865431070 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:33.052088022 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.053252935 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.053319931 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:33.072766066 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.072788954 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.072877884 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:33.088224888 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.089198112 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.089266062 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.089387894 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:33.090316057 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.090377092 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:33.129887104 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.129924059 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.129944086 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.129967928 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.129992008 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.130019903 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.130022049 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:33.130047083 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.130059004 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:33.130073071 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.130096912 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.130120993 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.130126953 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:33.130146027 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.130165100 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:33.130171061 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.130213022 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:33.144470930 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.145347118 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.145437002 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:33.147627115 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.155601025 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:33.156724930 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.156757116 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.156780958 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.156802893 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:33.156806946 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.156826973 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.156863928 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:33.156940937 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:33.157196045 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.157680035 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:33.158466101 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.158550024 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:33.160228968 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.160304070 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:33.161386967 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.161459923 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:33.320463896 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.320605040 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:33.321259975 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.321293116 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.321336985 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:33.321376085 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:33.322262049 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.322341919 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:33.344341993 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.344482899 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:33.352185011 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.352261066 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:33.361448050 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.361502886 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.361542940 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.361561060 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:33.361597061 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:33.361602068 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:33.364289999 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.364339113 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.364367008 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:33.364387989 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:33.366406918 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.366432905 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.366449118 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.366477013 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:33.366585970 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:33.368329048 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.368359089 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.368407011 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:33.368428946 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:33.399168968 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.399279118 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:33.400178909 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.400239944 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:33.402251959 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.402316093 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:33.403415918 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.403490067 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:33.404181957 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.404253960 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:33.405396938 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.405479908 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:33.425335884 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.425455093 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:33.426152945 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.426230907 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:33.427103043 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.427196026 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:33.429186106 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.429270983 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:33.430107117 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.430196047 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:33.431232929 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.431354046 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:33.433165073 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.433260918 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:33.434196949 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.434278965 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:33.435185909 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.435322046 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:33.437249899 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.437325954 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:33.438290119 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.438355923 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:33.440205097 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.440275908 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:33.441128969 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.441211939 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:33.443216085 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.443339109 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:33.444161892 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.444397926 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:33.464121103 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.464220047 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:33.466161966 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.466250896 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:33.467237949 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.467324018 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:33.468288898 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.473495007 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.473524094 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.473608971 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:33.474183083 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.474278927 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:33.475064039 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.477119923 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.477209091 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:33.478281021 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.488177061 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.488235950 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.488248110 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:33.488311052 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.488339901 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.488420010 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:33.573245049 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.584141016 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.584218025 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:33.585067034 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.586674929 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.586744070 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:33.592075109 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.632139921 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.632235050 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:33.641227961 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.642153978 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.642230034 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:33.643039942 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.643088102 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.643110037 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.643177032 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:33.646094084 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.646166086 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:33.647108078 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.647193909 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.647217035 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.647250891 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:33.647264957 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.647314072 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:33.668107033 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.671989918 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.672101974 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:33.673124075 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.674340010 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.674406052 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:33.675173998 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.676203012 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.676258087 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:33.712126970 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.714086056 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.714148998 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:33.715157032 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.724179029 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.724211931 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.724241018 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.724252939 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:33.724282980 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.724297047 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:33.728154898 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.728245020 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:33.729068995 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.729119062 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.729146957 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.729208946 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:33.744118929 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.744211912 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:33.746093035 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.747170925 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.747250080 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:33.756093979 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.756161928 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.756222963 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.756247997 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:33.756290913 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.756347895 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.756366968 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:33.757144928 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.757229090 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:33.759043932 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.761745930 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.761815071 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:33.763257027 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.764054060 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.764166117 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:33.784224987 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.786088943 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.786207914 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:33.787252903 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.789098978 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.789185047 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:33.832315922 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.834166050 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.834239006 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:33.835700989 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.836117983 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.836188078 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:33.885216951 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.904257059 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.904361963 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:33.912286043 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.913289070 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.913448095 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:33.914166927 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.915162086 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.915354013 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:33.924282074 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.924328089 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.924367905 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.924401045 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:33.927220106 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.927263021 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.927299976 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.927320004 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:33.927336931 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.927369118 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:33.944220066 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.944325924 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:33.946301937 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.947170973 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.947233915 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:33.948144913 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.949131012 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.949193001 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:33.992191076 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.994085073 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.994158983 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:33.995136976 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.996242046 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.996323109 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:33.998342037 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.999217033 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:33.999305964 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:34.000169992 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:34.001286983 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:34.001359940 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:34.003226995 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:34.004184008 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:34.004256010 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:34.005117893 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:34.025278091 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:34.025340080 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:34.026169062 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:34.028155088 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:34.028228998 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:34.029263973 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:34.031227112 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:34.031305075 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:34.032174110 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:34.033243895 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:34.033324003 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:34.035306931 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:34.036322117 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:34.036400080 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:34.037148952 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:34.039207935 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:34.039308071 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:34.040318966 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:34.042207956 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:34.042287111 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:34.043637037 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:34.045187950 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:34.045257092 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:34.064276934 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:34.066206932 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:34.066293955 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:34.067213058 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:34.069127083 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:34.069180012 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:34.070118904 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:34.072221994 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:34.072278023 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:34.073831081 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:34.075201035 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:34.075270891 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:34.077253103 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:34.079142094 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:34.079232931 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:34.080238104 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:34.082190037 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:34.082258940 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:34.083650112 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:34.084121943 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:34.084182978 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:34.104846954 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:34.105298996 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:34.105397940 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:34.107273102 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:34.108285904 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:34.108362913 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:34.110208035 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:34.111249924 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:34.111447096 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:34.112224102 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:34.114214897 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:34.114296913 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:34.115870953 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:34.116213083 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:34.116297960 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:34.125355959 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:34.125475883 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:34.125515938 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:34.125550032 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:34.125551939 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:34.125576973 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:34.125600100 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:34.144263029 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:34.144371986 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:34.146229029 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:34.147432089 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:34.147504091 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:34.149318933 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:34.150211096 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:34.150281906 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:34.152137995 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:34.153754950 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:34.153835058 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:34.162223101 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:34.162251949 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:34.162421942 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:34.186539888 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:34.208524942 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:34.208573103 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:34.208621025 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:34.208651066 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:34.208664894 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:34.208705902 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:34.208722115 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:34.208745956 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:34.208786011 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:34.208810091 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:34.208823919 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:34.208831072 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:34.208863020 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:34.208897114 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:34.208903074 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:34.208950996 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:34.209007025 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:34.224256039 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:34.224363089 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:34.226195097 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:34.226316929 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:34.227209091 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:34.227287054 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:34.229137897 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:34.229219913 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:34.230128050 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:34.230220079 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:34.231182098 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:34.231277943 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:34.232141972 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:34.232234955 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:34.234205008 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:34.234324932 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:34.235178947 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:34.235254049 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:34.236195087 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:34.236284018 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:34.238202095 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:34.238270998 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:34.239181995 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:34.239249945 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:34.240243912 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:34.240314007 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:34.250231028 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:34.250247955 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:34.250288963 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:34.250310898 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:34.272123098 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:34.272216082 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:34.274272919 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:34.274358034 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:34.275122881 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:34.275151968 CEST160449747194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:34.275202036 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:34.275223017 CEST497471604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:38.203160048 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:38.439141989 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:38.442115068 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:38.446811914 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:38.704159975 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:38.704533100 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:38.950371981 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:38.977833986 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:39.280284882 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:39.280405045 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:39.312771082 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:39.313236952 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:39.313390017 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:39.314301968 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:39.315257072 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:39.315355062 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:39.592284918 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:39.593836069 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:39.593930960 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:39.602308035 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:39.602335930 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:39.602355957 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:39.602375984 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:39.602399111 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:39.602421045 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:39.602442980 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:39.602483988 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:39.872323990 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:39.872400999 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:39.872492075 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:39.874212980 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:39.875401020 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:39.875498056 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:39.880279064 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:39.881263018 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:39.881356955 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:39.882224083 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:39.883481979 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:39.883579016 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:39.884084940 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:39.885184050 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:39.885267019 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:39.904405117 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:39.905234098 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:39.905333996 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:39.907339096 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:39.908219099 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:39.908369064 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:39.909260035 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:39.910212994 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:39.910300970 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:40.160372972 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:40.161293030 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:40.161374092 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:40.162691116 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:40.162719965 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:40.162789106 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:40.163209915 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:40.164264917 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:40.164372921 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:40.165229082 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:40.165254116 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:40.165328979 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:40.166332960 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:40.167609930 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:40.167711973 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:40.184281111 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:40.186172962 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:40.186252117 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:40.186929941 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:40.187735081 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:40.187810898 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:40.189183950 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:40.189255953 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:40.190419912 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:40.190500021 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:40.191183090 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:40.191268921 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:40.193296909 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:40.193373919 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:40.195328951 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:40.195420027 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:40.197640896 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:40.197732925 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:40.198245049 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:40.198306084 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:40.200359106 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:40.200428009 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:40.202167034 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:40.202243090 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:40.203211069 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:40.203305006 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:40.205235958 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:40.205327034 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:40.225368977 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:40.225485086 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:40.227288961 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:40.227396965 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:40.228230953 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:40.228303909 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:40.230360031 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:40.230452061 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:40.232199907 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:40.232296944 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:40.233292103 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:40.233402967 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:40.235343933 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:40.235451937 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:40.237363100 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:40.237488985 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:40.440486908 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:40.440598011 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:40.441225052 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:40.441297054 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:40.442123890 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:40.442152023 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:40.442195892 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:40.442213058 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:40.444140911 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:40.444225073 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:40.445239067 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:40.445281029 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:40.445311069 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:40.445332050 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:40.446306944 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:40.446372032 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:40.447164059 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:40.447227955 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:40.447374105 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:40.447419882 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:40.465522051 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:40.465600014 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:40.467314005 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:40.467381954 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:40.468324900 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:40.468388081 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:40.470282078 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:40.470344067 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:40.472390890 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:40.472470045 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:40.474216938 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:40.474306107 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:40.476413012 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:40.476480007 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:40.485480070 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:40.485553026 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:40.485584021 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:40.485589027 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:40.485624075 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:40.485626936 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:40.485630035 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:40.485671043 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:40.504458904 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:40.504600048 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:40.506264925 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:40.506356955 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:40.508512020 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:40.508601904 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:40.509654045 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:40.511161089 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:40.511337996 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:40.513885021 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:40.523065090 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:40.523104906 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:40.523149967 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:40.523171902 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:40.523191929 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:40.523267031 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:40.523302078 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:40.524251938 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:40.544327021 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:40.544433117 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:40.554292917 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:40.554328918 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:40.554352045 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:40.554378986 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:40.554434061 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:40.554471970 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:40.560231924 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:40.560269117 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:40.560290098 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:40.560309887 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:40.560337067 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:40.560390949 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:40.565594912 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:40.565634966 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:40.565740108 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:40.586468935 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:40.586500883 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:40.586585999 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:40.587256908 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:40.589709997 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:40.589782953 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:40.591326952 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:40.593169928 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:40.593247890 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:40.594633102 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:40.639384985 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:40.712372065 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:40.712405920 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:40.712430000 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:40.712450981 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:40.712490082 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:40.712497950 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:40.712527037 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:40.717215061 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:40.717250109 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:40.717293978 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:40.720272064 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:40.720344067 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:40.722088099 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:40.723071098 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:40.723156929 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:40.752198935 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:40.754544973 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:40.754638910 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:40.755125999 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:40.757221937 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:40.757287025 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:40.758181095 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:40.759174109 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:40.759246111 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:40.760237932 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:40.762130976 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:40.762203932 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:40.763242006 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:40.764197111 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:40.764262915 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:40.784337997 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:40.794852018 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:40.794888973 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:40.794929981 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:40.795063019 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:40.795101881 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:40.795183897 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:40.800888062 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:40.800931931 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:40.800959110 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:40.800985098 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:40.801024914 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:40.801080942 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:40.801126957 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:40.801192999 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:40.803576946 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:40.804333925 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:40.804429054 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:40.825290918 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:40.826428890 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:40.826550007 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:40.839235067 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:40.839263916 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:40.839282990 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:40.839366913 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:40.846554041 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:40.846647978 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:40.846654892 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:40.846668005 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:40.846712112 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:40.846724987 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:40.846731901 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:40.846801996 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:40.865289927 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:40.867307901 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:40.867402077 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:40.870296955 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:40.872179985 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:40.872251034 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:40.873209953 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:40.882750988 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:40.882781982 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:40.882798910 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:40.882883072 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:40.882930994 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:40.984708071 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:40.985093117 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:40.985191107 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:40.986186028 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:40.987082005 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:40.987185001 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:40.996246099 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:40.996284962 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:40.996313095 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:40.996339083 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:40.996375084 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:40.996404886 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:41.000248909 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:41.000287056 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:41.000372887 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:41.032242060 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:41.033344984 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:41.033468008 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:41.035342932 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:41.036309004 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:41.036381006 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:41.037175894 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:41.039679050 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:41.039768934 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:41.040139914 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:41.042198896 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:41.042263031 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:41.043241024 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:41.044784069 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:41.044842958 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:41.072215080 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:41.074889898 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:41.075016975 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:41.075156927 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:41.077172041 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:41.077244997 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:41.078243971 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:41.080180883 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:41.080246925 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:41.081087112 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:41.083214045 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:41.083285093 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:41.084772110 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:41.104240894 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:41.104345083 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:41.106187105 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:41.108653069 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:41.108743906 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:41.109162092 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:41.111273050 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:41.111381054 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:41.113637924 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:41.114239931 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:41.114326954 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:41.116246939 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:41.118814945 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:41.118900061 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:41.119051933 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:41.121160030 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:41.121243000 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:41.122562885 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:41.124217033 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:41.124303102 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:41.125262022 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:41.145279884 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:41.145371914 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:41.146229982 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:41.148088932 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:41.148191929 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:41.153598070 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:41.154104948 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:41.154170990 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:41.156174898 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:41.157108068 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:41.157196999 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:41.158648014 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:41.186739922 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:41.232268095 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:41.232336998 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:41.233052015 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:41.233159065 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:41.234527111 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:41.234580994 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:41.236135960 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:41.236212015 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:41.264273882 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:41.264456034 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:41.265290022 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:41.265377998 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:41.266186953 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:41.266482115 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:41.267163992 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:41.267241001 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:41.268748999 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:41.268830061 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:41.269359112 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:41.269448042 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:41.304572105 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:41.304641962 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:41.306118011 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:41.306190014 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:41.307056904 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:41.307154894 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:41.316162109 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:41.316246986 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:41.316268921 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:41.316314936 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:41.316319942 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:41.316358089 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:41.316375971 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:41.316414118 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:41.316418886 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:41.316469908 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:41.316476107 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:41.316530943 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:41.317270994 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:41.317351103 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:41.352164984 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:41.352250099 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:41.353127956 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:41.353218079 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:41.354492903 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:41.354562044 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:41.356057882 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:41.356131077 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:41.357208014 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:41.357238054 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:41.357276917 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:41.357301950 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:41.358572960 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:41.358624935 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:41.359869003 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:41.359992027 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:41.361150980 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:41.361205101 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:41.362034082 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:41.362102032 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:41.362998962 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:41.363079071 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:41.364578962 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:41.364645004 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:41.365576029 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:41.365632057 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:41.384310007 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:41.384380102 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:41.385664940 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:41.385720968 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:41.386091948 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:41.386174917 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:41.387187004 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:41.387249947 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:41.389087915 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:41.389168024 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:41.390537024 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:41.390614033 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:41.391092062 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:41.391165972 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:41.392095089 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:41.392173052 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:41.393513918 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:41.393578053 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:41.394131899 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:41.394196987 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:41.396001101 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:41.396070004 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:41.397145033 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:41.397208929 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:41.398787975 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:41.398844004 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:41.399051905 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:41.399111986 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:41.400497913 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:41.400578976 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:41.401125908 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:41.401184082 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:41.403476954 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:41.403552055 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:41.404088974 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:41.404155016 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:41.405472994 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:41.405560970 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:41.424240112 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:41.424314976 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:41.425154924 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:41.425216913 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:41.427136898 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:41.427202940 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:41.428397894 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:41.428464890 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:41.429033995 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:41.429090023 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:41.433535099 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:41.433583975 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:41.435044050 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:41.435102940 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:41.436192036 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:41.436304092 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:41.437078953 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:41.437155962 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:41.439316034 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:41.439412117 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:41.440000057 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:41.440049887 CEST160449748194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:41.440068007 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:41.440115929 CEST497481604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:45.212389946 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:45.469850063 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:45.470082045 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:45.471396923 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:45.749150991 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:45.750722885 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:46.002131939 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:46.004771948 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:46.319175959 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:46.322793007 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:46.360330105 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:46.361175060 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:46.361210108 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:46.361232996 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:46.361280918 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:46.362739086 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:46.365562916 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:46.624826908 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:46.640477896 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:46.640645027 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:46.641957998 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:46.643098116 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:46.643187046 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:46.643210888 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:46.643223047 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:46.643285990 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:46.644290924 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:46.644330978 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:46.644433975 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:46.958794117 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:46.959249973 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:46.959331989 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:46.961157084 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:46.962155104 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:46.962227106 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:46.964195967 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:46.965878963 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:46.965976954 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:46.985307932 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:46.987253904 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:46.987361908 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:46.988236904 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:46.990607977 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:46.990695953 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:46.991208076 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:46.993309021 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:46.993382931 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:47.002414942 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:47.002485991 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:47.002542973 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:47.002584934 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:47.002599955 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:47.002696991 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:47.187230110 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:47.233443022 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:47.233557940 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:47.242753983 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:47.242835999 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:47.242883921 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:47.242882013 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:47.242923975 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:47.242923975 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:47.242932081 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:47.242963076 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:47.242978096 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:47.243002892 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:47.243010998 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:47.243042946 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:47.243077993 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:47.243094921 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:47.243179083 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:47.243240118 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:47.244281054 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:47.244354010 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:47.245242119 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:47.245306015 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:47.265563011 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:47.265649080 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:47.271266937 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:47.271354914 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:47.273261070 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:47.273336887 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:47.274281025 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:47.274347067 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:47.275654078 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:47.275732040 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:47.276784897 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:47.276871920 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:47.277194977 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:47.277275085 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:47.278297901 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:47.278379917 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:47.280211926 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:47.280287981 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:47.281682968 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:47.281760931 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:47.282274008 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:47.282337904 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:47.283240080 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:47.283313036 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:47.284239054 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:47.284317970 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:47.304522038 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:47.304611921 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:47.305238008 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:47.305315018 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:47.306682110 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:47.306746006 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:47.316888094 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:47.316973925 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:47.317291975 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:47.317333937 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:47.317353010 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:47.317382097 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:47.317389011 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:47.317425966 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:47.317426920 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:47.317471027 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:47.504503012 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:47.505714893 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:47.505786896 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:47.517390013 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:47.527390957 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:47.527488947 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:47.528347969 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:47.529238939 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:47.529299974 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:47.530728102 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:47.530769110 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:47.530832052 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:47.531655073 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:47.532314062 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:47.532387018 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:47.533330917 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:47.544424057 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:47.544533968 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:47.545840979 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:47.547804117 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:47.547887087 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:47.556905985 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:47.557306051 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:47.557348967 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:47.557377100 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:47.557389021 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:47.557427883 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:47.557435036 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:47.557466984 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:47.557514906 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:47.558244944 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:47.560322046 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:47.560390949 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:47.589348078 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:47.590339899 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:47.590403080 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:47.595344067 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:47.596909046 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:47.596999884 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:47.598228931 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:47.599272013 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:47.599335909 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:47.601761103 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:47.602185011 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:47.602252960 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:47.604201078 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:47.605276108 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:47.605345011 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:47.625458956 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:47.627912998 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:47.627971888 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:47.628551006 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:47.629374981 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:47.629441023 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:47.631277084 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:47.632786036 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:47.632848978 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:47.634207010 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:47.635423899 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:47.635484934 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:47.637734890 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:47.638113022 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:47.638184071 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:47.640808105 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:47.674525023 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:47.674624920 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:47.715799093 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:47.717365980 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:47.717451096 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:47.723877907 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:47.724298954 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:47.724363089 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:47.744574070 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:47.745270014 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:47.745349884 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:47.746292114 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:47.796258926 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:47.843910933 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:47.844314098 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:47.844409943 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:47.866425037 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:47.867209911 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:47.867291927 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:47.869340897 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:47.870656013 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:47.870723009 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:47.871171951 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:47.872692108 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:47.872781992 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:47.874291897 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:47.875215054 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:47.875298977 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:47.878664970 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:47.879386902 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:47.879512072 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:47.881267071 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:47.882322073 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:47.882422924 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:47.884543896 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:47.884599924 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:47.884676933 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:47.904705048 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:47.905201912 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:47.905283928 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:47.906177044 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:47.907805920 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:47.907908916 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:47.908188105 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:47.910290956 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:47.910387993 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:47.912678957 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:47.921264887 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:47.921341896 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:47.921382904 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:47.921410084 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:47.921464920 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:47.925714970 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:47.926230907 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:47.926290035 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:47.926312923 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:47.926325083 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:47.926331997 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:47.926352024 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:47.926368952 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:47.926440001 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:47.959311008 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:47.960223913 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:47.960352898 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:47.961138964 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:47.963390112 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:47.963460922 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:47.984293938 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:47.985156059 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:47.985223055 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:47.989238977 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:47.990124941 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:47.990204096 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:47.991173029 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:48.001609087 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:48.001688957 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:48.003220081 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:48.004148006 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:48.004791975 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:48.005223036 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:48.024250031 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:48.024322033 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:48.025624037 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:48.027493000 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:48.027559042 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:48.032716036 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:48.069691896 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:48.069761038 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:48.104469061 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:48.112978935 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:48.113096952 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:48.133280039 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:48.144479036 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:48.144558907 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:48.160389900 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:48.161221981 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:48.161257982 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:48.161289930 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:48.162643909 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:48.162700891 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:48.163242102 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:48.164279938 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:48.164359093 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:48.165152073 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:48.165180922 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:48.165291071 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:48.166335106 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:48.167545080 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:48.167607069 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:48.167678118 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:48.184267998 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:48.184355021 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:48.186181068 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:48.187597036 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:48.187629938 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:48.187660933 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:48.188186884 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:48.188251019 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:48.189110994 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:48.189182997 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:48.190107107 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:48.190198898 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:48.191307068 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:48.191409111 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:48.192555904 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:48.192636013 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:48.193155050 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:48.193214893 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:48.194359064 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:48.194431067 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:48.195355892 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:48.195416927 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:48.196693897 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:48.196816921 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:48.197201967 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:48.197329044 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:48.207463980 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:48.207551003 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:48.207561016 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:48.207614899 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:48.207638025 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:48.207720995 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:48.207783937 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:48.207798004 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:48.232625008 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:48.232711077 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:48.233139992 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:48.233211040 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:48.234170914 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:48.234235048 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:48.236573935 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:48.236641884 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:48.272610903 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:48.272659063 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:48.272708893 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:48.272735119 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:48.274691105 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:48.274815083 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:48.275149107 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:48.275181055 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:48.275197983 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:48.275228977 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:48.275259972 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:48.275974989 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:48.280144930 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:48.280234098 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:48.281227112 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:48.281306028 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:48.282596111 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:48.282666922 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:48.291240931 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:48.291269064 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:48.291285992 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:48.291353941 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:48.291403055 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:48.311229944 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:48.311299086 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:48.352272034 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:48.352317095 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:48.352365971 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:48.352407932 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:48.392754078 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:48.392923117 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:48.393227100 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:48.393313885 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:48.432382107 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:48.432483912 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:48.433121920 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:48.433198929 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:48.434633970 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:48.434683084 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:48.434714079 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:48.434748888 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:48.440223932 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:48.440320969 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:48.441284895 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:48.441365957 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:48.442748070 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:48.442826986 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:48.444822073 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:48.444911957 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:48.445091009 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:48.445164919 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:48.464276075 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:48.464371920 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:48.465743065 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:48.465820074 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:48.466072083 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:48.466129065 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:48.467767954 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:48.467842102 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:48.468123913 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:48.468182087 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:48.469183922 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:48.469253063 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:48.470666885 CEST160449749194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:48.470752954 CEST497491604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:52.205012083 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:52.472572088 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:52.472881079 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:52.474431992 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:52.749366045 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:52.750009060 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:53.032262087 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:53.035522938 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:53.358045101 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:53.358151913 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:53.384206057 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:53.384300947 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:53.385214090 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:53.385297060 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:53.386163950 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:53.386265993 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:53.395323038 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:53.395428896 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:53.664259911 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:53.665216923 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:53.665312052 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:53.667166948 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:53.668103933 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:53.668248892 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:53.677339077 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:53.677378893 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:53.677405119 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:53.677429914 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:53.677486897 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:53.677556992 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:53.952280045 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:53.952330112 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:53.952394962 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:53.970312119 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:53.970360994 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:53.970391035 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:53.970415115 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:53.970433950 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:53.970439911 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:53.970459938 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:53.970463991 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:53.970488071 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:53.970510960 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:53.970515013 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:53.970535040 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:53.970570087 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:53.970570087 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:53.970613956 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:53.984323978 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:53.986316919 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:53.986398935 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:53.987277985 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:53.989197016 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:53.989288092 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:54.188339949 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:54.242698908 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:54.242842913 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:54.242852926 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:54.242912054 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:54.242938995 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:54.242947102 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:54.242979050 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:54.242990017 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:54.243050098 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:54.243084908 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:54.248308897 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:54.248363972 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:54.248403072 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:54.248488903 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:54.248537064 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:54.265424013 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:54.265688896 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:54.267277002 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:54.267399073 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:54.268332958 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:54.268439054 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:54.270421982 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:54.270536900 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:54.272249937 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:54.272357941 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:54.274365902 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:54.274501085 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:54.275278091 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:54.275396109 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:54.285326958 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:54.285394907 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:54.285444021 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:54.285484076 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:54.285526037 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:54.285558939 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:54.285600901 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:54.285657883 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:54.305425882 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:54.305687904 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:54.307228088 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:54.307396889 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:54.309436083 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:54.309623003 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:54.311194897 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:54.311336040 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:54.313695908 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:54.313798904 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:54.314606905 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:54.314687014 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:54.316224098 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:54.316304922 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:54.319006920 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:54.319119930 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:54.320220947 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:54.320310116 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:54.321122885 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:54.321244001 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:54.323234081 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:54.323312044 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:54.325123072 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:54.325211048 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:54.504223108 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:54.509646893 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:54.512574911 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:54.512833118 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:54.521565914 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:54.521612883 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:54.521641016 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:54.521791935 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:54.524578094 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:54.524621964 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:54.524646997 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:54.524673939 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:54.524698973 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:54.524729013 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:54.524756908 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:54.524776936 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:54.524832964 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:54.544528961 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:54.545722008 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:54.545928955 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:54.547383070 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:54.549928904 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:54.550076008 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:54.550283909 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:54.552346945 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:54.552540064 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:54.553267956 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:54.555232048 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:54.555325031 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:54.556252956 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:54.558177948 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:54.558275938 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:54.560237885 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:54.562333107 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:54.562582970 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:54.563311100 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:54.565232992 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:54.565768003 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:54.585374117 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:54.594388008 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:54.594424963 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:54.594487906 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:54.594500065 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:54.596318960 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:54.600610971 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:54.600755930 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:54.600780010 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:54.600819111 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:54.600830078 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:54.600863934 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:54.600931883 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:54.602442980 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:54.604199886 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:54.604284048 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:54.624380112 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:54.625564098 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:54.625735998 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:54.627363920 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:54.627441883 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:54.629367113 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:54.630681038 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:54.632286072 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:54.632374048 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:54.634171009 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:54.635704041 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:54.635797024 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:54.637157917 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:54.637526989 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:54.755426884 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:54.757144928 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:54.757332087 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:54.758312941 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:54.759268999 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:54.759500980 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:54.760232925 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:54.763305902 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:54.763530970 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:54.765302896 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:54.792546988 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:54.792659998 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:54.794298887 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:54.795519114 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:54.795703888 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:54.796334028 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:54.797476053 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:54.797800064 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:54.798289061 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:54.799359083 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:54.799451113 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:54.801282883 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:54.802475929 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:54.802588940 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:54.803389072 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:54.832289934 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:54.832503080 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:54.833231926 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:54.835294962 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:54.835458040 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:54.836234093 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:54.837124109 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:54.837213993 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:54.839279890 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:54.840212107 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:54.840293884 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:54.841259003 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:54.843183994 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:54.843287945 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:54.844309092 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:54.864409924 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:54.864675045 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:54.865238905 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:54.867297888 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:54.867398024 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:54.868318081 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:54.872200012 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:54.872313023 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:54.873166084 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:54.875193119 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:54.875616074 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:54.876161098 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:54.878253937 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:54.878484964 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:54.879237890 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:54.881267071 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:54.881357908 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:54.882220030 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:54.884212971 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:54.884301901 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:54.885294914 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:54.905234098 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:54.905730963 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:54.907227993 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:54.913321972 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:54.915327072 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:54.915504932 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:54.916162968 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:54.918323040 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:54.918481112 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:54.919384956 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:54.921484947 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:54.921626091 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:54.922250032 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:54.922346115 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:55.026314020 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:55.026359081 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:55.026587963 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:55.189469099 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:55.384320021 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:55.384610891 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:55.385111094 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:55.385221004 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:55.387264967 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:55.387434959 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:55.388201952 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:55.388314009 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:55.390288115 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:55.390635967 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:55.391318083 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:55.391510010 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:55.392205954 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:55.392303944 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:55.394293070 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:55.394531012 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:55.395314932 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:55.395518064 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:55.396158934 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:55.396245956 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:55.398278952 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:55.398374081 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:55.399343014 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:55.399432898 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:55.401226044 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:55.401319027 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:55.402175903 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:55.402264118 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:55.404234886 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:55.404344082 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:55.405224085 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:55.405306101 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:55.425302029 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:55.425518990 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:55.426465034 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:55.426589966 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:55.428324938 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:55.428476095 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:55.429219961 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:55.429405928 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:55.431183100 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:55.431334019 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:55.432533979 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:55.432651997 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:55.434640884 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:55.434762001 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:55.435163021 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:55.435265064 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:55.437666893 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:55.438304901 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:55.438441992 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:55.443578005 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:55.443625927 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:55.443664074 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:55.443711042 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:55.443813086 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:55.444199085 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:55.444303036 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:55.465641022 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:55.466209888 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:55.466375113 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:55.467715025 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:55.467895031 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:55.469238043 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:55.469404936 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:55.470177889 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:55.472945929 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:55.473110914 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:55.473227978 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:55.473356962 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:55.475905895 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:55.476138115 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:55.476562977 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:55.476686001 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:55.478359938 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:55.478449106 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:55.479180098 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:55.479314089 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:55.481404066 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:55.481528044 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:55.482940912 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:55.483062983 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:55.484392881 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:55.485146999 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:55.485924006 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:55.486033916 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:55.505292892 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:55.505773067 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:55.506280899 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:55.506407022 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:55.508255959 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:55.508393049 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:55.510462999 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:55.510634899 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:55.511157036 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:55.511253119 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:55.512255907 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:55.512371063 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:55.514810085 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:55.514949083 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:55.515815020 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:55.516382933 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:55.517385006 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:55.517546892 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:55.518207073 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:55.518335104 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:55.527453899 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:55.527512074 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:55.527563095 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:55.527575016 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:55.527616978 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:55.527630091 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:55.527656078 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:55.527657032 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:55.527688026 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:55.527726889 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:55.545001030 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:55.545283079 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:55.546242952 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:55.546380043 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:55.547280073 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:55.547410011 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:55.548291922 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:55.548401117 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:55.550299883 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:55.550508976 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:55.551428080 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:55.551552057 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:55.552186966 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:55.552310944 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:55.554234982 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:55.554399014 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:55.555294037 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:55.555511951 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:55.557176113 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:55.557312012 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:55.558213949 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:55.558336020 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:55.559185028 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:55.559319019 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:55.560303926 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:55.560411930 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:55.562108040 CEST160449752194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:55.562200069 CEST497521604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:59.206182957 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:59.442192078 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:59.442312956 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:59.443172932 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:59.708187103 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:59.708620071 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:02:59.961251020 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:02:59.962824106 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:00.263587952 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:00.263664007 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:00.325256109 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:00.325493097 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:00.326298952 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:00.326407909 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:00.327193975 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:00.327244043 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:00.327303886 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:00.327382088 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:00.607392073 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:00.607455015 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:00.607615948 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:00.608093023 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:00.609114885 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:00.609328032 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:00.631385088 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:00.632287025 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:00.632445097 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:00.633204937 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:00.634614944 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:00.634762049 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:00.871299028 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:00.871354103 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:00.871561050 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:00.873125076 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:00.874057055 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:00.874085903 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:00.874166012 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:00.876183987 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:00.877036095 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:00.877170086 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:00.877217054 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:00.877288103 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:00.903373957 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:00.905126095 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:00.905313969 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:00.906150103 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:00.907145977 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:00.908160925 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:00.908188105 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:00.908986092 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:00.909080982 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:00.910187960 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:00.911225080 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:00.911365032 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:01.151484013 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:01.152084112 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:01.152223110 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:01.153179884 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:01.154345036 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:01.154441118 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:01.154459953 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:01.155195951 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:01.155296087 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:01.156110048 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:01.156152964 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:01.156263113 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:01.157125950 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:01.158260107 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:01.158355951 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:01.159276962 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:01.160231113 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:01.160372972 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:01.161329985 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:01.162158966 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:01.162269115 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:01.164163113 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:01.183243990 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:01.183427095 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:01.189752102 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:01.193167925 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:01.193272114 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:01.193295002 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:01.193315029 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:01.193346024 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:01.193383932 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:01.193422079 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:01.193424940 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:01.193501949 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:01.195225000 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:01.195362091 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:01.197108984 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:01.197230101 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:01.199026108 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:01.199121952 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:01.200220108 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:01.200326920 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:01.202519894 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:01.202610016 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:01.204190016 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:01.205291986 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:01.223180056 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:01.223323107 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:01.225240946 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:01.225333929 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:01.227526903 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:01.227639914 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:01.229147911 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:01.229226112 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:01.431401968 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:01.431585073 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:01.432152987 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:01.432245970 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:01.433238983 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:01.433322906 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:01.435169935 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:01.435290098 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:01.436080933 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:01.436208963 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:01.437000036 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:01.437091112 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:01.438117981 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:01.439220905 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:01.439335108 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:01.440078974 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:01.440180063 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:01.441127062 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:01.441221952 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:01.442126989 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:01.442225933 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:01.443161011 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:01.443264008 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:01.444178104 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:01.444267988 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:01.464325905 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:01.464490891 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:01.466094017 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:01.466223001 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:01.467050076 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:01.467166901 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:01.469537020 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:01.470135927 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:01.470194101 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:01.470360041 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:01.472177029 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:01.472284079 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:01.473135948 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:01.473233938 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:01.474147081 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:01.474236012 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:01.476149082 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:01.476253986 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:01.477093935 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:01.477193117 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:01.479157925 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:01.479311943 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:01.480160952 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:01.480263948 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:01.482140064 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:01.482247114 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:01.483073950 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:01.483201027 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:01.503174067 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:01.503334999 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:01.505004883 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:01.505132914 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:01.506028891 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:01.506124973 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:01.508111000 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:01.508250952 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:01.509150982 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:01.509247065 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:01.511073112 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:01.512096882 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:01.512212992 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:01.513189077 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:01.515141010 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:01.515254021 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:01.517061949 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:01.518177986 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:01.518345118 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:01.520126104 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:01.522010088 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:01.522102118 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:01.523195982 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:01.543311119 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:01.543553114 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:01.545265913 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:01.546154976 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:01.546258926 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:01.548219919 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:01.549323082 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:01.549418926 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:01.551307917 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:01.553101063 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:01.553184032 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:01.555191994 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:01.557228088 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:01.557318926 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:01.558228970 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:01.609977007 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:01.719247103 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:01.720174074 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:01.720309019 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:01.721045971 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:01.721105099 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:01.721210003 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:01.722135067 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:01.723212004 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:01.723319054 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:01.724102974 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:01.724185944 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:01.724283934 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:01.725106001 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:01.726136923 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:01.726274967 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:01.743195057 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:01.744210005 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:01.744429111 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:01.745057106 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:01.759087086 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:01.759253025 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:01.760416985 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:01.762053967 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:01.762157917 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:01.763499022 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:01.783718109 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:01.783858061 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:01.784142017 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:01.786185026 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:01.786293983 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:01.787133932 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:01.789557934 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:01.789671898 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:01.790076971 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:01.792906046 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:01.793006897 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:01.793019056 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:01.795133114 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:01.795252085 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:01.796113014 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:01.797951937 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:01.798013926 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:01.799698114 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:01.801002979 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:01.801071882 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:01.802174091 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:01.806396961 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:01.806447983 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:01.823870897 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:01.826587915 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:01.826641083 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:01.827194929 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:01.829586983 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:01.829679966 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:01.830708027 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:01.832129002 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:01.832211018 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:01.833163023 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:01.836810112 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:01.836842060 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:01.836889029 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:01.838958025 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:01.839049101 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:01.840260983 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:01.841128111 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:01.841192961 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:01.843216896 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:01.844646931 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:01.844744921 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:01.864144087 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:01.866189957 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:01.866314888 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:01.867082119 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:01.871054888 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:01.871146917 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:01.999255896 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:02.000125885 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:02.000255108 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:02.001260996 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:02.001290083 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:02.001315117 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:02.001396894 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:02.003123999 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:02.003221035 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:02.004688978 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:02.005108118 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:02.005196095 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:02.006114006 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:02.006256104 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:02.006284952 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:02.006334066 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:02.024207115 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:02.024369001 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:02.026082993 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:02.027066946 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:02.027194023 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:02.029074907 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:02.030077934 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:02.030333996 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:02.032146931 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:02.033695936 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:02.033808947 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:02.035159111 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:02.037559986 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:02.037695885 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:02.038093090 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:02.040385962 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:02.040493011 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:02.071418047 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:02.074299097 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:02.074485064 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:02.074707031 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:02.076201916 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:02.076417923 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:02.077153921 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:02.078682899 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:02.078785896 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:02.080540895 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:02.081021070 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:02.081120014 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:02.083856106 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:02.103615046 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:02.103801966 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:02.105729103 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:02.106555939 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:02.106667995 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:02.108566999 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:02.109688044 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:02.109775066 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:02.112198114 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:02.113681078 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:02.113799095 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:02.114723921 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:02.116530895 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:02.116632938 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:02.117645979 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:02.118536949 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:02.118629932 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:02.120672941 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:02.121428013 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:02.121509075 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:02.123744011 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:02.124596119 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:02.124691963 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:02.144057989 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:02.145502090 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:02.145638943 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:02.146433115 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:02.148691893 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:02.148807049 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:02.149514914 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:02.189066887 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:02.271351099 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:02.271533012 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:02.287359953 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:02.287491083 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:02.288608074 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:02.288705111 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:02.289014101 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:02.289150953 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:02.290234089 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:02.290361881 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:02.291203022 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:02.291259050 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:02.291285038 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:02.291311979 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:02.291368961 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:02.304277897 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:02.304385900 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:02.305151939 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:02.305257082 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:02.307158947 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:02.307281971 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:02.308536053 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:02.308645010 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:02.310117006 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:02.310221910 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:02.311023951 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:02.311131001 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:02.313651085 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:02.313754082 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:02.314059973 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:02.314153910 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:02.315968990 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:02.316070080 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:02.317157984 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:02.317250967 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:02.318983078 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:02.319072962 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:02.320210934 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:02.320298910 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:02.322083950 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:02.322170973 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:02.323436975 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:02.323514938 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:02.343468904 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:02.343590021 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:02.344024897 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:02.344099045 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:02.346261978 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:02.346390009 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:02.348076105 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:02.348171949 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:02.357470036 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:02.357512951 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:02.357538939 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:02.357542992 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:02.357566118 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:02.357572079 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:02.357582092 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:02.357594013 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:02.357605934 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:02.357639074 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:02.357973099 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:02.358040094 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:02.359097958 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:02.359275103 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:02.360996008 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:02.361192942 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:02.363101959 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:02.363209009 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:02.363998890 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:02.364078045 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:02.384128094 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:02.384247065 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:02.384968996 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:02.385062933 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:02.387644053 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:02.387769938 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:02.388019085 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:02.388092041 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:02.390202999 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:02.390300035 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:02.391232967 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:02.391323090 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:02.392946959 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:02.393018961 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:02.394069910 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:02.394140005 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:02.403250933 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:02.403302908 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:02.403345108 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:02.403358936 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:02.403392076 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:02.403399944 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:02.403439045 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:02.403490067 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:02.403520107 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:02.403996944 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:02.404114008 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:02.424259901 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:02.424442053 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:02.425188065 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:02.425280094 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:02.427246094 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:02.427314997 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:02.428092003 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:02.428155899 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:02.429975033 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:02.430059910 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:02.431206942 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:02.431308985 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:02.433567047 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:02.433629990 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:02.435162067 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:02.435236931 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:02.452545881 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:02.452605963 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:02.452646017 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:02.452655077 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:02.452685118 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:02.452696085 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:02.452704906 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:02.452724934 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:02.452740908 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:02.452768087 CEST160449753194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:02.452779055 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:02.452847958 CEST497531604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:06.206917048 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:06.444246054 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:06.444421053 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:06.461064100 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:06.719343901 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:06.719883919 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:06.990343094 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:06.993786097 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:07.284152031 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:07.284281015 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:07.325833082 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:07.326003075 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:07.326150894 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:07.326221943 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:07.326242924 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:07.326292038 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:07.326334000 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:07.326340914 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:07.564527035 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:07.600244045 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:07.601217031 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:07.601288080 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:07.602500916 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:07.602648020 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:07.602704048 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:07.603140116 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:07.604425907 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:07.604485989 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:07.605009079 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:07.605053902 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:07.605113029 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:07.865231991 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:07.866086960 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:07.866272926 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:07.867523909 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:07.869026899 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:07.869092941 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:07.870078087 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:07.871103048 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:07.871182919 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:07.872395039 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:07.882555008 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:07.882594109 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:07.882623911 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:07.882652998 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:07.882653952 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:07.882677078 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:07.882704020 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:07.882710934 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:07.882751942 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:07.884027004 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:07.884123087 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:07.904335976 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:07.906251907 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:07.906368017 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:08.120652914 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:08.121125937 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:08.121197939 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:08.122549057 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:08.122569084 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:08.122634888 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:08.144396067 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:08.145334005 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:08.145487070 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:08.146188974 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:08.147653103 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:08.147763014 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:08.148288012 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:08.153557062 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:08.153669119 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:08.154172897 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:08.155062914 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:08.155153990 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:08.156450033 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:08.157371998 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:08.157481909 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:08.159274101 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:08.160226107 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:08.160331011 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:08.161226988 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:08.162233114 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:08.162326097 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:08.164236069 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:08.165312052 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:08.165421009 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:08.185296059 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:08.186202049 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:08.186346054 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:08.188191891 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:08.189887047 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:08.190407038 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:08.190504074 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:08.192501068 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:08.192619085 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:08.193198919 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:08.193301916 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:08.195697069 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:08.195796013 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:08.205804110 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:08.205867052 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:08.205908060 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:08.205946922 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:08.205982924 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:08.205992937 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:08.206082106 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:08.392731905 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:08.392810106 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:08.392865896 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:08.392879963 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:08.392929077 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:08.392935991 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:08.392934084 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:08.392998934 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:08.393057108 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:08.393070936 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:08.393095016 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:08.393099070 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:08.393107891 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:08.393158913 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:08.393167973 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:08.393222094 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:08.400738955 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:08.400868893 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:08.402797937 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:08.402893066 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:08.403842926 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:08.403923035 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:08.404082060 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:08.404175043 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:08.424407959 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:08.424529076 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:08.426114082 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:08.426269054 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:08.428247929 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:08.428369999 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:08.429157019 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:08.429254055 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:08.431085110 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:08.431200027 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:08.432224989 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:08.432312965 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:08.441230059 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:08.441473007 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:08.441512108 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:08.441613913 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:08.445338964 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:08.445401907 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:08.445442915 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:08.445462942 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:08.445487022 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:08.445502043 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:08.445523977 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:08.445559978 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:08.464828968 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:08.465045929 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:08.466233015 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:08.466437101 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:08.468148947 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:08.468353033 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:08.471740961 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:08.471878052 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:08.472054958 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:08.472141027 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:08.482247114 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:08.482362986 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:08.482409954 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:08.482429028 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:08.482458115 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:08.482506037 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:08.487231016 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:08.487365007 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:08.488255978 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:08.488315105 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:08.488357067 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:08.488359928 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:08.488445044 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:08.505752087 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:08.506000042 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:08.507559061 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:08.507756948 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:08.509113073 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:08.509310007 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:08.511241913 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:08.511353016 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:08.512635946 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:08.514198065 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:08.514305115 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:08.516247034 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:08.517184019 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:08.517286062 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:08.519187927 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:08.521166086 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:08.521276951 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:08.523140907 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:08.524163008 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:08.524282932 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:08.544240952 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:08.546236992 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:08.546571970 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:08.548332930 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:08.594887972 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:08.680238008 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:08.681869030 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:08.681951046 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:08.682508945 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:08.682544947 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:08.682631969 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:08.682796955 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:08.685333014 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:08.685455084 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:08.686250925 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:08.686297894 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:08.686347961 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:08.686491966 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:08.686568975 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:08.686734915 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:08.704421043 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:08.706265926 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:08.706388950 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:08.707525015 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:08.709105968 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:08.709206104 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:08.718770027 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:08.718822002 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:08.718872070 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:08.718914986 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:08.722407103 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:08.722466946 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:08.722506046 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:08.722510099 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:08.722551107 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:08.722554922 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:08.724656105 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:08.725074053 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:08.725164890 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:08.746258020 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:08.746403933 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:08.747706890 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:08.749717951 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:08.749830008 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:08.751296997 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:08.752618074 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:08.752698898 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:08.754143953 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:08.756016016 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:08.756151915 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:08.757553101 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:08.759169102 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:08.759246111 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:08.761213064 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:08.763144016 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:08.763283014 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:08.764123917 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:08.784358978 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:08.784517050 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:08.786777020 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:08.788286924 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:08.788414955 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:08.789783001 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:08.793239117 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:08.793335915 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:08.795548916 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:08.797350883 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:08.797437906 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:08.798167944 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:08.800630093 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:08.800751925 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:08.802129984 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:08.804238081 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:08.804341078 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:08.805838108 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:08.825352907 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:08.825442076 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:08.827235937 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:08.864604950 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:08.864701986 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:08.944539070 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:08.945178032 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:08.945262909 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:08.954260111 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:08.955729961 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:08.955774069 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:08.955800056 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:08.955811024 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:08.955851078 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:08.956105947 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:08.957778931 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:08.957863092 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:08.958858013 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:08.959171057 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:08.959237099 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:08.960786104 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:08.961164951 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:08.961252928 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:08.962738037 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:08.964132071 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:08.964193106 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:08.965626001 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:08.989274025 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:08.989397049 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:09.000956059 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:09.001099110 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:09.001121044 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:09.001137018 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:09.001153946 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:09.001174927 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:09.001260042 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:09.001291037 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:09.032713890 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:09.033191919 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:09.033289909 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:09.035705090 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:09.036326885 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:09.036417961 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:09.045299053 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:09.046233892 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:09.046367884 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:09.046381950 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:09.046473980 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:09.046545982 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:09.050215960 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:09.050255060 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:09.050273895 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:09.050416946 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:09.065490961 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:09.065623045 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:09.067890882 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:09.067955017 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:09.068028927 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:09.070048094 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:09.072624922 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:09.072705030 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:09.073112011 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:09.075020075 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:09.075130939 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:09.077697039 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:09.078066111 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:09.078140974 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:09.080204964 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:09.082576036 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:09.082690954 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:09.083081961 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:09.085006952 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:09.085062981 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:09.105681896 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:09.106143951 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:09.106244087 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:09.108017921 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:09.109060049 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:09.109143972 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:09.113046885 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:09.157438040 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:09.189671040 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:09.193182945 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:09.193258047 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:09.194436073 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:09.194497108 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:09.232779026 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:09.232845068 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:09.232880116 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:09.232969999 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:09.242726088 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:09.242764950 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:09.242790937 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:09.242815018 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:09.242814064 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:09.242840052 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:09.242841959 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:09.242847919 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:09.242862940 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:09.242862940 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:09.242883921 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:09.242887020 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:09.242911100 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:09.242927074 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:09.242934942 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:09.242938042 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:09.242964983 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:09.242993116 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:09.243024111 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:09.272808075 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:09.272939920 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:09.273123980 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:09.273207903 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:09.275063038 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:09.275211096 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:09.276292086 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:09.276413918 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:09.285746098 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:09.285784960 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:09.285813093 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:09.285839081 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:09.285864115 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:09.285866022 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:09.285888910 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:09.285923004 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:09.285932064 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:09.285938025 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:09.285942078 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:09.305293083 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:09.305491924 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:09.307612896 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:09.307739973 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:09.309151888 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:09.309489965 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:09.312572956 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:09.312731028 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:09.314291000 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:09.314414024 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:09.315100908 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:09.315212965 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:09.317667961 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:09.317791939 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:09.318330050 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:09.318422079 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:09.320658922 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:09.320868015 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:09.321137905 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:09.321233988 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:09.323232889 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:09.323359013 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:09.324220896 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:09.324352980 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:09.344233036 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:09.344446898 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:09.346281052 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:09.346399069 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:09.347484112 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:09.347584963 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:09.348046064 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:09.348124981 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:09.350713968 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:09.350835085 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:09.351222992 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:09.351320028 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:09.353234053 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:09.353368998 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:09.354118109 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:09.354207039 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:09.356347084 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:09.356475115 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:09.357558966 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:09.357671976 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:09.359177113 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:09.359287024 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:09.360785961 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:09.360896111 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:09.362546921 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:09.362653017 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:09.363168001 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:09.363276958 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:09.365555048 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:09.365672112 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:09.384443998 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:09.384738922 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:09.386215925 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:09.386347055 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:09.387197971 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:09.387315035 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:09.389174938 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:09.389291048 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:09.390531063 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:09.390620947 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:09.392160892 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:09.392261028 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:09.393683910 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:09.393851042 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:09.395668030 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:09.395797014 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:09.396120071 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:09.396219969 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:09.398716927 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:09.398833990 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:09.399018049 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:09.399105072 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:09.401305914 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:09.401349068 CEST160449754194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:09.401416063 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:09.401473045 CEST497541604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:13.205562115 CEST497551604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:13.444307089 CEST160449755194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:13.444509029 CEST497551604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:13.474005938 CEST497551604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:13.744411945 CEST160449755194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:13.744693041 CEST497551604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:13.998473883 CEST160449755194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:13.999397039 CEST497551604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:14.432790995 CEST160449755194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:14.464835882 CEST160449755194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:14.465389013 CEST160449755194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:14.466521025 CEST497551604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:14.466681957 CEST160449755194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:14.475321054 CEST160449755194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:14.475795984 CEST497551604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:14.712476969 CEST160449755194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:14.712568998 CEST160449755194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:14.713310003 CEST497551604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:14.721560001 CEST160449755194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:14.721616030 CEST160449755194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:14.721707106 CEST497551604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:14.744554996 CEST160449755194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:14.746767044 CEST160449755194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:14.746876001 CEST497551604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:14.747662067 CEST160449755194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:14.748688936 CEST160449755194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:14.748979092 CEST497551604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:14.992979050 CEST160449755194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:14.993696928 CEST160449755194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:14.993789911 CEST497551604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:14.994246006 CEST160449755194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:14.995704889 CEST160449755194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:14.995754957 CEST160449755194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:14.995790005 CEST497551604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:14.997399092 CEST160449755194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:14.997451067 CEST160449755194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:14.997488022 CEST160449755194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:14.997540951 CEST497551604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:14.997554064 CEST497551604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:15.125622034 CEST160449755194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:15.126302958 CEST160449755194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:15.126324892 CEST160449755194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:15.126343966 CEST160449755194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:15.126363993 CEST160449755194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:15.126382113 CEST160449755194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:15.126436949 CEST497551604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:15.126497030 CEST497551604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:15.131279945 CEST160449755194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:15.131304979 CEST160449755194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:15.131441116 CEST497551604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:15.280392885 CEST160449755194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:15.282221079 CEST160449755194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:15.282357931 CEST497551604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:15.282542944 CEST160449755194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:15.282578945 CEST160449755194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:15.282663107 CEST497551604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:15.284245014 CEST160449755194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:15.284286022 CEST160449755194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:15.284414053 CEST497551604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:15.285377979 CEST160449755194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:15.310672045 CEST160449755194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:15.310708046 CEST160449755194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:15.310734987 CEST160449755194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:15.310760021 CEST160449755194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:15.310786009 CEST160449755194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:15.310825109 CEST160449755194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:15.310841084 CEST497551604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:15.310914040 CEST497551604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:15.319624901 CEST160449755194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:15.319668055 CEST160449755194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:15.319710016 CEST160449755194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:15.319740057 CEST497551604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:15.319766045 CEST497551604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:15.392635107 CEST160449755194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:15.394500017 CEST160449755194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:15.394675970 CEST497551604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:15.395335913 CEST160449755194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:15.405548096 CEST160449755194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:15.405694008 CEST497551604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:15.406495094 CEST160449755194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:15.406537056 CEST160449755194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:15.406560898 CEST160449755194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:15.406580925 CEST160449755194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:15.406598091 CEST160449755194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:15.406637907 CEST497551604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:15.406688929 CEST497551604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:15.425576925 CEST160449755194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:15.425717115 CEST497551604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:15.427805901 CEST160449755194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:15.429877996 CEST160449755194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:15.429990053 CEST497551604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:15.431700945 CEST160449755194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:15.433587074 CEST160449755194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:15.433701038 CEST497551604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:15.435338974 CEST160449755194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:15.437508106 CEST160449755194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:15.437628031 CEST497551604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:15.439975023 CEST160449755194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:15.486080885 CEST497551604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:15.545821905 CEST160449755194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:15.546426058 CEST160449755194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:15.546649933 CEST497551604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:15.547504902 CEST160449755194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:15.549468040 CEST160449755194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:15.549542904 CEST497551604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:15.551018953 CEST160449755194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:15.551343918 CEST160449755194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:15.551412106 CEST497551604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:15.552321911 CEST160449755194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:15.553961039 CEST160449755194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:15.554074049 CEST497551604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:15.554445982 CEST160449755194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:15.555893898 CEST160449755194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:15.555969000 CEST497551604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:15.556294918 CEST160449755194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:15.559573889 CEST160449755194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:15.559638023 CEST160449755194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:15.559664011 CEST497551604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:15.561474085 CEST160449755194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:15.561573982 CEST497551604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:15.562496901 CEST160449755194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:15.564523935 CEST160449755194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:15.564631939 CEST497551604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:15.585335016 CEST160449755194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:15.594418049 CEST160449755194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:15.594455004 CEST160449755194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:15.594518900 CEST497551604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:15.596398115 CEST160449755194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:15.596432924 CEST160449755194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:15.596455097 CEST160449755194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:15.596476078 CEST160449755194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:15.596509933 CEST497551604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:15.596535921 CEST497551604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:15.598365068 CEST160449755194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:15.598444939 CEST497551604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:15.600605011 CEST160449755194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:15.602401018 CEST160449755194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:15.602488041 CEST497551604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:15.905422926 CEST160449755194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:15.913430929 CEST160449755194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:15.913723946 CEST497551604192.168.2.3194.5.98.120
                                      Jun 9, 2021 06:03:15.915060997 CEST160449755194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:15.922380924 CEST160449755194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:15.922429085 CEST160449755194.5.98.120192.168.2.3
                                      Jun 9, 2021 06:03:15.922583103 CEST497551604192.168.2.3194.5.98.120

                                      Code Manipulations

                                      Statistics

                                      CPU Usage

                                      Click to jump to process

                                      Memory Usage

                                      Click to jump to process

                                      High Level Behavior Distribution

                                      Click to dive into process behavior distribution

                                      Behavior

                                      Click to jump to process

                                      System Behavior

                                      Analysis Process: #RFQ ORDER484475577797.exe PID: 4364 Parent PID: 5700

                                      General

                                      Start time:06:01:03
                                      Start date:09/06/2021
                                      Path:C:\Users\user\Desktop\#RFQ ORDER484475577797.exe
                                      Wow64 process (32bit):true
                                      Commandline:'C:\Users\user\Desktop\#RFQ ORDER484475577797.exe'
                                      Imagebase:0x170000
                                      File size:800768 bytes
                                      MD5 hash:18E38261E8EA6AE0077C5448F809CCB6
                                      Has elevated privileges:true
                                      Has administrator privileges:true
                                      Programmed in:.Net C# or VB.NET
                                      Yara matches:
                                      • Rule: JoeSecurity_AntiVM_3, Description: Yara detected AntiVM_3, Source: 00000000.00000002.234685013.0000000002611000.00000004.00000001.sdmp, Author: Joe Security
                                      • Rule: Nanocore_RAT_Gen_2, Description: Detetcs the Nanocore RAT, Source: 00000000.00000002.237223638.0000000003611000.00000004.00000001.sdmp, Author: Florian Roth
                                      • Rule: JoeSecurity_Nanocore, Description: Yara detected Nanocore RAT, Source: 00000000.00000002.237223638.0000000003611000.00000004.00000001.sdmp, Author: Joe Security
                                      • Rule: NanoCore, Description: unknown, Source: 00000000.00000002.237223638.0000000003611000.00000004.00000001.sdmp, Author: Kevin Breen <kevin@techanarchy.net>
                                      Reputation:low

                                      Chronological Activities

                                      Analysis Process: powershell.exe PID: 5616 Parent PID: 4364

                                      General

                                      Start time:06:01:12
                                      Start date:09/06/2021
                                      Path:C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
                                      Wow64 process (32bit):true
                                      Commandline:'C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe' Add-MpPreference -ExclusionPath 'C:\Users\user\Desktop\#RFQ ORDER484475577797.exe'
                                      Imagebase:0xf30000
                                      File size:430592 bytes
                                      MD5 hash:DBA3E6449E97D4E3DF64527EF7012A10
                                      Has elevated privileges:true
                                      Has administrator privileges:true
                                      Programmed in:.Net C# or VB.NET
                                      Reputation:high

                                      Chronological Activities

                                      Analysis Process: conhost.exe PID: 4884 Parent PID: 5616

                                      General

                                      Start time:06:01:12
                                      Start date:09/06/2021
                                      Path:C:\Windows\System32\conhost.exe
                                      Wow64 process (32bit):false
                                      Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                      Imagebase:0x7ff6b2800000
                                      File size:625664 bytes
                                      MD5 hash:EA777DEEA782E8B4D7C7C33BBF8A4496
                                      Has elevated privileges:true
                                      Has administrator privileges:true
                                      Programmed in:C, C++ or other language
                                      Reputation:high

                                      Chronological Activities

                                      Analysis Process: powershell.exe PID: 6052 Parent PID: 4364

                                      General

                                      Start time:06:01:13
                                      Start date:09/06/2021
                                      Path:C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
                                      Wow64 process (32bit):true
                                      Commandline:'C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe' Add-MpPreference -ExclusionPath 'C:\Users\user\AppData\Roaming\LNSXWuepjsOA.exe'
                                      Imagebase:0xf30000
                                      File size:430592 bytes
                                      MD5 hash:DBA3E6449E97D4E3DF64527EF7012A10
                                      Has elevated privileges:true
                                      Has administrator privileges:true
                                      Programmed in:.Net C# or VB.NET
                                      Reputation:high

                                      Chronological Activities

                                      Analysis Process: conhost.exe PID: 5460 Parent PID: 6052

                                      General

                                      Start time:06:01:13
                                      Start date:09/06/2021
                                      Path:C:\Windows\System32\conhost.exe
                                      Wow64 process (32bit):false
                                      Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                      Imagebase:0x7ff6741d0000
                                      File size:625664 bytes
                                      MD5 hash:EA777DEEA782E8B4D7C7C33BBF8A4496
                                      Has elevated privileges:true
                                      Has administrator privileges:true
                                      Programmed in:C, C++ or other language
                                      Reputation:high

                                      Chronological Activities

                                      Analysis Process: schtasks.exe PID: 5728 Parent PID: 4364

                                      General

                                      Start time:06:01:13
                                      Start date:09/06/2021
                                      Path:C:\Windows\SysWOW64\schtasks.exe
                                      Wow64 process (32bit):true
                                      Commandline:'C:\Windows\System32\schtasks.exe' /Create /TN 'Updates\LNSXWuepjsOA' /XML 'C:\Users\user\AppData\Local\Temp\tmp5439.tmp'
                                      Imagebase:0x60000
                                      File size:185856 bytes
                                      MD5 hash:15FF7D8324231381BAD48A052F85DF04
                                      Has elevated privileges:true
                                      Has administrator privileges:true
                                      Programmed in:C, C++ or other language
                                      Reputation:high

                                      Chronological Activities

                                      Analysis Process: conhost.exe PID: 5916 Parent PID: 5728

                                      General

                                      Start time:06:01:14
                                      Start date:09/06/2021
                                      Path:C:\Windows\System32\conhost.exe
                                      Wow64 process (32bit):false
                                      Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                      Imagebase:0x7ff6b2800000
                                      File size:625664 bytes
                                      MD5 hash:EA777DEEA782E8B4D7C7C33BBF8A4496
                                      Has elevated privileges:true
                                      Has administrator privileges:true
                                      Programmed in:C, C++ or other language
                                      Reputation:high

                                      Chronological Activities

                                      Analysis Process: powershell.exe PID: 3292 Parent PID: 4364

                                      General

                                      Start time:06:01:14
                                      Start date:09/06/2021
                                      Path:C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
                                      Wow64 process (32bit):true
                                      Commandline:'C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe' Add-MpPreference -ExclusionPath 'C:\Users\user\AppData\Roaming\LNSXWuepjsOA.exe'
                                      Imagebase:0xf30000
                                      File size:430592 bytes
                                      MD5 hash:DBA3E6449E97D4E3DF64527EF7012A10
                                      Has elevated privileges:true
                                      Has administrator privileges:true
                                      Programmed in:.Net C# or VB.NET
                                      Reputation:high

                                      Chronological Activities

                                      Analysis Process: conhost.exe PID: 1968 Parent PID: 3292

                                      General

                                      Start time:06:01:15
                                      Start date:09/06/2021
                                      Path:C:\Windows\System32\conhost.exe
                                      Wow64 process (32bit):false
                                      Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                      Imagebase:0x7ff6b2800000
                                      File size:625664 bytes
                                      MD5 hash:EA777DEEA782E8B4D7C7C33BBF8A4496
                                      Has elevated privileges:true
                                      Has administrator privileges:true
                                      Programmed in:C, C++ or other language
                                      Reputation:high

                                      Chronological Activities

                                      Analysis Process: #RFQ ORDER484475577797.exe PID: 1048 Parent PID: 4364

                                      General

                                      Start time:06:01:15
                                      Start date:09/06/2021
                                      Path:C:\Users\user\Desktop\#RFQ ORDER484475577797.exe
                                      Wow64 process (32bit):true
                                      Commandline:C:\Users\user\Desktop\#RFQ ORDER484475577797.exe
                                      Imagebase:0x7f0000
                                      File size:800768 bytes
                                      MD5 hash:18E38261E8EA6AE0077C5448F809CCB6
                                      Has elevated privileges:true
                                      Has administrator privileges:true
                                      Programmed in:.Net C# or VB.NET
                                      Yara matches:
                                      • Rule: Nanocore_RAT_Gen_2, Description: Detetcs the Nanocore RAT, Source: 0000000A.00000002.494989235.0000000006530000.00000004.00000001.sdmp, Author: Florian Roth
                                      • Rule: Nanocore_RAT_Feb18_1, Description: Detects Nanocore RAT, Source: 0000000A.00000002.494989235.0000000006530000.00000004.00000001.sdmp, Author: Florian Roth
                                      • Rule: NanoCore, Description: unknown, Source: 0000000A.00000002.491944391.0000000004483000.00000004.00000001.sdmp, Author: Kevin Breen <kevin@techanarchy.net>
                                      • Rule: NanoCore, Description: unknown, Source: 0000000A.00000002.484331798.0000000002C1C000.00000004.00000001.sdmp, Author: Kevin Breen <kevin@techanarchy.net>
                                      • Rule: Nanocore_RAT_Gen_2, Description: Detetcs the Nanocore RAT, Source: 0000000A.00000002.495585675.00000000065F0000.00000004.00000001.sdmp, Author: Florian Roth
                                      • Rule: Nanocore_RAT_Feb18_1, Description: Detects Nanocore RAT, Source: 0000000A.00000002.495585675.00000000065F0000.00000004.00000001.sdmp, Author: Florian Roth
                                      • Rule: Nanocore_RAT_Gen_2, Description: Detetcs the Nanocore RAT, Source: 0000000A.00000000.222827759.0000000000402000.00000040.00000001.sdmp, Author: Florian Roth
                                      • Rule: JoeSecurity_Nanocore, Description: Yara detected Nanocore RAT, Source: 0000000A.00000000.222827759.0000000000402000.00000040.00000001.sdmp, Author: Joe Security
                                      • Rule: NanoCore, Description: unknown, Source: 0000000A.00000000.222827759.0000000000402000.00000040.00000001.sdmp, Author: Kevin Breen <kevin@techanarchy.net>
                                      • Rule: Nanocore_RAT_Gen_2, Description: Detetcs the Nanocore RAT, Source: 0000000A.00000002.495314337.00000000065A0000.00000004.00000001.sdmp, Author: Florian Roth
                                      • Rule: Nanocore_RAT_Feb18_1, Description: Detects Nanocore RAT, Source: 0000000A.00000002.495314337.00000000065A0000.00000004.00000001.sdmp, Author: Florian Roth
                                      • Rule: Nanocore_RAT_Gen_2, Description: Detetcs the Nanocore RAT, Source: 0000000A.00000002.495206933.0000000006580000.00000004.00000001.sdmp, Author: Florian Roth
                                      • Rule: Nanocore_RAT_Feb18_1, Description: Detects Nanocore RAT, Source: 0000000A.00000002.495206933.0000000006580000.00000004.00000001.sdmp, Author: Florian Roth
                                      • Rule: Nanocore_RAT_Gen_2, Description: Detetcs the Nanocore RAT, Source: 0000000A.00000002.495261079.0000000006590000.00000004.00000001.sdmp, Author: Florian Roth
                                      • Rule: Nanocore_RAT_Feb18_1, Description: Detects Nanocore RAT, Source: 0000000A.00000002.495261079.0000000006590000.00000004.00000001.sdmp, Author: Florian Roth
                                      • Rule: Nanocore_RAT_Gen_2, Description: Detetcs the Nanocore RAT, Source: 0000000A.00000002.495369457.00000000065B0000.00000004.00000001.sdmp, Author: Florian Roth
                                      • Rule: Nanocore_RAT_Feb18_1, Description: Detects Nanocore RAT, Source: 0000000A.00000002.495369457.00000000065B0000.00000004.00000001.sdmp, Author: Florian Roth
                                      • Rule: JoeSecurity_Nanocore, Description: Yara detected Nanocore RAT, Source: 0000000A.00000002.483639790.0000000002BB1000.00000004.00000001.sdmp, Author: Joe Security
                                      • Rule: Nanocore_RAT_Gen_2, Description: Detetcs the Nanocore RAT, Source: 0000000A.00000002.495737204.0000000006630000.00000004.00000001.sdmp, Author: Florian Roth
                                      • Rule: Nanocore_RAT_Feb18_1, Description: Detects Nanocore RAT, Source: 0000000A.00000002.495737204.0000000006630000.00000004.00000001.sdmp, Author: Florian Roth
                                      • Rule: Nanocore_RAT_Gen_2, Description: Detetcs the Nanocore RAT, Source: 0000000A.00000000.223631637.0000000000402000.00000040.00000001.sdmp, Author: Florian Roth
                                      • Rule: JoeSecurity_Nanocore, Description: Yara detected Nanocore RAT, Source: 0000000A.00000000.223631637.0000000000402000.00000040.00000001.sdmp, Author: Joe Security
                                      • Rule: NanoCore, Description: unknown, Source: 0000000A.00000000.223631637.0000000000402000.00000040.00000001.sdmp, Author: Kevin Breen <kevin@techanarchy.net>
                                      • Rule: Nanocore_RAT_Gen_2, Description: Detetcs the Nanocore RAT, Source: 0000000A.00000002.495530552.00000000065E0000.00000004.00000001.sdmp, Author: Florian Roth
                                      • Rule: Nanocore_RAT_Feb18_1, Description: Detects Nanocore RAT, Source: 0000000A.00000002.495530552.00000000065E0000.00000004.00000001.sdmp, Author: Florian Roth
                                      • Rule: Nanocore_RAT_Gen_2, Description: Detetcs the Nanocore RAT, Source: 0000000A.00000002.495151540.0000000006570000.00000004.00000001.sdmp, Author: Florian Roth
                                      • Rule: Nanocore_RAT_Feb18_1, Description: Detects Nanocore RAT, Source: 0000000A.00000002.495151540.0000000006570000.00000004.00000001.sdmp, Author: Florian Roth
                                      • Rule: Nanocore_RAT_Gen_2, Description: Detetcs the Nanocore RAT, Source: 0000000A.00000002.493841988.0000000005430000.00000004.00000001.sdmp, Author: Florian Roth
                                      • Rule: Nanocore_RAT_Feb18_1, Description: Detects Nanocore RAT, Source: 0000000A.00000002.493841988.0000000005430000.00000004.00000001.sdmp, Author: Florian Roth
                                      • Rule: JoeSecurity_Nanocore, Description: Yara detected Nanocore RAT, Source: 0000000A.00000002.489457795.0000000003BF9000.00000004.00000001.sdmp, Author: Joe Security
                                      • Rule: NanoCore, Description: unknown, Source: 0000000A.00000002.489457795.0000000003BF9000.00000004.00000001.sdmp, Author: Kevin Breen <kevin@techanarchy.net>
                                      • Rule: NanoCore, Description: unknown, Source: 0000000A.00000002.489186804.00000000030DC000.00000004.00000001.sdmp, Author: Kevin Breen <kevin@techanarchy.net>
                                      • Rule: Nanocore_RAT_Gen_2, Description: Detetcs the Nanocore RAT, Source: 0000000A.00000002.467232540.0000000000402000.00000040.00000001.sdmp, Author: Florian Roth
                                      • Rule: JoeSecurity_Nanocore, Description: Yara detected Nanocore RAT, Source: 0000000A.00000002.467232540.0000000000402000.00000040.00000001.sdmp, Author: Joe Security
                                      • Rule: NanoCore, Description: unknown, Source: 0000000A.00000002.467232540.0000000000402000.00000040.00000001.sdmp, Author: Kevin Breen <kevin@techanarchy.net>
                                      • Rule: Nanocore_RAT_Gen_2, Description: Detetcs the Nanocore RAT, Source: 0000000A.00000002.495415659.00000000065C0000.00000004.00000001.sdmp, Author: Florian Roth
                                      • Rule: Nanocore_RAT_Feb18_1, Description: Detects Nanocore RAT, Source: 0000000A.00000002.495415659.00000000065C0000.00000004.00000001.sdmp, Author: Florian Roth
                                      • Rule: Nanocore_RAT_Gen_2, Description: Detetcs the Nanocore RAT, Source: 0000000A.00000002.494542186.0000000005E10000.00000004.00000001.sdmp, Author: Florian Roth
                                      • Rule: Nanocore_RAT_Feb18_1, Description: Detects Nanocore RAT, Source: 0000000A.00000002.494542186.0000000005E10000.00000004.00000001.sdmp, Author: Florian Roth
                                      • Rule: JoeSecurity_Nanocore, Description: Yara detected Nanocore RAT, Source: 0000000A.00000002.494542186.0000000005E10000.00000004.00000001.sdmp, Author: Joe Security
                                      • Rule: JoeSecurity_Nanocore, Description: Yara detected Nanocore RAT, Source: 0000000A.00000002.491386366.0000000004223000.00000004.00000001.sdmp, Author: Joe Security
                                      • Rule: NanoCore, Description: unknown, Source: 0000000A.00000002.491386366.0000000004223000.00000004.00000001.sdmp, Author: Kevin Breen <kevin@techanarchy.net>
                                      • Rule: JoeSecurity_Nanocore, Description: Yara detected Nanocore RAT, Source: 0000000A.00000002.491745715.00000000043D6000.00000004.00000001.sdmp, Author: Joe Security
                                      • Rule: NanoCore, Description: unknown, Source: 0000000A.00000002.491745715.00000000043D6000.00000004.00000001.sdmp, Author: Kevin Breen <kevin@techanarchy.net>
                                      • Rule: JoeSecurity_Nanocore, Description: Yara detected Nanocore RAT, Source: 0000000A.00000002.492065013.000000000456E000.00000004.00000001.sdmp, Author: Joe Security
                                      • Rule: NanoCore, Description: unknown, Source: 0000000A.00000002.492065013.000000000456E000.00000004.00000001.sdmp, Author: Kevin Breen <kevin@techanarchy.net>
                                      • Rule: Nanocore_RAT_Gen_2, Description: Detetcs the Nanocore RAT, Source: 0000000A.00000002.495101158.0000000006560000.00000004.00000001.sdmp, Author: Florian Roth
                                      • Rule: Nanocore_RAT_Feb18_1, Description: Detects Nanocore RAT, Source: 0000000A.00000002.495101158.0000000006560000.00000004.00000001.sdmp, Author: Florian Roth
                                      Reputation:low

                                      Chronological Activities

                                      Disassembly

                                      Code Analysis

                                      Reset < >

                                        Analysis Process: #RFQ ORDER484475577797.exe PID: 4364 Parent PID: 5700 #RFQ ORDER484475577797.exeCOMMON

                                        Executed Functions

                                        Function 0E4511F0, Relevance: 3.9, Strings: 3, Instructions: 129COMMON
                                        Download Yara Rule
                                        Strings
                                        Memory Dump Source
                                        • Source File: 00000000.00000002.255102887.000000000E450000.00000040.00000001.sdmp, Offset: 0E450000, based on PE: false
                                        Similarity
                                        • API ID:
                                        • String ID: 8rJq$t:ot$m@
                                        • API String ID: 0-1238892477
                                        • Opcode ID: 2594a3bfc719e3d82a23542c14b65d7d562c75c9d17d682931d1f0fdb93c44bd
                                        • Instruction ID: 7063324e4eff9a3a88dea9caaa0ed743c9c119c29808118aa0389289f911ecd5
                                        • Opcode Fuzzy Hash: 2594a3bfc719e3d82a23542c14b65d7d562c75c9d17d682931d1f0fdb93c44bd
                                        • Instruction Fuzzy Hash: D1517D71E0A619CBCB54CF69D88079DFAB2FB89304F1095A7D419E7315EB389E818F00
                                        Uniqueness

                                        Uniqueness Score: -1.00%

                                        Function 08720C48, Relevance: 1.5, Strings: 1, Instructions: 219COMMON
                                        Download Yara Rule
                                        Strings
                                        Memory Dump Source
                                        • Source File: 00000000.00000002.253446664.0000000008720000.00000040.00000001.sdmp, Offset: 08720000, based on PE: false
                                        Similarity
                                        • API ID:
                                        • String ID: =Ih
                                        • API String ID: 0-1239927671
                                        • Opcode ID: dfd3a6d70e6dfd7f03c955f3ec07fa106450cba6e9791ace48eb0c22a4808fbf
                                        • Instruction ID: 2f38fac99c988b93b2d9dc5b84da0d162e8eafe59e8829ef4b1f25323213de03
                                        • Opcode Fuzzy Hash: dfd3a6d70e6dfd7f03c955f3ec07fa106450cba6e9791ace48eb0c22a4808fbf
                                        • Instruction Fuzzy Hash: FC91D1B4E04619CFDB08CFEAC9849DEBBB2FB89300F14942AD515BB268D7749941CF64
                                        Uniqueness

                                        Uniqueness Score: -1.00%

                                        Function 08720C39, Relevance: 1.5, Strings: 1, Instructions: 218COMMON
                                        Download Yara Rule
                                        Strings
                                        Memory Dump Source
                                        • Source File: 00000000.00000002.253446664.0000000008720000.00000040.00000001.sdmp, Offset: 08720000, based on PE: false
                                        Similarity
                                        • API ID:
                                        • String ID: =Ih
                                        • API String ID: 0-1239927671
                                        • Opcode ID: 16cb0462e1ae614ea251fd11365f60e05b83649072360dcfbc681c2199f06a64
                                        • Instruction ID: 770844fd250241bfb18831f025f7f7bce75cbe0c22a41e2767ad0376bfbaecbf
                                        • Opcode Fuzzy Hash: 16cb0462e1ae614ea251fd11365f60e05b83649072360dcfbc681c2199f06a64
                                        • Instruction Fuzzy Hash: 5591D2B4E04619CFDB08CFEAC9846DEBBB2FB89300F14942AD515BB258D7749942CF64
                                        Uniqueness

                                        Uniqueness Score: -1.00%

                                        Function 08722C31, Relevance: .4, Instructions: 408COMMON
                                        Download Yara Rule
                                        Memory Dump Source
                                        • Source File: 00000000.00000002.253446664.0000000008720000.00000040.00000001.sdmp, Offset: 08720000, based on PE: false
                                        Similarity
                                        • API ID:
                                        • String ID:
                                        • API String ID:
                                        • Opcode ID: dd0097ab75b5b2d925eadcc09511b62c3ba85e8257810173468e964ef59845c0
                                        • Instruction ID: a044800bb9b8c7987c01bcd30719a6a0b29f3112c5faad8924374201e62d0ae1
                                        • Opcode Fuzzy Hash: dd0097ab75b5b2d925eadcc09511b62c3ba85e8257810173468e964ef59845c0
                                        • Instruction Fuzzy Hash: D5F1A570D2926ADFCB04CFA5C48449EFBB2FF45302B549659D415AB22BD334DA82CFA4
                                        Uniqueness

                                        Uniqueness Score: -1.00%

                                        Function 0E45D0B8, Relevance: .3, Instructions: 341COMMON
                                        Download Yara Rule
                                        Memory Dump Source
                                        • Source File: 00000000.00000002.255102887.000000000E450000.00000040.00000001.sdmp, Offset: 0E450000, based on PE: false
                                        Similarity
                                        • API ID:
                                        • String ID:
                                        • API String ID:
                                        • Opcode ID: 3fddb175bb1cd42f78f7675d1fc0f8e61c80d675ddde6950311795d6ec0f842b
                                        • Instruction ID: 5ac6541d499593aa5df6d16fc8c8670a6f4fbb3727038d9187b42d6c2378629e
                                        • Opcode Fuzzy Hash: 3fddb175bb1cd42f78f7675d1fc0f8e61c80d675ddde6950311795d6ec0f842b
                                        • Instruction Fuzzy Hash: E9D16D71E042098FCB14DFA9C484AAEFBF2EF48314F15851AE915AB356DB34ED46CB90
                                        Uniqueness

                                        Uniqueness Score: -1.00%

                                        Function 08722DA8, Relevance: .3, Instructions: 290COMMON
                                        Download Yara Rule
                                        Memory Dump Source
                                        • Source File: 00000000.00000002.253446664.0000000008720000.00000040.00000001.sdmp, Offset: 08720000, based on PE: false
                                        Similarity
                                        • API ID:
                                        • String ID:
                                        • API String ID:
                                        • Opcode ID: a9f167b977b733d65d820317fabe8b29b42bf96d2a84f15cf40c89e2bfe294e4
                                        • Instruction ID: 802f3b31c6d5812313a353637cf985ec10c57e8597a32f5b1fb6537ab406cecc
                                        • Opcode Fuzzy Hash: a9f167b977b733d65d820317fabe8b29b42bf96d2a84f15cf40c89e2bfe294e4
                                        • Instruction Fuzzy Hash: 57D12770E1521ADFCB04CF96C5848AEFBB2FF89301B148559D416AB369D734EA42CFA4
                                        Uniqueness

                                        Uniqueness Score: -1.00%

                                        Function 0E45AFA0, Relevance: .3, Instructions: 281COMMON
                                        Download Yara Rule
                                        Memory Dump Source
                                        • Source File: 00000000.00000002.255102887.000000000E450000.00000040.00000001.sdmp, Offset: 0E450000, based on PE: false
                                        Similarity
                                        • API ID:
                                        • String ID:
                                        • API String ID:
                                        • Opcode ID: 3c94ef14b829a1f83cf079ae66728d8e4fb5144b138f84dd69d5a800e7adfd24
                                        • Instruction ID: e1d3cbb1a003d4649f457d57ec37e0576e86171789f95f22e3d5b5ae74d8efce
                                        • Opcode Fuzzy Hash: 3c94ef14b829a1f83cf079ae66728d8e4fb5144b138f84dd69d5a800e7adfd24
                                        • Instruction Fuzzy Hash: CBB15A71E00209CFDB10CFA9C9857EEBBF2EF88744F14852AE815A7395EB749845CB91
                                        Uniqueness

                                        Uniqueness Score: -1.00%

                                        Function 0E45B870, Relevance: .3, Instructions: 266COMMON
                                        Download Yara Rule
                                        Memory Dump Source
                                        • Source File: 00000000.00000002.255102887.000000000E450000.00000040.00000001.sdmp, Offset: 0E450000, based on PE: false
                                        Similarity
                                        • API ID:
                                        • String ID:
                                        • API String ID:
                                        • Opcode ID: 0b37a0fc7e69b3c17f2f1009e1a35cf994545d69c718050dbc7461c2631bccf9
                                        • Instruction ID: 45d0cc27badac8e1ee65479496d736833d54c65e1cf6cb979988b6670bbb7f30
                                        • Opcode Fuzzy Hash: 0b37a0fc7e69b3c17f2f1009e1a35cf994545d69c718050dbc7461c2631bccf9
                                        • Instruction Fuzzy Hash: 4DB16C72E04209CFDB10CFA9C99579EBBF2EF88314F14812AD854AB795EB749C45CB81
                                        Uniqueness

                                        Uniqueness Score: -1.00%

                                        Function 0872F658, Relevance: .2, Instructions: 156COMMON
                                        Download Yara Rule
                                        Memory Dump Source
                                        • Source File: 00000000.00000002.253446664.0000000008720000.00000040.00000001.sdmp, Offset: 08720000, based on PE: false
                                        Similarity
                                        • API ID:
                                        • String ID:
                                        • API String ID:
                                        • Opcode ID: 170303c1015f72615b0562b7fbdad42c2b374bbf23a64725484bb63f69ba15f0
                                        • Instruction ID: 6f7a6e827437bdf3c23b986d1462da6fcd970c60ff4d07e6a7a02694b02a6163
                                        • Opcode Fuzzy Hash: 170303c1015f72615b0562b7fbdad42c2b374bbf23a64725484bb63f69ba15f0
                                        • Instruction Fuzzy Hash: AD514F71E16229DBDB14CFA6D9805DDFBF2FF9E201F14A42AC406B7258DB3499018B28
                                        Uniqueness

                                        Uniqueness Score: -1.00%

                                        Function 08721530, Relevance: .1, Instructions: 138COMMON
                                        Download Yara Rule
                                        Memory Dump Source
                                        • Source File: 00000000.00000002.253446664.0000000008720000.00000040.00000001.sdmp, Offset: 08720000, based on PE: false
                                        Similarity
                                        • API ID:
                                        • String ID:
                                        • API String ID:
                                        • Opcode ID: 8c7a189bd5d41566e0bed7d86f1d7c47c77f087034e96bf1871b135290a31002
                                        • Instruction ID: c80b52eab1b016439d352fc83a06f841d44f3f333cddae0de7010629ab8c9854
                                        • Opcode Fuzzy Hash: 8c7a189bd5d41566e0bed7d86f1d7c47c77f087034e96bf1871b135290a31002
                                        • Instruction Fuzzy Hash: 8251E8B0D04619CFCB08CFAAC5446AEFBF2FF89201F14C16AD519A7254D7349A42CF64
                                        Uniqueness

                                        Uniqueness Score: -1.00%

                                        Function 08721540, Relevance: .1, Instructions: 137COMMON
                                        Download Yara Rule
                                        Memory Dump Source
                                        • Source File: 00000000.00000002.253446664.0000000008720000.00000040.00000001.sdmp, Offset: 08720000, based on PE: false
                                        Similarity
                                        • API ID:
                                        • String ID:
                                        • API String ID:
                                        • Opcode ID: 0971431e980d8ad56f6c204e7ec9244e357b89e057989bd5ee04c63a4ac091de
                                        • Instruction ID: edbe6d9aa8e8727512b69129fd766531e518ae882d9b6f6341beaecc0fa5a34c
                                        • Opcode Fuzzy Hash: 0971431e980d8ad56f6c204e7ec9244e357b89e057989bd5ee04c63a4ac091de
                                        • Instruction Fuzzy Hash: F851E6B0E04219CFDB08CFAAC5445AEFBF2FF89201F14D16AD51AA7258D7349A41CFA4
                                        Uniqueness

                                        Uniqueness Score: -1.00%

                                        Function 08720011, Relevance: .1, Instructions: 93COMMON
                                        Download Yara Rule
                                        Memory Dump Source
                                        • Source File: 00000000.00000002.253446664.0000000008720000.00000040.00000001.sdmp, Offset: 08720000, based on PE: false
                                        Similarity
                                        • API ID:
                                        • String ID:
                                        • API String ID:
                                        • Opcode ID: a76060b7e30ee401b1fa720bf5f7b7059456583e4f06deeb2283cfb618b64c05
                                        • Instruction ID: 2ecdd5771c8055fa21e5707df6ebfc80a8863e7a77e4f57eda3ce1386612cc4d
                                        • Opcode Fuzzy Hash: a76060b7e30ee401b1fa720bf5f7b7059456583e4f06deeb2283cfb618b64c05
                                        • Instruction Fuzzy Hash: 02313D71E05658CFEB19CF6ACC5079EBBF3AFC9200F05C1AAD418AB259EB3449458F61
                                        Uniqueness

                                        Uniqueness Score: -1.00%

                                        Function 08720040, Relevance: .1, Instructions: 79COMMON
                                        Download Yara Rule
                                        Memory Dump Source
                                        • Source File: 00000000.00000002.253446664.0000000008720000.00000040.00000001.sdmp, Offset: 08720000, based on PE: false
                                        Similarity
                                        • API ID:
                                        • String ID:
                                        • API String ID:
                                        • Opcode ID: 155081073a1fd40728b1aa83cfa4f5c1459f90fd0822e3be93c1e69a6a272a85
                                        • Instruction ID: b39b0738b229cab72a4dbe2c5a082ede08b8fc42036ed43e5b210d38c3c2c495
                                        • Opcode Fuzzy Hash: 155081073a1fd40728b1aa83cfa4f5c1459f90fd0822e3be93c1e69a6a272a85
                                        • Instruction Fuzzy Hash: B531CA71E05618CBEB18CFABD85069EBAF3EBC8204F04C1AAD519A6254EB345A458F61
                                        Uniqueness

                                        Uniqueness Score: -1.00%

                                        Function 08721E60, Relevance: .1, Instructions: 68COMMON
                                        Download Yara Rule
                                        Memory Dump Source
                                        • Source File: 00000000.00000002.253446664.0000000008720000.00000040.00000001.sdmp, Offset: 08720000, based on PE: false
                                        Similarity
                                        • API ID:
                                        • String ID:
                                        • API String ID:
                                        • Opcode ID: f1bfe32e7477193c4754b08aa50c6a2a3fbbc151a01bb1dc9f89672e3b7467c5
                                        • Instruction ID: a0c8dea1d5e044e5f7029f52cad26dd88710d396620aa9e34d08914442b99d91
                                        • Opcode Fuzzy Hash: f1bfe32e7477193c4754b08aa50c6a2a3fbbc151a01bb1dc9f89672e3b7467c5
                                        • Instruction Fuzzy Hash: 8021C5B1E006188BEB18CF9AD8447DEFBF7AFC9310F14C16AD409A6258DB745A458F90
                                        Uniqueness

                                        Uniqueness Score: -1.00%

                                        Function 08721E50, Relevance: .1, Instructions: 64COMMON
                                        Download Yara Rule
                                        Memory Dump Source
                                        • Source File: 00000000.00000002.253446664.0000000008720000.00000040.00000001.sdmp, Offset: 08720000, based on PE: false
                                        Similarity
                                        • API ID:
                                        • String ID:
                                        • API String ID:
                                        • Opcode ID: 4986e556a979d423cd8fa518c4b4df8e6bd98ea841fb1ef4f1352f73a8129350
                                        • Instruction ID: 35c89c964bdd1120efc57462938279698c6cdcdb28c2619dabe34a66aaab8e30
                                        • Opcode Fuzzy Hash: 4986e556a979d423cd8fa518c4b4df8e6bd98ea841fb1ef4f1352f73a8129350
                                        • Instruction Fuzzy Hash: 5221D6B0E006588BEB18CFABD84439EBBF3AFC9310F14C169D408AA258DB745946CF90
                                        Uniqueness

                                        Uniqueness Score: -1.00%

                                        Function 02496B88, Relevance: 8.9, APIs: 4, Strings: 1, Instructions: 124threadCOMMON
                                        Download Yara Rule
                                        APIs
                                        • GetCurrentProcess.KERNEL32 ref: 02496BF8
                                        • GetCurrentThread.KERNEL32 ref: 02496C35
                                        • GetCurrentProcess.KERNEL32 ref: 02496C72
                                        • GetCurrentThreadId.KERNEL32 ref: 02496CCB
                                        Strings
                                        Memory Dump Source
                                        • Source File: 00000000.00000002.233693928.0000000002490000.00000040.00000001.sdmp, Offset: 02490000, based on PE: false
                                        Similarity
                                        • API ID: Current$ProcessThread
                                        • String ID: H|g
                                        • API String ID: 2063062207-3516188523
                                        • Opcode ID: 39ecbd0f4d7ea43956633b1a810524f2f447d90173378ede6be06085906caa92
                                        • Instruction ID: bf6adf963e7aa8998df22f72923376ada0dbc2a723fbc6b06ccab793fca1b03e
                                        • Opcode Fuzzy Hash: 39ecbd0f4d7ea43956633b1a810524f2f447d90173378ede6be06085906caa92
                                        • Instruction Fuzzy Hash: 7A5155B4D006498FDB14CFA9DA48BEEBFF5EF88304F25845AE409A7261E7349844CB25
                                        Uniqueness

                                        Uniqueness Score: -1.00%

                                        Function 02496B98, Relevance: 8.9, APIs: 4, Strings: 1, Instructions: 120threadCOMMON
                                        Download Yara Rule
                                        APIs
                                        • GetCurrentProcess.KERNEL32 ref: 02496BF8
                                        • GetCurrentThread.KERNEL32 ref: 02496C35
                                        • GetCurrentProcess.KERNEL32 ref: 02496C72
                                        • GetCurrentThreadId.KERNEL32 ref: 02496CCB
                                        Strings
                                        Memory Dump Source
                                        • Source File: 00000000.00000002.233693928.0000000002490000.00000040.00000001.sdmp, Offset: 02490000, based on PE: false
                                        Similarity
                                        • API ID: Current$ProcessThread
                                        • String ID: H|g
                                        • API String ID: 2063062207-3516188523
                                        • Opcode ID: a01f8079af18662e4aaa818f0019fe22ae6cea2f84ee2c81acc0192477cff762
                                        • Instruction ID: d2941c8a27a091617b666f341e1694b7eb9d56a1e0384ff752e78f5616fb2b19
                                        • Opcode Fuzzy Hash: a01f8079af18662e4aaa818f0019fe22ae6cea2f84ee2c81acc0192477cff762
                                        • Instruction Fuzzy Hash: F15144B4D006498FDB14CFA9D648BEEBBF5FB88304F25845AE419A7350E734A844CB65
                                        Uniqueness

                                        Uniqueness Score: -1.00%

                                        Function 02496D49, Relevance: 3.6, APIs: 1, Strings: 1, Instructions: 103COMMON
                                        Download Yara Rule
                                        APIs
                                        • DuplicateHandle.KERNELBASE(?,?,?,?,?,?,?), ref: 02496E47
                                        Strings
                                        Memory Dump Source
                                        • Source File: 00000000.00000002.233693928.0000000002490000.00000040.00000001.sdmp, Offset: 02490000, based on PE: false
                                        Similarity
                                        • API ID: DuplicateHandle
                                        • String ID: H|g
                                        • API String ID: 3793708945-3516188523
                                        • Opcode ID: 94d76ef92ee94d70fbc0c127c2d75c10747425cd6fb74a88cab1c61944b173ee
                                        • Instruction ID: 6a5b6883a493f85eb5c9951f69275b946f6640bc5727b737938c7d9f47b84379
                                        • Opcode Fuzzy Hash: 94d76ef92ee94d70fbc0c127c2d75c10747425cd6fb74a88cab1c61944b173ee
                                        • Instruction Fuzzy Hash: E4414B76900248AFCF11CFA9D884AEEBFF9EF49320F19805AE944A7311D3359955DFA0
                                        Uniqueness

                                        Uniqueness Score: -1.00%

                                        Function 0872D108, Relevance: 1.7, APIs: 1, Instructions: 243processCOMMON
                                        Download Yara Rule
                                        APIs
                                        • CreateProcessA.KERNELBASE(?,?,?,?,?,?,?,?,?,?), ref: 0872D33E
                                        Memory Dump Source
                                        • Source File: 00000000.00000002.253446664.0000000008720000.00000040.00000001.sdmp, Offset: 08720000, based on PE: false
                                        Similarity
                                        • API ID: CreateProcess
                                        • String ID:
                                        • API String ID: 963392458-0
                                        • Opcode ID: 85f0680050a0ba9fc651a2b6b5c455c544ea1bd9299cd584bdef2864ebf3cc84
                                        • Instruction ID: 999afff5cee7cedb865019885d6ad778a2cfd76328131a7d33ec8e0bb73d7bbd
                                        • Opcode Fuzzy Hash: 85f0680050a0ba9fc651a2b6b5c455c544ea1bd9299cd584bdef2864ebf3cc84
                                        • Instruction Fuzzy Hash: 0B915A71D0422DDFEB24CFA8C8407DEBBB2BB48315F158569E809A7244DB789985CFA1
                                        Uniqueness

                                        Uniqueness Score: -1.00%

                                        Function 0249BBB8, Relevance: 1.7, APIs: 1, Instructions: 202COMMON
                                        Download Yara Rule
                                        APIs
                                        • GetModuleHandleW.KERNELBASE(00000000), ref: 0249BE0E
                                        Memory Dump Source
                                        • Source File: 00000000.00000002.233693928.0000000002490000.00000040.00000001.sdmp, Offset: 02490000, based on PE: false
                                        Similarity
                                        • API ID: HandleModule
                                        • String ID:
                                        • API String ID: 4139908857-0
                                        • Opcode ID: ae6922b6a7daa8f79addb90a1b85b799b9e2d3a735da3b312561f1268769bc54
                                        • Instruction ID: c8e72ef80b0e800d0e783745942af499b0eaa38c3d8104a0edb4ef27801f96fa
                                        • Opcode Fuzzy Hash: ae6922b6a7daa8f79addb90a1b85b799b9e2d3a735da3b312561f1268769bc54
                                        • Instruction Fuzzy Hash: 75812470A00B048FDB24CF2AD45176ABBF1FF88208F048A2ED49697B40DB35E846CF91
                                        Uniqueness

                                        Uniqueness Score: -1.00%

                                        Function 0249DC6D, Relevance: 1.6, APIs: 1, Instructions: 115COMMON
                                        Download Yara Rule
                                        APIs
                                        • CreateWindowExW.USER32(?,?,?,?,?,?,0000000C,?,?,?,?,?), ref: 0249DD8A
                                        Memory Dump Source
                                        • Source File: 00000000.00000002.233693928.0000000002490000.00000040.00000001.sdmp, Offset: 02490000, based on PE: false
                                        Similarity
                                        • API ID: CreateWindow
                                        • String ID:
                                        • API String ID: 716092398-0
                                        • Opcode ID: d3fadbdd137516ae648b2cc85ae2967023d37c25ab072c88744e624a7dd092a5
                                        • Instruction ID: 00f91c334fdaa80c2be18759b605a11353930af6f5b314dd5556094bd3f3ccea
                                        • Opcode Fuzzy Hash: d3fadbdd137516ae648b2cc85ae2967023d37c25ab072c88744e624a7dd092a5
                                        • Instruction Fuzzy Hash: 0151B1B1D10209DFDF14DFA9D884ADEBFB5BF88314F24822AE819AB210D7749945CF90
                                        Uniqueness

                                        Uniqueness Score: -1.00%

                                        Function 0249DC78, Relevance: 1.6, APIs: 1, Instructions: 113COMMON
                                        Download Yara Rule
                                        APIs
                                        • CreateWindowExW.USER32(?,?,?,?,?,?,0000000C,?,?,?,?,?), ref: 0249DD8A
                                        Memory Dump Source
                                        • Source File: 00000000.00000002.233693928.0000000002490000.00000040.00000001.sdmp, Offset: 02490000, based on PE: false
                                        Similarity
                                        • API ID: CreateWindow
                                        • String ID:
                                        • API String ID: 716092398-0
                                        • Opcode ID: fd1e684588894d9a83f34939cc6f97b01968c257da625aec325396484648be4a
                                        • Instruction ID: b0e7de8dd38f739a6077ac0d68aa2954038cd6f94ace83a18ecde26e26c5334f
                                        • Opcode Fuzzy Hash: fd1e684588894d9a83f34939cc6f97b01968c257da625aec325396484648be4a
                                        • Instruction Fuzzy Hash: 1741AFB1D10209DFDF14DF99D884ADEBFB5BF48314F24822AE819AB210D7749945CF90
                                        Uniqueness

                                        Uniqueness Score: -1.00%

                                        Function 0E458974, Relevance: 1.6, APIs: 1, Instructions: 94libraryCOMMON
                                        Download Yara Rule
                                        APIs
                                        • LoadLibraryA.KERNELBASE(?), ref: 0E458A4A
                                        Memory Dump Source
                                        • Source File: 00000000.00000002.255102887.000000000E450000.00000040.00000001.sdmp, Offset: 0E450000, based on PE: false
                                        Similarity
                                        • API ID: LibraryLoad
                                        • String ID:
                                        • API String ID: 1029625771-0
                                        • Opcode ID: 052eeeb94fb9f297e8708083fc5beecfee6d44614a5c0b14a778ed8fb42dca28
                                        • Instruction ID: 35cff625e9ab18fd95a0a37ec4a4c04e742eceee6b926f4ca87321b7e73059dc
                                        • Opcode Fuzzy Hash: 052eeeb94fb9f297e8708083fc5beecfee6d44614a5c0b14a778ed8fb42dca28
                                        • Instruction Fuzzy Hash: C53155B1D10249DFDB18CFA9D884BDEBBF1EB08314F14852AE815AB741DB749885CF91
                                        Uniqueness

                                        Uniqueness Score: -1.00%

                                        Function 0872F3C0, Relevance: 1.6, APIs: 1, Instructions: 93COMMON
                                        Download Yara Rule
                                        APIs
                                        Memory Dump Source
                                        • Source File: 00000000.00000002.253446664.0000000008720000.00000040.00000001.sdmp, Offset: 08720000, based on PE: false
                                        Similarity
                                        • API ID: FindWindow
                                        • String ID:
                                        • API String ID: 134000473-0
                                        • Opcode ID: 6f0611987528ad14193ff7d033202b4b3bc8a00d243120826f9870a13b2443dc
                                        • Instruction ID: 798e52910f88fb93feaeae19ff3451fdc61802e220875f77cf61e574bb7315f7
                                        • Opcode Fuzzy Hash: 6f0611987528ad14193ff7d033202b4b3bc8a00d243120826f9870a13b2443dc
                                        • Instruction Fuzzy Hash: 74314AB0D10268CFDB20DFA9C984B9EBBF5BB48315F14812AD815B7344DBB49845CFA1
                                        Uniqueness

                                        Uniqueness Score: -1.00%

                                        Function 0E4557A4, Relevance: 1.6, APIs: 1, Instructions: 89libraryCOMMON
                                        Download Yara Rule
                                        APIs
                                        • LoadLibraryA.KERNELBASE(?), ref: 0E458A4A
                                        Memory Dump Source
                                        • Source File: 00000000.00000002.255102887.000000000E450000.00000040.00000001.sdmp, Offset: 0E450000, based on PE: false
                                        Similarity
                                        • API ID: LibraryLoad
                                        • String ID:
                                        • API String ID: 1029625771-0
                                        • Opcode ID: 5d4818aa56ccbd28e6f0891e838455e20c513e06407ba803d252a0d9a7a43280
                                        • Instruction ID: d387afd8cea939e17b9fe98559ad8619d158e13176b184c64f659ddde272b4fc
                                        • Opcode Fuzzy Hash: 5d4818aa56ccbd28e6f0891e838455e20c513e06407ba803d252a0d9a7a43280
                                        • Instruction Fuzzy Hash: 493155B2D10249CFDB18CFA9D88479EBBF1FB08314F14852AE815AB781DB749885CF95
                                        Uniqueness

                                        Uniqueness Score: -1.00%

                                        Function 0872CE80, Relevance: 1.6, APIs: 1, Instructions: 69injectionCOMMON
                                        Download Yara Rule
                                        APIs
                                        • WriteProcessMemory.KERNELBASE(?,?,00000000,?,?), ref: 0872CF10
                                        Memory Dump Source
                                        • Source File: 00000000.00000002.253446664.0000000008720000.00000040.00000001.sdmp, Offset: 08720000, based on PE: false
                                        Similarity
                                        • API ID: MemoryProcessWrite
                                        • String ID:
                                        • API String ID: 3559483778-0
                                        • Opcode ID: 13173258261c0c78f8c288fdc6c3375ea5af169f15d350827ec3ac2536e50885
                                        • Instruction ID: 0140f4f0b085da6120da69e879da907a0a83c0e673035a328a3e57e9f9a8ea6d
                                        • Opcode Fuzzy Hash: 13173258261c0c78f8c288fdc6c3375ea5af169f15d350827ec3ac2536e50885
                                        • Instruction Fuzzy Hash: 73211572904359DFCB10CFA9C8847DEBBF5FB88314F14842AE918A7240D7789954CBA0
                                        Uniqueness

                                        Uniqueness Score: -1.00%

                                        Function 02496DB8, Relevance: 1.6, APIs: 1, Instructions: 65COMMON
                                        Download Yara Rule
                                        APIs
                                        • DuplicateHandle.KERNELBASE(?,?,?,?,?,?,?), ref: 02496E47
                                        Memory Dump Source
                                        • Source File: 00000000.00000002.233693928.0000000002490000.00000040.00000001.sdmp, Offset: 02490000, based on PE: false
                                        Similarity
                                        • API ID: DuplicateHandle
                                        • String ID:
                                        • API String ID: 3793708945-0
                                        • Opcode ID: 76bfd4e843ab3d723aadfa43fe822894e11604b6ad2e8f1e3195720736393a30
                                        • Instruction ID: 17c268ff856b3ad7b92ff768b4ba46976640451205ac585f9b1e856a57f5d7c2
                                        • Opcode Fuzzy Hash: 76bfd4e843ab3d723aadfa43fe822894e11604b6ad2e8f1e3195720736393a30
                                        • Instruction Fuzzy Hash: 532113B19002489FCB10CFAAD484AEEBFF8EF48324F14801AE954A7310D334A944CF60
                                        Uniqueness

                                        Uniqueness Score: -1.00%

                                        Function 0872C018, Relevance: 1.6, APIs: 1, Instructions: 63threadinjectionCOMMON
                                        Download Yara Rule
                                        APIs
                                        • SetThreadContext.KERNELBASE(?,00000000), ref: 0872C096
                                        Memory Dump Source
                                        • Source File: 00000000.00000002.253446664.0000000008720000.00000040.00000001.sdmp, Offset: 08720000, based on PE: false
                                        Similarity
                                        • API ID: ContextThread
                                        • String ID:
                                        • API String ID: 1591575202-0
                                        • Opcode ID: e47399d2e069b490ad3d813272e22491409d6f2597108c184aee89024567bd04
                                        • Instruction ID: 771b909d85d287527135c6f9def29648786cdba37efb40bf14ca548cc3dc397c
                                        • Opcode Fuzzy Hash: e47399d2e069b490ad3d813272e22491409d6f2597108c184aee89024567bd04
                                        • Instruction Fuzzy Hash: 8C213771D043088FDB10DFAAC8847EEBBF4AF98324F15842AD519A7240DB78A944CFA0
                                        Uniqueness

                                        Uniqueness Score: -1.00%

                                        Function 0872CF70, Relevance: 1.6, APIs: 1, Instructions: 63COMMON
                                        Download Yara Rule
                                        APIs
                                        • ReadProcessMemory.KERNELBASE(?,?,?,?,?), ref: 0872CFF0
                                        Memory Dump Source
                                        • Source File: 00000000.00000002.253446664.0000000008720000.00000040.00000001.sdmp, Offset: 08720000, based on PE: false
                                        Similarity
                                        • API ID: MemoryProcessRead
                                        • String ID:
                                        • API String ID: 1726664587-0
                                        • Opcode ID: bc3e2f013a4a93e677dcc3e238abd797d4065fb37b438323f376d38e7626f6e4
                                        • Instruction ID: 047cf9487037fa5bcb6a58be7250e3260caa4f515340a46c2d7c19a08a9a5b21
                                        • Opcode Fuzzy Hash: bc3e2f013a4a93e677dcc3e238abd797d4065fb37b438323f376d38e7626f6e4
                                        • Instruction Fuzzy Hash: CF211671D043599FCB10CFAAC8847EEBBB5FF48314F55842AE519A7250D7389954CBA0
                                        Uniqueness

                                        Uniqueness Score: -1.00%

                                        Function 02496DC0, Relevance: 1.6, APIs: 1, Instructions: 62COMMON
                                        Download Yara Rule
                                        APIs
                                        • DuplicateHandle.KERNELBASE(?,?,?,?,?,?,?), ref: 02496E47
                                        Memory Dump Source
                                        • Source File: 00000000.00000002.233693928.0000000002490000.00000040.00000001.sdmp, Offset: 02490000, based on PE: false
                                        Similarity
                                        • API ID: DuplicateHandle
                                        • String ID:
                                        • API String ID: 3793708945-0
                                        • Opcode ID: bb3755c62c8fd543db8c541e90299940d4ab9f3e246c5c680d54b62c252a6024
                                        • Instruction ID: e0eb48775cfa9f30aa763ca354db90f47c7c2db14700e2fb44e8afae3140624c
                                        • Opcode Fuzzy Hash: bb3755c62c8fd543db8c541e90299940d4ab9f3e246c5c680d54b62c252a6024
                                        • Instruction Fuzzy Hash: 6B21E3B5D002089FDF10CFAAD984ADEBBF8EB48324F14841AE914A7310D374A954CFA1
                                        Uniqueness

                                        Uniqueness Score: -1.00%

                                        Function 08728788, Relevance: 1.6, APIs: 1, Instructions: 61memoryCOMMON
                                        Download Yara Rule
                                        APIs
                                        • VirtualProtect.KERNELBASE(?,?,?,?), ref: 08728803
                                        Memory Dump Source
                                        • Source File: 00000000.00000002.253446664.0000000008720000.00000040.00000001.sdmp, Offset: 08720000, based on PE: false
                                        Similarity
                                        • API ID: ProtectVirtual
                                        • String ID:
                                        • API String ID: 544645111-0
                                        • Opcode ID: a72f96a62dad7381c575ab043aafb8ac75ea09c0470612f863aa64fd7b8dcdd8
                                        • Instruction ID: 738615a48a75547fcba9fb2dd72b400b89cdde36a8ae728151d5b190e8740fd2
                                        • Opcode Fuzzy Hash: a72f96a62dad7381c575ab043aafb8ac75ea09c0470612f863aa64fd7b8dcdd8
                                        • Instruction Fuzzy Hash: 0C2113B1900249DFDB10CF9AD984BDEBBF8EB48324F14842AE558A7250D378A645CFA1
                                        Uniqueness

                                        Uniqueness Score: -1.00%

                                        Function 0249B0B0, Relevance: 1.6, APIs: 1, Instructions: 55libraryCOMMON
                                        Download Yara Rule
                                        APIs
                                        • LoadLibraryExW.KERNELBASE(00000000,00000000,?,?,?,?,00000000,?,0249BE89,00000800,00000000,00000000), ref: 0249C09A
                                        Memory Dump Source
                                        • Source File: 00000000.00000002.233693928.0000000002490000.00000040.00000001.sdmp, Offset: 02490000, based on PE: false
                                        Similarity
                                        • API ID: LibraryLoad
                                        • String ID:
                                        • API String ID: 1029625771-0
                                        • Opcode ID: abdefec09b6284b0b916e31502d589d967dfe19cfee96bc4ad385b40ddd4eef8
                                        • Instruction ID: 36c0309241eea515e673da05f93aa2f3c73882506e0bb7fff0dfba74a8adfd9b
                                        • Opcode Fuzzy Hash: abdefec09b6284b0b916e31502d589d967dfe19cfee96bc4ad385b40ddd4eef8
                                        • Instruction Fuzzy Hash: A01106B2D042089FCB10CF9AD484BDEBBF4AB88314F14842AD519B7200C375A545CFA5
                                        Uniqueness

                                        Uniqueness Score: -1.00%

                                        Function 08728790, Relevance: 1.6, APIs: 1, Instructions: 55memoryCOMMON
                                        Download Yara Rule
                                        APIs
                                        • VirtualProtect.KERNELBASE(?,?,?,?), ref: 08728803
                                        Memory Dump Source
                                        • Source File: 00000000.00000002.253446664.0000000008720000.00000040.00000001.sdmp, Offset: 08720000, based on PE: false
                                        Similarity
                                        • API ID: ProtectVirtual
                                        • String ID:
                                        • API String ID: 544645111-0
                                        • Opcode ID: 4f9c7b5a91c1a8bb30cba8ae188ce029bc05eb6df5db7ba92eafae8f57555103
                                        • Instruction ID: e490f9732c2aa417b2939d37932f8ad63585bfa359a439d081092b2bad98b8d5
                                        • Opcode Fuzzy Hash: 4f9c7b5a91c1a8bb30cba8ae188ce029bc05eb6df5db7ba92eafae8f57555103
                                        • Instruction Fuzzy Hash: B02103B1D00209DFCB10CF9AC984BDEBBF8EB48324F14802AE958A7250D378A544CFA1
                                        Uniqueness

                                        Uniqueness Score: -1.00%

                                        Function 0249C028, Relevance: 1.6, APIs: 1, Instructions: 54libraryCOMMON
                                        Download Yara Rule
                                        APIs
                                        • LoadLibraryExW.KERNELBASE(00000000,00000000,?,?,?,?,00000000,?,0249BE89,00000800,00000000,00000000), ref: 0249C09A
                                        Memory Dump Source
                                        • Source File: 00000000.00000002.233693928.0000000002490000.00000040.00000001.sdmp, Offset: 02490000, based on PE: false
                                        Similarity
                                        • API ID: LibraryLoad
                                        • String ID:
                                        • API String ID: 1029625771-0
                                        • Opcode ID: cf4118cad22de2b0a295283cce2013c5f80a21af6bd04c4518a3a97bea1a9bd5
                                        • Instruction ID: 134da0be7fe7a0848ab541b2239e92ef862074f22ca1a7141c7305b0b81cd775
                                        • Opcode Fuzzy Hash: cf4118cad22de2b0a295283cce2013c5f80a21af6bd04c4518a3a97bea1a9bd5
                                        • Instruction Fuzzy Hash: 4E1106B2D002098FCB10CFAAD484BDEFBF4AB88314F14852AD555B7600C375A549CFA5
                                        Uniqueness

                                        Uniqueness Score: -1.00%

                                        Function 0872C730, Relevance: 1.6, APIs: 1, Instructions: 53memoryCOMMON
                                        Download Yara Rule
                                        APIs
                                        • VirtualAllocEx.KERNELBASE(?,?,?,?,?), ref: 0872C79E
                                        Memory Dump Source
                                        • Source File: 00000000.00000002.253446664.0000000008720000.00000040.00000001.sdmp, Offset: 08720000, based on PE: false
                                        Similarity
                                        • API ID: AllocVirtual
                                        • String ID:
                                        • API String ID: 4275171209-0
                                        • Opcode ID: 1de57d4edde4711c9083c783481795895a99455eb81880fc76918c194f06b393
                                        • Instruction ID: 79ffbc89ba249f4444bcb2abf604af36de03f9fe7e1c7d2cc2e60d93a68012b6
                                        • Opcode Fuzzy Hash: 1de57d4edde4711c9083c783481795895a99455eb81880fc76918c194f06b393
                                        • Instruction Fuzzy Hash: 63113772904248DFCB10DFAAC8447DFBBF5AF98324F19842AD519A7250C775A954CFA0
                                        Uniqueness

                                        Uniqueness Score: -1.00%

                                        Function 0872BF68, Relevance: 1.5, APIs: 1, Instructions: 49threadCOMMON
                                        Download Yara Rule
                                        APIs
                                        Memory Dump Source
                                        • Source File: 00000000.00000002.253446664.0000000008720000.00000040.00000001.sdmp, Offset: 08720000, based on PE: false
                                        Similarity
                                        • API ID: ResumeThread
                                        • String ID:
                                        • API String ID: 947044025-0
                                        • Opcode ID: b28bb250fa3e7de2c944021308601526e3d84255d825024ee0f50e5f83db12c1
                                        • Instruction ID: 5f33d79ccebd1008137edcc0379d422fda7d5db93eab5621c84da7948b453d5a
                                        • Opcode Fuzzy Hash: b28bb250fa3e7de2c944021308601526e3d84255d825024ee0f50e5f83db12c1
                                        • Instruction Fuzzy Hash: 2E116A71D04348CBCB10DFAAC4447EEFBF8AF88224F158429C519A7740C734A944CFA0
                                        Uniqueness

                                        Uniqueness Score: -1.00%

                                        Function 0249BDA8, Relevance: 1.5, APIs: 1, Instructions: 47COMMON
                                        Download Yara Rule
                                        APIs
                                        • GetModuleHandleW.KERNELBASE(00000000), ref: 0249BE0E
                                        Memory Dump Source
                                        • Source File: 00000000.00000002.233693928.0000000002490000.00000040.00000001.sdmp, Offset: 02490000, based on PE: false
                                        Similarity
                                        • API ID: HandleModule
                                        • String ID:
                                        • API String ID: 4139908857-0
                                        • Opcode ID: 6f242ac8c5195ca1c51492f81dea7c9f30a2f375da5eced7677e2729b3fd7989
                                        • Instruction ID: 69bdc4f1f79c38b5a9c2d3654b768c94734924c1f382dd5aaeecae7b9b268f3e
                                        • Opcode Fuzzy Hash: 6f242ac8c5195ca1c51492f81dea7c9f30a2f375da5eced7677e2729b3fd7989
                                        • Instruction Fuzzy Hash: 50110FB2D002498FCB10CF9AD444BDFFBF8EB88228F14842AD919A7300D378A545CFA1
                                        Uniqueness

                                        Uniqueness Score: -1.00%

                                        Function 0249DEB9, Relevance: 1.5, APIs: 1, Instructions: 46COMMON
                                        Download Yara Rule
                                        APIs
                                        • SetWindowLongW.USER32(?,?,?), ref: 0249DF1D
                                        Memory Dump Source
                                        • Source File: 00000000.00000002.233693928.0000000002490000.00000040.00000001.sdmp, Offset: 02490000, based on PE: false
                                        Similarity
                                        • API ID: LongWindow
                                        • String ID:
                                        • API String ID: 1378638983-0
                                        • Opcode ID: b5470872a795a5b45d9f6dd286597dce92dcd538c892ef127fe424601327cfe7
                                        • Instruction ID: deebf7472500a9a01bfc5b5e7501fdc70082bdca93db79ea28a8239b859e0802
                                        • Opcode Fuzzy Hash: b5470872a795a5b45d9f6dd286597dce92dcd538c892ef127fe424601327cfe7
                                        • Instruction Fuzzy Hash: 431122B1900208CFDB10DF99D585BDEBBF8EB88324F14841AE919A7700C374A944CFA1
                                        Uniqueness

                                        Uniqueness Score: -1.00%

                                        Function 0249DEC0, Relevance: 1.5, APIs: 1, Instructions: 44COMMON
                                        Download Yara Rule
                                        APIs
                                        • SetWindowLongW.USER32(?,?,?), ref: 0249DF1D
                                        Memory Dump Source
                                        • Source File: 00000000.00000002.233693928.0000000002490000.00000040.00000001.sdmp, Offset: 02490000, based on PE: false
                                        Similarity
                                        • API ID: LongWindow
                                        • String ID:
                                        • API String ID: 1378638983-0
                                        • Opcode ID: da6b76438b2132c25ed74195cdd45ef5a1b4cb1aad4cce63d2389b4f420627ae
                                        • Instruction ID: 30bc543685c1dfd6035a4c2fa9809275311da7755c7dc805be4b9d3a5bd62ef3
                                        • Opcode Fuzzy Hash: da6b76438b2132c25ed74195cdd45ef5a1b4cb1aad4cce63d2389b4f420627ae
                                        • Instruction Fuzzy Hash: 341100B5900209CFDB10DF9AD589BDEBBF8EB88324F14841AE959A7300D374A944CFA1
                                        Uniqueness

                                        Uniqueness Score: -1.00%

                                        Function 00AFD4D8, Relevance: .1, Instructions: 75COMMON
                                        Download Yara Rule
                                        Memory Dump Source
                                        • Source File: 00000000.00000002.233042198.0000000000AFD000.00000040.00000001.sdmp, Offset: 00AFD000, based on PE: false
                                        Similarity
                                        • API ID:
                                        • String ID:
                                        • API String ID:
                                        • Opcode ID: b3acaa569f4dda236a06dd6f0eaef13e2023d2229f871e550bb0eef33fa1dce2
                                        • Instruction ID: 7d1acd1a009c3cc4ab263d214f8c7b8545b33b3cccac148d9abaddca1eecea37
                                        • Opcode Fuzzy Hash: b3acaa569f4dda236a06dd6f0eaef13e2023d2229f871e550bb0eef33fa1dce2
                                        • Instruction Fuzzy Hash: 08213A71504248DFCB02CF90D9C0B36BBB6FB98328F248569FA054B256C336D855C7A2
                                        Uniqueness

                                        Uniqueness Score: -1.00%

                                        Function 00B0D01C, Relevance: .1, Instructions: 72COMMON
                                        Download Yara Rule
                                        Memory Dump Source
                                        • Source File: 00000000.00000002.233149165.0000000000B0D000.00000040.00000001.sdmp, Offset: 00B0D000, based on PE: false
                                        Similarity
                                        • API ID:
                                        • String ID:
                                        • API String ID:
                                        • Opcode ID: 7df66656ff655d28c54cfdd0900492202e91e1bfd291a86df8f8994c5de41ae9
                                        • Instruction ID: f3259a5bff8fdf46ec674c5995ded028fcaa471100bd0e98271064f78e4c9276
                                        • Opcode Fuzzy Hash: 7df66656ff655d28c54cfdd0900492202e91e1bfd291a86df8f8994c5de41ae9
                                        • Instruction Fuzzy Hash: 3B2122B1608244DFCB10CF50D9D0B26BFA5FB88324F24C5A9E80E4B2C6D336D846CA61
                                        Uniqueness

                                        Uniqueness Score: -1.00%

                                        Function 00B0D006, Relevance: .1, Instructions: 63COMMON
                                        Download Yara Rule
                                        Memory Dump Source
                                        • Source File: 00000000.00000002.233149165.0000000000B0D000.00000040.00000001.sdmp, Offset: 00B0D000, based on PE: false
                                        Similarity
                                        • API ID:
                                        • String ID:
                                        • API String ID:
                                        • Opcode ID: afad3c16e6040b2dbc4d5b73750ff23b143c3c72715083f2385b07919fba4ac4
                                        • Instruction ID: 80e7c0c5a7cf9c82be0e26baf0790e784fb9037e2b7b68f0d9922e8ad474065a
                                        • Opcode Fuzzy Hash: afad3c16e6040b2dbc4d5b73750ff23b143c3c72715083f2385b07919fba4ac4
                                        • Instruction Fuzzy Hash: 222192755083809FCB02CF14D994B11BFB1EB46324F28C5EAD8498F2A7D33A9856CB62
                                        Uniqueness

                                        Uniqueness Score: -1.00%

                                        Function 00AFD4D3, Relevance: .1, Instructions: 56COMMON
                                        Download Yara Rule
                                        Memory Dump Source
                                        • Source File: 00000000.00000002.233042198.0000000000AFD000.00000040.00000001.sdmp, Offset: 00AFD000, based on PE: false
                                        Similarity
                                        • API ID:
                                        • String ID:
                                        • API String ID:
                                        • Opcode ID: deac191434135470ec4011e3758ba82af0038852f0979ee31e94792e76cfbc84
                                        • Instruction ID: 64952bb2c8f9a44ea53611adf48d7668d346a12848096150b6f43d0839c148e9
                                        • Opcode Fuzzy Hash: deac191434135470ec4011e3758ba82af0038852f0979ee31e94792e76cfbc84
                                        • Instruction Fuzzy Hash: 3A11E676404284CFCF12CF50D5C4B26BF72FB94324F28C6A9E9050B656C33AD856CBA2
                                        Uniqueness

                                        Uniqueness Score: -1.00%

                                        Function 00AFD799, Relevance: .0, Instructions: 45COMMON
                                        Download Yara Rule
                                        Memory Dump Source
                                        • Source File: 00000000.00000002.233042198.0000000000AFD000.00000040.00000001.sdmp, Offset: 00AFD000, based on PE: false
                                        Similarity
                                        • API ID:
                                        • String ID:
                                        • API String ID:
                                        • Opcode ID: 0aedd00d50152f2670b50828838693f39dc52825da86caded5dfe6bc200ce2c4
                                        • Instruction ID: 5445061f6ed3513d707940a348c52bdbb256a5e65c9d8ab271ae4214f9f883fc
                                        • Opcode Fuzzy Hash: 0aedd00d50152f2670b50828838693f39dc52825da86caded5dfe6bc200ce2c4
                                        • Instruction Fuzzy Hash: 9401F2714083889AE7229B56CC84B72FBECEF81368F18805AFF045E286D379D844C6B1
                                        Uniqueness

                                        Uniqueness Score: -1.00%

                                        Function 00AFD798, Relevance: .0, Instructions: 36COMMON
                                        Download Yara Rule
                                        Memory Dump Source
                                        • Source File: 00000000.00000002.233042198.0000000000AFD000.00000040.00000001.sdmp, Offset: 00AFD000, based on PE: false
                                        Similarity
                                        • API ID:
                                        • String ID:
                                        • API String ID:
                                        • Opcode ID: bf6553e941a0a46f2c46ce67365093b4fa8f693469aa0f9552e51a5be8d1a08d
                                        • Instruction ID: 53e9885bd1e4ba8fcd2e97171bda8ea99610f6974d3368199e5e4efdde154bd8
                                        • Opcode Fuzzy Hash: bf6553e941a0a46f2c46ce67365093b4fa8f693469aa0f9552e51a5be8d1a08d
                                        • Instruction Fuzzy Hash: 50F062714042889AE7218B56DC84B72FFACEB91774F18C45AEE085F296D3799844CAB1
                                        Uniqueness

                                        Uniqueness Score: -1.00%

                                        Non-executed Functions

                                        Function 08725088, Relevance: 2.7, Strings: 2, Instructions: 179COMMON
                                        Download Yara Rule
                                        Strings
                                        Memory Dump Source
                                        • Source File: 00000000.00000002.253446664.0000000008720000.00000040.00000001.sdmp, Offset: 08720000, based on PE: false
                                        Similarity
                                        • API ID:
                                        • String ID: f{ d$f{ d
                                        • API String ID: 0-3378590431
                                        • Opcode ID: 92e6c9f59a86577d6344ae27bc7851a2888dd198135591271a567cffbb6b43c8
                                        • Instruction ID: f036df1a7578ffce338a036f994a2ac96ec7174dfc36f0c649041fb21a1a4cce
                                        • Opcode Fuzzy Hash: 92e6c9f59a86577d6344ae27bc7851a2888dd198135591271a567cffbb6b43c8
                                        • Instruction Fuzzy Hash: 3F71E375E1525ACFCB44CFA9C9809DEFBF2FF89321F24942AD415BB218D3349A418B64
                                        Uniqueness

                                        Uniqueness Score: -1.00%

                                        Function 0872A128, Relevance: 1.5, Strings: 1, Instructions: 270COMMON
                                        Download Yara Rule
                                        Strings
                                        Memory Dump Source
                                        • Source File: 00000000.00000002.253446664.0000000008720000.00000040.00000001.sdmp, Offset: 08720000, based on PE: false
                                        Similarity
                                        • API ID:
                                        • String ID: Tq!
                                        • API String ID: 0-3268860228
                                        • Opcode ID: 82e21cea3f228aef581bf479721d4eb2a9684d19df8012e409fb804f3c9b9780
                                        • Instruction ID: 790aa6ff41fbdc9282fc6657ccb4097c04f772fcb8710163467572fc9d7ef52a
                                        • Opcode Fuzzy Hash: 82e21cea3f228aef581bf479721d4eb2a9684d19df8012e409fb804f3c9b9780
                                        • Instruction Fuzzy Hash: 21B14574E09229DFCB04CFA9C9809DEFBF2FF89311F14912AD405AB359E73499428B65
                                        Uniqueness

                                        Uniqueness Score: -1.00%

                                        Function 08723890, Relevance: 1.4, Strings: 1, Instructions: 119COMMON
                                        Download Yara Rule
                                        Strings
                                        Memory Dump Source
                                        • Source File: 00000000.00000002.253446664.0000000008720000.00000040.00000001.sdmp, Offset: 08720000, based on PE: false
                                        Similarity
                                        • API ID:
                                        • String ID: SuU
                                        • API String ID: 0-1350734003
                                        • Opcode ID: 20a40f5765ae95b860abb5c4ca6a150cabb4bbdc7c0c848e6de0aeaa06a29093
                                        • Instruction ID: feaa1ddc10e8490d95aef370d102c2621aed93c631141337cef23a0edefb9eb6
                                        • Opcode Fuzzy Hash: 20a40f5765ae95b860abb5c4ca6a150cabb4bbdc7c0c848e6de0aeaa06a29093
                                        • Instruction Fuzzy Hash: C34140B0E0521ADFCB04CFA5C5805AEFBB2FB95305F14D5AAC515AB318D7389A42CFA1
                                        Uniqueness

                                        Uniqueness Score: -1.00%

                                        Function 0249C2B0, Relevance: .5, Instructions: 522COMMON
                                        Download Yara Rule
                                        Memory Dump Source
                                        • Source File: 00000000.00000002.233693928.0000000002490000.00000040.00000001.sdmp, Offset: 02490000, based on PE: false
                                        Similarity
                                        • API ID:
                                        • String ID:
                                        • API String ID:
                                        • Opcode ID: 644f76e95534673d37d9c7cd254b1e2db2bfaf6faa5f453fec877e5da4f71e18
                                        • Instruction ID: 13eb4415891afbf0f638c3502d88f58e1051c7827e9f5156211a08c787984739
                                        • Opcode Fuzzy Hash: 644f76e95534673d37d9c7cd254b1e2db2bfaf6faa5f453fec877e5da4f71e18
                                        • Instruction Fuzzy Hash: 41527DF1980706CFDB1ACF14E8C8299BBB1FB4A318FD04A19D1616BAD0D3B4656ACF44
                                        Uniqueness

                                        Uniqueness Score: -1.00%

                                        Function 08728388, Relevance: .4, Instructions: 436COMMON
                                        Download Yara Rule
                                        Memory Dump Source
                                        • Source File: 00000000.00000002.253446664.0000000008720000.00000040.00000001.sdmp, Offset: 08720000, based on PE: false
                                        Similarity
                                        • API ID:
                                        • String ID:
                                        • API String ID:
                                        • Opcode ID: 7daa390a007bb6ba35a205b8089588f2927a4d806fcc7fc1fc8edc0a4bedeac9
                                        • Instruction ID: 4f16ee7cee1b32c2cdde412706793a2eb8f49aaeaa2922ef0c615a68e5a78e8c
                                        • Opcode Fuzzy Hash: 7daa390a007bb6ba35a205b8089588f2927a4d806fcc7fc1fc8edc0a4bedeac9
                                        • Instruction Fuzzy Hash: 2AE1D22080A2F1CEDB1ACB3EC449245BFA1AA13163B1895FED0945F22FC1339556D7BB
                                        Uniqueness

                                        Uniqueness Score: -1.00%

                                        Function 02499970, Relevance: .3, Instructions: 265COMMON
                                        Download Yara Rule
                                        Memory Dump Source
                                        • Source File: 00000000.00000002.233693928.0000000002490000.00000040.00000001.sdmp, Offset: 02490000, based on PE: false
                                        Similarity
                                        • API ID:
                                        • String ID:
                                        • API String ID:
                                        • Opcode ID: bb781a728ba8b1beb667fcc7f63eb9d36cfa9a43bbace46790e84d958ea462de
                                        • Instruction ID: 88e03d249e38ecf689982b004b2883fd84636d6667381039d5fb2a3a39883b02
                                        • Opcode Fuzzy Hash: bb781a728ba8b1beb667fcc7f63eb9d36cfa9a43bbace46790e84d958ea462de
                                        • Instruction Fuzzy Hash: FFA19C32E006198FCF15DFA5D8445DEBBB2FF89308B15856AE906BB224EB71A915CF40
                                        Uniqueness

                                        Uniqueness Score: -1.00%

                                        Function 08720F78, Relevance: .2, Instructions: 246COMMON
                                        Download Yara Rule
                                        Memory Dump Source
                                        • Source File: 00000000.00000002.253446664.0000000008720000.00000040.00000001.sdmp, Offset: 08720000, based on PE: false
                                        Similarity
                                        • API ID:
                                        • String ID:
                                        • API String ID:
                                        • Opcode ID: 79fa57ce1b421b7139293fddb040d5033755a53d8f8481729532cea2d3e0c202
                                        • Instruction ID: 3400d98604c426e2750bb925c0a95aaddfed68123506805025ecf2aa7bbabbd2
                                        • Opcode Fuzzy Hash: 79fa57ce1b421b7139293fddb040d5033755a53d8f8481729532cea2d3e0c202
                                        • Instruction Fuzzy Hash: A4B11674E0421ECFDB44DFA5C88099EBBB2FF89300F508629E515AB759DB30A946CF90
                                        Uniqueness

                                        Uniqueness Score: -1.00%

                                        Function 08720F6A, Relevance: .2, Instructions: 246COMMON
                                        Download Yara Rule
                                        Memory Dump Source
                                        • Source File: 00000000.00000002.253446664.0000000008720000.00000040.00000001.sdmp, Offset: 08720000, based on PE: false
                                        Similarity
                                        • API ID:
                                        • String ID:
                                        • API String ID:
                                        • Opcode ID: d8092ebb6408c05f7b8e06e47dd2e2b48eda9a7f18fc7e6124472c3009ccc2a3
                                        • Instruction ID: d7c851a6d2436fc22d5b78dc6c86b1c40163048bd0e5405e0b38b0e24e8927e1
                                        • Opcode Fuzzy Hash: d8092ebb6408c05f7b8e06e47dd2e2b48eda9a7f18fc7e6124472c3009ccc2a3
                                        • Instruction Fuzzy Hash: BDB12774E0421ECFDB44DFA5D88099EBBB2FF89300F508629E514AB759DB30A946CF90
                                        Uniqueness

                                        Uniqueness Score: -1.00%

                                        Function 0E45AC58, Relevance: .2, Instructions: 238COMMON
                                        Download Yara Rule
                                        Memory Dump Source
                                        • Source File: 00000000.00000002.255102887.000000000E450000.00000040.00000001.sdmp, Offset: 0E450000, based on PE: false
                                        Similarity
                                        • API ID:
                                        • String ID:
                                        • API String ID:
                                        • Opcode ID: 998d7ba94e50fa22f35274673fbe664d494c579ba57fb986fcd9eaaaa3a73460
                                        • Instruction ID: 0d02e6d2da9e40b0d8b8891cb2be6eb48f5b56c6c894d3d37df2709ad802dcc7
                                        • Opcode Fuzzy Hash: 998d7ba94e50fa22f35274673fbe664d494c579ba57fb986fcd9eaaaa3a73460
                                        • Instruction Fuzzy Hash: E4916D72E00209CFDB10CFA9C9857DEBBF2AF88304F14862AE815A7355DB749C85DB81
                                        Uniqueness

                                        Uniqueness Score: -1.00%

                                        Function 08725078, Relevance: .2, Instructions: 178COMMON
                                        Download Yara Rule
                                        Memory Dump Source
                                        • Source File: 00000000.00000002.253446664.0000000008720000.00000040.00000001.sdmp, Offset: 08720000, based on PE: false
                                        Similarity
                                        • API ID:
                                        • String ID:
                                        • API String ID:
                                        • Opcode ID: 1a3c2d1ce51cbef80082ebd2eaec73292b4a84bbd3e59434def27c5ea25337f3
                                        • Instruction ID: 8929fa22e0c17268a51f6b01c8ca377bbfe67cf924b5bde28fafa8d199219dff
                                        • Opcode Fuzzy Hash: 1a3c2d1ce51cbef80082ebd2eaec73292b4a84bbd3e59434def27c5ea25337f3
                                        • Instruction Fuzzy Hash: 4171F475E1521ACFCB44CFA9C9805DEFBF2FF8D221F24942AD415B7228D3349A418B64
                                        Uniqueness

                                        Uniqueness Score: -1.00%

                                        Function 08723C90, Relevance: .2, Instructions: 170COMMON
                                        Download Yara Rule
                                        Memory Dump Source
                                        • Source File: 00000000.00000002.253446664.0000000008720000.00000040.00000001.sdmp, Offset: 08720000, based on PE: false
                                        Similarity
                                        • API ID:
                                        • String ID:
                                        • API String ID:
                                        • Opcode ID: 2eb22c55ce8b02889b891e162b09a530e857ad9e890a9fc976c82968200d0544
                                        • Instruction ID: 089adf3d2c50311f67fca1f5e528c636d4cc5bb82ee2f84aa4bd9d6e2ad4282a
                                        • Opcode Fuzzy Hash: 2eb22c55ce8b02889b891e162b09a530e857ad9e890a9fc976c82968200d0544
                                        • Instruction Fuzzy Hash: 60710274E14219DFCB08CFAAD48499EFBF2FF88250F14855AE415AB324D738AA41CF50
                                        Uniqueness

                                        Uniqueness Score: -1.00%

                                        Function 0872A638, Relevance: .2, Instructions: 168COMMON
                                        Download Yara Rule
                                        Memory Dump Source
                                        • Source File: 00000000.00000002.253446664.0000000008720000.00000040.00000001.sdmp, Offset: 08720000, based on PE: false
                                        Similarity
                                        • API ID:
                                        • String ID:
                                        • API String ID:
                                        • Opcode ID: 37204c264ea056a738424066984ac44a7af64528f773ca6cc041031c79c95ef0
                                        • Instruction ID: 49f965bf85fd100c79c1a1751c02ccee64774354c1cfb473ef6eb31c6fbb914c
                                        • Opcode Fuzzy Hash: 37204c264ea056a738424066984ac44a7af64528f773ca6cc041031c79c95ef0
                                        • Instruction Fuzzy Hash: 4A615971E0522ACFCB04CFAAD4856AEFBF2EF89311F14C429D515A7319E7349A418FA0
                                        Uniqueness

                                        Uniqueness Score: -1.00%

                                        Function 087247E0, Relevance: .2, Instructions: 162COMMON
                                        Download Yara Rule
                                        Memory Dump Source
                                        • Source File: 00000000.00000002.253446664.0000000008720000.00000040.00000001.sdmp, Offset: 08720000, based on PE: false
                                        Similarity
                                        • API ID:
                                        • String ID:
                                        • API String ID:
                                        • Opcode ID: 55b35529b3783aef2f5403cca931cfe1d56dc897c4627f177b181ae4432c9651
                                        • Instruction ID: ee94d4e2079d227acd6f2d82802698a4e088f78df8b332f7af2b941993e8f7fe
                                        • Opcode Fuzzy Hash: 55b35529b3783aef2f5403cca931cfe1d56dc897c4627f177b181ae4432c9651
                                        • Instruction Fuzzy Hash: 7471F1B4D1525ADFCB04CF99D5809AEFBB2FF48311F14951AD515AB309D330A942CFA8
                                        Uniqueness

                                        Uniqueness Score: -1.00%

                                        Function 087247D1, Relevance: .2, Instructions: 157COMMON
                                        Download Yara Rule
                                        Memory Dump Source
                                        • Source File: 00000000.00000002.253446664.0000000008720000.00000040.00000001.sdmp, Offset: 08720000, based on PE: false
                                        Similarity
                                        • API ID:
                                        • String ID:
                                        • API String ID:
                                        • Opcode ID: 2c5847b8cf68f42b1e64c8c06395d5287480903e374ebee226b39a265541b5b4
                                        • Instruction ID: cad41079204876dfe5063b18baf0211f4bd0f9340c4c7d7cc1a202fdc132c901
                                        • Opcode Fuzzy Hash: 2c5847b8cf68f42b1e64c8c06395d5287480903e374ebee226b39a265541b5b4
                                        • Instruction Fuzzy Hash: 4861F174E1429ADFCB04CF99D4809AEFBF2FF48311F14951AD515A7209D334A942CFA8
                                        Uniqueness

                                        Uniqueness Score: -1.00%

                                        Function 087260E8, Relevance: .1, Instructions: 124COMMON
                                        Download Yara Rule
                                        Memory Dump Source
                                        • Source File: 00000000.00000002.253446664.0000000008720000.00000040.00000001.sdmp, Offset: 08720000, based on PE: false
                                        Similarity
                                        • API ID:
                                        • String ID:
                                        • API String ID:
                                        • Opcode ID: ac6bd154bfa0b8679931552a13ef2856133b69f9214d9bd685620306fb9bdc1d
                                        • Instruction ID: 06cb992418fc126380b0f66c2d1a0d7034ae8593f76c429e498d556669540185
                                        • Opcode Fuzzy Hash: ac6bd154bfa0b8679931552a13ef2856133b69f9214d9bd685620306fb9bdc1d
                                        • Instruction Fuzzy Hash: B8514C71E05618CBEB58CF6B8D4469EFBF7AFC8201F14C1BA950CA6225EB3019858F51
                                        Uniqueness

                                        Uniqueness Score: -1.00%

                                        Function 087260E2, Relevance: .1, Instructions: 115COMMON
                                        Download Yara Rule
                                        Memory Dump Source
                                        • Source File: 00000000.00000002.253446664.0000000008720000.00000040.00000001.sdmp, Offset: 08720000, based on PE: false
                                        Similarity
                                        • API ID:
                                        • String ID:
                                        • API String ID:
                                        • Opcode ID: 1492702dfee565ac55a16c35a0498ed65d257c72c0f21a66d0531382fee365ad
                                        • Instruction ID: 6cba0e5350512b433e4e51dc8a40d7503388ce342227b16ea23077fb3612f136
                                        • Opcode Fuzzy Hash: 1492702dfee565ac55a16c35a0498ed65d257c72c0f21a66d0531382fee365ad
                                        • Instruction Fuzzy Hash: 01513C71E016588BEB58CF6BCD4469EFBF3AFC9300F14C1BA950CA6224EB3419868F51
                                        Uniqueness

                                        Uniqueness Score: -1.00%

                                        Function 08725328, Relevance: .1, Instructions: 115COMMON
                                        Download Yara Rule
                                        Memory Dump Source
                                        • Source File: 00000000.00000002.253446664.0000000008720000.00000040.00000001.sdmp, Offset: 08720000, based on PE: false
                                        Similarity
                                        • API ID:
                                        • String ID:
                                        • API String ID:
                                        • Opcode ID: 10103b02c7b25e812d83856e7d0ac3214228d1045e346ecd2565b65af1ed6629
                                        • Instruction ID: df4d40204498270a39db44c59eecb5256561d3a6a13cc9ff2ffa5e8a4a9cc8a7
                                        • Opcode Fuzzy Hash: 10103b02c7b25e812d83856e7d0ac3214228d1045e346ecd2565b65af1ed6629
                                        • Instruction Fuzzy Hash: 45411A74E0521ACFCB48CFA6C5855AEFBF2BF88311F24D469C509B7258E3349A41CBA4
                                        Uniqueness

                                        Uniqueness Score: -1.00%

                                        Function 08725338, Relevance: .1, Instructions: 114COMMON
                                        Download Yara Rule
                                        Memory Dump Source
                                        • Source File: 00000000.00000002.253446664.0000000008720000.00000040.00000001.sdmp, Offset: 08720000, based on PE: false
                                        Similarity
                                        • API ID:
                                        • String ID:
                                        • API String ID:
                                        • Opcode ID: aa33caa0f9a892f5608cda4052da9c2017576367482f9a40252199621a69deaa
                                        • Instruction ID: 691ad15647c573c9d10e4ba68ff3ad71fa659f233568e0048580828ea96efa01
                                        • Opcode Fuzzy Hash: aa33caa0f9a892f5608cda4052da9c2017576367482f9a40252199621a69deaa
                                        • Instruction Fuzzy Hash: 93410A74E0521ACFCB48CFA6C5844AEFBF2BF88211F24D569C509B7219E3309A41CBA4
                                        Uniqueness

                                        Uniqueness Score: -1.00%

                                        Function 08723220, Relevance: .1, Instructions: 108COMMON
                                        Download Yara Rule
                                        Memory Dump Source
                                        • Source File: 00000000.00000002.253446664.0000000008720000.00000040.00000001.sdmp, Offset: 08720000, based on PE: false
                                        Similarity
                                        • API ID:
                                        • String ID:
                                        • API String ID:
                                        • Opcode ID: 48ce801eeadf5a648bacd33c4e0d81042f550c3804f1c349c6a5a3605084c087
                                        • Instruction ID: b34d5df3652d5aeae4d46d228697dee4dd2fd09f346b15f864fc04828eba21e8
                                        • Opcode Fuzzy Hash: 48ce801eeadf5a648bacd33c4e0d81042f550c3804f1c349c6a5a3605084c087
                                        • Instruction Fuzzy Hash: 48411674E0421ACBCB48CFA9C8805AEBBF2FF89311F14952AD415A7324D7389A42CB61
                                        Uniqueness

                                        Uniqueness Score: -1.00%

                                        Function 08724E68, Relevance: .1, Instructions: 107COMMON
                                        Download Yara Rule
                                        Memory Dump Source
                                        • Source File: 00000000.00000002.253446664.0000000008720000.00000040.00000001.sdmp, Offset: 08720000, based on PE: false
                                        Similarity
                                        • API ID:
                                        • String ID:
                                        • API String ID:
                                        • Opcode ID: d2a57cd84a9987563ce89a18f4ed10606060d043e3f2c7b5c3190e37d3b2e4a3
                                        • Instruction ID: 73c413ce034a4d78668a63930048928dd17d7f0e915956f4ebbb5f14dddd1f74
                                        • Opcode Fuzzy Hash: d2a57cd84a9987563ce89a18f4ed10606060d043e3f2c7b5c3190e37d3b2e4a3
                                        • Instruction Fuzzy Hash: C441DA70D0461ADFDB48CFAAC5815AEFBF2FB88301F24D569C415A7358E7349A418FA8
                                        Uniqueness

                                        Uniqueness Score: -1.00%

                                        Function 08724E59, Relevance: .1, Instructions: 107COMMON
                                        Download Yara Rule
                                        Memory Dump Source
                                        • Source File: 00000000.00000002.253446664.0000000008720000.00000040.00000001.sdmp, Offset: 08720000, based on PE: false
                                        Similarity
                                        • API ID:
                                        • String ID:
                                        • API String ID:
                                        • Opcode ID: a081b87c28b4f9293fa102d13e7a3cbd66fe9a1022f5329bcca9cd95a5c94bab
                                        • Instruction ID: 35066dacda1fd2ef9a7a07bd8e12fd10176a1cfd71fba67684a46ccc1ad8c88a
                                        • Opcode Fuzzy Hash: a081b87c28b4f9293fa102d13e7a3cbd66fe9a1022f5329bcca9cd95a5c94bab
                                        • Instruction Fuzzy Hash: EE410870E0465ADFDB48CFAAC4815AEFBF2FB88300F24C569C415A7358E33496418FA4
                                        Uniqueness

                                        Uniqueness Score: -1.00%

                                        Function 0872C0F0, Relevance: .1, Instructions: 87COMMON
                                        Download Yara Rule
                                        Memory Dump Source
                                        • Source File: 00000000.00000002.253446664.0000000008720000.00000040.00000001.sdmp, Offset: 08720000, based on PE: false
                                        Similarity
                                        • API ID:
                                        • String ID:
                                        • API String ID:
                                        • Opcode ID: 2ebf57f3c56be5a51b15713017c8b17b6ca4882b073563f73f73d99fa84860e8
                                        • Instruction ID: d609d94689660d410338ed2545fbd098c9537588fa96a537aafa4e5162fda37d
                                        • Opcode Fuzzy Hash: 2ebf57f3c56be5a51b15713017c8b17b6ca4882b073563f73f73d99fa84860e8
                                        • Instruction Fuzzy Hash: 48312A70E15629DFDB18CFAAD841A9EFBF2FFC9210F14C16AD508A7214D7305A41CB61
                                        Uniqueness

                                        Uniqueness Score: -1.00%

                                        Function 0872C7F0, Relevance: .1, Instructions: 81COMMON
                                        Download Yara Rule
                                        Memory Dump Source
                                        • Source File: 00000000.00000002.253446664.0000000008720000.00000040.00000001.sdmp, Offset: 08720000, based on PE: false
                                        Similarity
                                        • API ID:
                                        • String ID:
                                        • API String ID:
                                        • Opcode ID: 57002363fd9a82dfb70742e957090903249246440a6282c10543a29fc8c81f2a
                                        • Instruction ID: 8c5c97283e0cdbd9fa5c87d582b131b128632ce32d2df9983c6e9588f87fad7d
                                        • Opcode Fuzzy Hash: 57002363fd9a82dfb70742e957090903249246440a6282c10543a29fc8c81f2a
                                        • Instruction Fuzzy Hash: 25315E71E15219DFDB48CFAAD980A9EFBF3FBC9300F14C06AD508A7258D73059418B61
                                        Uniqueness

                                        Uniqueness Score: -1.00%

                                        Function 08729160, Relevance: .1, Instructions: 71COMMON
                                        Download Yara Rule
                                        Memory Dump Source
                                        • Source File: 00000000.00000002.253446664.0000000008720000.00000040.00000001.sdmp, Offset: 08720000, based on PE: false
                                        Similarity
                                        • API ID:
                                        • String ID:
                                        • API String ID:
                                        • Opcode ID: 2e405c16bddd6bb84a67b13ff6284250143336e391ae5025a0db6b0d44f9894b
                                        • Instruction ID: 729635e9532a61353540d65bed85b5b05f0093079ddf43473be2f6cba0c177d5
                                        • Opcode Fuzzy Hash: 2e405c16bddd6bb84a67b13ff6284250143336e391ae5025a0db6b0d44f9894b
                                        • Instruction Fuzzy Hash: 08212171E15659DBDB08CF6BD945A9EFAF7FFC9210F14C02AD608A7318D73055018B60
                                        Uniqueness

                                        Uniqueness Score: -1.00%

                                        Function 0872915A, Relevance: .1, Instructions: 63COMMON
                                        Download Yara Rule
                                        Memory Dump Source
                                        • Source File: 00000000.00000002.253446664.0000000008720000.00000040.00000001.sdmp, Offset: 08720000, based on PE: false
                                        Similarity
                                        • API ID:
                                        • String ID:
                                        • API String ID:
                                        • Opcode ID: 38545893702e1916b85e1e50b2b892fc7fe22b59ba4275d86d6dda3e3f6af995
                                        • Instruction ID: 809a18d601288a30e3db688ec4fabc4855f0961ff28ac4cb7bcede1f370e8d4c
                                        • Opcode Fuzzy Hash: 38545893702e1916b85e1e50b2b892fc7fe22b59ba4275d86d6dda3e3f6af995
                                        • Instruction Fuzzy Hash: F12141B0E15659DBDB08CF6BD945A9EFAF7FFC9200F18C02AD608A6358DB3049018B60
                                        Uniqueness

                                        Uniqueness Score: -1.00%

                                        Function 087297F0, Relevance: .1, Instructions: 60COMMON
                                        Download Yara Rule
                                        Memory Dump Source
                                        • Source File: 00000000.00000002.253446664.0000000008720000.00000040.00000001.sdmp, Offset: 08720000, based on PE: false
                                        Similarity
                                        • API ID:
                                        • String ID:
                                        • API String ID:
                                        • Opcode ID: 673c4da7f5aa6856147250f9b64497c455c682a7184f553fc056b02387150d7c
                                        • Instruction ID: 565f80f6dcc6029a6b9b81114b178a9893da806a8eb46f3e7737a7c80e38074b
                                        • Opcode Fuzzy Hash: 673c4da7f5aa6856147250f9b64497c455c682a7184f553fc056b02387150d7c
                                        • Instruction Fuzzy Hash: 94111A71E15219CBDB58CFAAD8406DEFBF7EBC8210F18C17AD508A7258DB305A018B91
                                        Uniqueness

                                        Uniqueness Score: -1.00%

                                        Function 08725530, Relevance: .1, Instructions: 59COMMON
                                        Download Yara Rule
                                        Memory Dump Source
                                        • Source File: 00000000.00000002.253446664.0000000008720000.00000040.00000001.sdmp, Offset: 08720000, based on PE: false
                                        Similarity
                                        • API ID:
                                        • String ID:
                                        • API String ID:
                                        • Opcode ID: 0d01f6726a2e54b373ddfadf16b8845b89c7f071e6a2441cd52655d53bd57798
                                        • Instruction ID: 0f75d62e2146bca5ac97f3cb7e94f19e3494298edd1468cb12b5beec4edcdbd7
                                        • Opcode Fuzzy Hash: 0d01f6726a2e54b373ddfadf16b8845b89c7f071e6a2441cd52655d53bd57798
                                        • Instruction Fuzzy Hash: 4611FE71E056188BEB5CCFABD84069EFBF7EFC8211F14C17AD918A6218EB3405568F51
                                        Uniqueness

                                        Uniqueness Score: -1.00%

                                        Function 08725520, Relevance: .1, Instructions: 55COMMON
                                        Download Yara Rule
                                        Memory Dump Source
                                        • Source File: 00000000.00000002.253446664.0000000008720000.00000040.00000001.sdmp, Offset: 08720000, based on PE: false
                                        Similarity
                                        • API ID:
                                        • String ID:
                                        • API String ID:
                                        • Opcode ID: 0acffaabb411df8f550b04d7be454a592f6d740ca53da4455052f2fc9886d92c
                                        • Instruction ID: 0f02156e734a94d75e56df97cb7a3b0b080625a87d546f1d149cca90a7ba2ac8
                                        • Opcode Fuzzy Hash: 0acffaabb411df8f550b04d7be454a592f6d740ca53da4455052f2fc9886d92c
                                        • Instruction Fuzzy Hash: ED11EFB1E056588BEB5CCF6BD84479EFBF3AFC8200F08C179D518A6258EB3445468F51
                                        Uniqueness

                                        Uniqueness Score: -1.00%

                                        Function 087297EB, Relevance: .1, Instructions: 52COMMON
                                        Download Yara Rule
                                        Memory Dump Source
                                        • Source File: 00000000.00000002.253446664.0000000008720000.00000040.00000001.sdmp, Offset: 08720000, based on PE: false
                                        Similarity
                                        • API ID:
                                        • String ID:
                                        • API String ID:
                                        • Opcode ID: 19f5834ba5976d2ea5a8ab193df8350c410b421bb632d5553c4a79c3595d2341
                                        • Instruction ID: 81b7f8b5507975dd62b7e0f204fd67afc27a6b16c208bad4e25f8a35ed01054c
                                        • Opcode Fuzzy Hash: 19f5834ba5976d2ea5a8ab193df8350c410b421bb632d5553c4a79c3595d2341
                                        • Instruction Fuzzy Hash: BA115B70E156198BEB18CF6BD84169EFAF7AFC8200F18C13AD508A7358DB304A028F91
                                        Uniqueness

                                        Uniqueness Score: -1.00%

                                        Analysis Process: powershell.exe PID: 5616 Parent PID: 4364 powershell.exeCOMMON

                                        Executed Functions

                                        Function 04968BA8, Relevance: 1.7, Instructions: 1657COMMON
                                        Download Yara Rule
                                        Memory Dump Source
                                        • Source File: 00000002.00000002.381187676.0000000004960000.00000040.00000001.sdmp, Offset: 04960000, based on PE: false
                                        Similarity
                                        • API ID:
                                        • String ID:
                                        • API String ID:
                                        • Opcode ID: d4a992967e00d9a97460bbfc356f796bead1fd897e09ee63833babc6b41eede7
                                        • Instruction ID: 5d9e9edacca7f7292a1d89f09c382a9fd797017ae48886f0288a31128ce32755
                                        • Opcode Fuzzy Hash: d4a992967e00d9a97460bbfc356f796bead1fd897e09ee63833babc6b41eede7
                                        • Instruction Fuzzy Hash: 83035D34A152199FDB24DB60DD51BAE77B3FB88344F1080A8E60A67798CF35AD91CF60
                                        Uniqueness

                                        Uniqueness Score: -1.00%

                                        Function 04968BB8, Relevance: 1.6, Instructions: 1645COMMON
                                        Download Yara Rule
                                        Memory Dump Source
                                        • Source File: 00000002.00000002.381187676.0000000004960000.00000040.00000001.sdmp, Offset: 04960000, based on PE: false
                                        Similarity
                                        • API ID:
                                        • String ID:
                                        • API String ID:
                                        • Opcode ID: b0ddfa00a0b5fbb325798401165f1280cc6e62048dac86398c29022960cd2c70
                                        • Instruction ID: d67f199ce3e50c6e93a42668fb1ed92ea904f6fe4a94bf0803a0385870c9b3c6
                                        • Opcode Fuzzy Hash: b0ddfa00a0b5fbb325798401165f1280cc6e62048dac86398c29022960cd2c70
                                        • Instruction Fuzzy Hash: 20035D34A152199FDB24DB60DD51BAE77B3FB88344F1080A8E60A67798CF35AD91CF60
                                        Uniqueness

                                        Uniqueness Score: -1.00%

                                        Function 0496CCF0, Relevance: .2, Instructions: 231COMMON
                                        Download Yara Rule
                                        Memory Dump Source
                                        • Source File: 00000002.00000002.381187676.0000000004960000.00000040.00000001.sdmp, Offset: 04960000, based on PE: false
                                        Similarity
                                        • API ID:
                                        • String ID:
                                        • API String ID:
                                        • Opcode ID: 477023180a0ebb582f088debc42aa027c041a7b106fb3f877b76d0451fba55af
                                        • Instruction ID: 64eacfd189d4fd0d95ac77f5f22c3c10633955a851bd6dae705bb93a1c232859
                                        • Opcode Fuzzy Hash: 477023180a0ebb582f088debc42aa027c041a7b106fb3f877b76d0451fba55af
                                        • Instruction Fuzzy Hash: 5AA17070A00605CFE719DF34C5587AEBBF2AF88304F148569E5569B7A1DB38E885CB90
                                        Uniqueness

                                        Uniqueness Score: -1.00%

                                        Function 04965E90, Relevance: .4, Instructions: 409COMMON
                                        Download Yara Rule
                                        Memory Dump Source
                                        • Source File: 00000002.00000002.381187676.0000000004960000.00000040.00000001.sdmp, Offset: 04960000, based on PE: false
                                        Similarity
                                        • API ID:
                                        • String ID:
                                        • API String ID:
                                        • Opcode ID: b9ab2e4682839a86074c3df5fb89bf645d23fac1faed2efdfe3c4ed0ff5bc4cb
                                        • Instruction ID: 3237808b44b3bedc0b9c0c40a0e17237e030e946a2a70ec36bf4f67c06515057
                                        • Opcode Fuzzy Hash: b9ab2e4682839a86074c3df5fb89bf645d23fac1faed2efdfe3c4ed0ff5bc4cb
                                        • Instruction Fuzzy Hash: 23F1AC30A042088FDB24DFA9D554BAEBBF6AF84308F15846DD50AAB381DB75EC45CF91
                                        Uniqueness

                                        Uniqueness Score: -1.00%

                                        Function 04966960, Relevance: .3, Instructions: 314COMMON
                                        Download Yara Rule
                                        Memory Dump Source
                                        • Source File: 00000002.00000002.381187676.0000000004960000.00000040.00000001.sdmp, Offset: 04960000, based on PE: false
                                        Similarity
                                        • API ID:
                                        • String ID:
                                        • API String ID:
                                        • Opcode ID: 5b46e8dd211fb3cba2009270cce639b6cb2edf63d1fd072fe1d9aabc63a7b541
                                        • Instruction ID: ea23789eb1757b50c9ddfe86b2565ddd448075b3fb11005cb35c13b028135f21
                                        • Opcode Fuzzy Hash: 5b46e8dd211fb3cba2009270cce639b6cb2edf63d1fd072fe1d9aabc63a7b541
                                        • Instruction Fuzzy Hash: 78D1AB70E042099FCB04DFA4C590AAEBBF2FF89304F1584A9C501AB395CB35AD45CFA0
                                        Uniqueness

                                        Uniqueness Score: -1.00%

                                        Function 04966950, Relevance: .2, Instructions: 247COMMON
                                        Download Yara Rule
                                        Memory Dump Source
                                        • Source File: 00000002.00000002.381187676.0000000004960000.00000040.00000001.sdmp, Offset: 04960000, based on PE: false
                                        Similarity
                                        • API ID:
                                        • String ID:
                                        • API String ID:
                                        • Opcode ID: 540bb80791c2b4cbc8861b17094c0983fbe8124d0e9313aa9d8eae482a23c79f
                                        • Instruction ID: e7eca11ec08a92700f25c89eb1517d77f24dba5682d61f5b075993f9085a93d9
                                        • Opcode Fuzzy Hash: 540bb80791c2b4cbc8861b17094c0983fbe8124d0e9313aa9d8eae482a23c79f
                                        • Instruction Fuzzy Hash: 9CA13374A052089FCB05DFA4C480AADBBF2FF89314F2584A9D805AB355DB75ED85CBA0
                                        Uniqueness

                                        Uniqueness Score: -1.00%

                                        Function 0496D4A8, Relevance: .2, Instructions: 176COMMON
                                        Download Yara Rule
                                        Memory Dump Source
                                        • Source File: 00000002.00000002.381187676.0000000004960000.00000040.00000001.sdmp, Offset: 04960000, based on PE: false
                                        Similarity
                                        • API ID:
                                        • String ID:
                                        • API String ID:
                                        • Opcode ID: f922b64bfdc45b6b6c8f684045887f2700271d84cfe6caaa0ea44df9c285332d
                                        • Instruction ID: 0ccc89c051bf1845b258c11001cfa05f5f15304913f09e683cb2669d930b3b11
                                        • Opcode Fuzzy Hash: f922b64bfdc45b6b6c8f684045887f2700271d84cfe6caaa0ea44df9c285332d
                                        • Instruction Fuzzy Hash: 2D619F30B042498FCB41EF78D590ADD77F2AF49318B118AA8D119EB751DB31ED05CB91
                                        Uniqueness

                                        Uniqueness Score: -1.00%

                                        Function 0496CCC0, Relevance: .2, Instructions: 170COMMON
                                        Download Yara Rule
                                        Memory Dump Source
                                        • Source File: 00000002.00000002.381187676.0000000004960000.00000040.00000001.sdmp, Offset: 04960000, based on PE: false
                                        Similarity
                                        • API ID:
                                        • String ID:
                                        • API String ID:
                                        • Opcode ID: eee3e3a4062a3c101e01cdbe42ebb1d096652348b4e0b48befd1611e4efaf606
                                        • Instruction ID: 1d95f4f2a4afd1be2f05bcedd7ed52def2135ea07cc6abe28a1cda2242f3abb4
                                        • Opcode Fuzzy Hash: eee3e3a4062a3c101e01cdbe42ebb1d096652348b4e0b48befd1611e4efaf606
                                        • Instruction Fuzzy Hash: 3061DE30A042418FDB15DF34C898BAE7BF3AF89304F1485A9E5529B7A1CB34EC85CB81
                                        Uniqueness

                                        Uniqueness Score: -1.00%

                                        Function 0496D4D0, Relevance: .2, Instructions: 160COMMON
                                        Download Yara Rule
                                        Memory Dump Source
                                        • Source File: 00000002.00000002.381187676.0000000004960000.00000040.00000001.sdmp, Offset: 04960000, based on PE: false
                                        Similarity
                                        • API ID:
                                        • String ID:
                                        • API String ID:
                                        • Opcode ID: b969044bf7f04d4a893c7640a19660ffc005bd25d3b1c0de69d5dc9727346643
                                        • Instruction ID: c22b4079274f68f0b08964501630e6f04f218ba09c7246d197c4cc7ccf449c9b
                                        • Opcode Fuzzy Hash: b969044bf7f04d4a893c7640a19660ffc005bd25d3b1c0de69d5dc9727346643
                                        • Instruction Fuzzy Hash: 8C616D70B042098FCB44EF78D540A9D77F2FF89348B218AA8D119AB761DB32ED058F91
                                        Uniqueness

                                        Uniqueness Score: -1.00%

                                        Function 0496709F, Relevance: .1, Instructions: 133COMMON
                                        Download Yara Rule
                                        Memory Dump Source
                                        • Source File: 00000002.00000002.381187676.0000000004960000.00000040.00000001.sdmp, Offset: 04960000, based on PE: false
                                        Similarity
                                        • API ID:
                                        • String ID:
                                        • API String ID:
                                        • Opcode ID: 001930688c71202013c1d365ca220d3e199c7ca03c66e7176feaa59215f2bf32
                                        • Instruction ID: b3a77ca75bbd5c298fd9325cfcad2efd3b927fba0ffbecbf1cf8b9143bc61849
                                        • Opcode Fuzzy Hash: 001930688c71202013c1d365ca220d3e199c7ca03c66e7176feaa59215f2bf32
                                        • Instruction Fuzzy Hash: 0C51057190432DDFDB20CF55C940BDEBBB5BB49314F1180AAE909A7250DB75AA88CFA1
                                        Uniqueness

                                        Uniqueness Score: -1.00%

                                        Function 04965A90, Relevance: .1, Instructions: 131COMMON
                                        Download Yara Rule
                                        Memory Dump Source
                                        • Source File: 00000002.00000002.381187676.0000000004960000.00000040.00000001.sdmp, Offset: 04960000, based on PE: false
                                        Similarity
                                        • API ID:
                                        • String ID:
                                        • API String ID:
                                        • Opcode ID: ccaa89c17705ae6faa544b7168097097f54ddc1fa36987afb88bd59c9b6ec35a
                                        • Instruction ID: 4a1cea8a06e60c8e82ed6e200122ced471c8b28d1efaf9cbde79e21569007368
                                        • Opcode Fuzzy Hash: ccaa89c17705ae6faa544b7168097097f54ddc1fa36987afb88bd59c9b6ec35a
                                        • Instruction Fuzzy Hash: 3E51F77190432DDFDB60CF95C940BDEBBB5BB49308F1180EAE909A7250D775AA88CF91
                                        Uniqueness

                                        Uniqueness Score: -1.00%

                                        Function 0496CD47, Relevance: .1, Instructions: 128COMMON
                                        Download Yara Rule
                                        Memory Dump Source
                                        • Source File: 00000002.00000002.381187676.0000000004960000.00000040.00000001.sdmp, Offset: 04960000, based on PE: false
                                        Similarity
                                        • API ID:
                                        • String ID:
                                        • API String ID:
                                        • Opcode ID: 4f79e039bcc70fe61ae1709ea4c0c1fe3fbe999545d488721537eedbeb09889e
                                        • Instruction ID: a05d8958781d50847673ef4c1382735632fc83814fa1df46d2ed59d20a8e4208
                                        • Opcode Fuzzy Hash: 4f79e039bcc70fe61ae1709ea4c0c1fe3fbe999545d488721537eedbeb09889e
                                        • Instruction Fuzzy Hash: 1B519D74A002018FD715DF34C498BAA7BF3BF88344F2585A9E9569B7A5CB34EC81CB80
                                        Uniqueness

                                        Uniqueness Score: -1.00%

                                        Function 04967821, Relevance: .1, Instructions: 115COMMON
                                        Download Yara Rule
                                        Memory Dump Source
                                        • Source File: 00000002.00000002.381187676.0000000004960000.00000040.00000001.sdmp, Offset: 04960000, based on PE: false
                                        Similarity
                                        • API ID:
                                        • String ID:
                                        • API String ID:
                                        • Opcode ID: 9b695a70d21f5229d64f9c2471c305de013aabfcc26b86fd982007578ac7d83f
                                        • Instruction ID: a80ae813af6da790a8d9a589aadd3bcca69f83dc5b602b637878e77540ebf154
                                        • Opcode Fuzzy Hash: 9b695a70d21f5229d64f9c2471c305de013aabfcc26b86fd982007578ac7d83f
                                        • Instruction Fuzzy Hash: 8D4156743046118FC704DF38E958919BBF3BF89365B2585A8E50ACB761CB76EC42CBA0
                                        Uniqueness

                                        Uniqueness Score: -1.00%

                                        Function 049679A3, Relevance: .1, Instructions: 114COMMON
                                        Download Yara Rule
                                        Memory Dump Source
                                        • Source File: 00000002.00000002.381187676.0000000004960000.00000040.00000001.sdmp, Offset: 04960000, based on PE: false
                                        Similarity
                                        • API ID:
                                        • String ID:
                                        • API String ID:
                                        • Opcode ID: 114782eeff9cec7b04a0df4126de8adee9dc0373ff63fbedb42c2429ec7b9c97
                                        • Instruction ID: 9b6119f63a599b88f9678aeb40ed3cf749410de43e1a83494ca49c7006027944
                                        • Opcode Fuzzy Hash: 114782eeff9cec7b04a0df4126de8adee9dc0373ff63fbedb42c2429ec7b9c97
                                        • Instruction Fuzzy Hash: E031EF712082059FD300EB64ED90A5E73E7EFD1398B558A6CC206CF664CF75EC098BA2
                                        Uniqueness

                                        Uniqueness Score: -1.00%

                                        Function 0496FCE8, Relevance: .1, Instructions: 113COMMON
                                        Download Yara Rule
                                        Memory Dump Source
                                        • Source File: 00000002.00000002.381187676.0000000004960000.00000040.00000001.sdmp, Offset: 04960000, based on PE: false
                                        Similarity
                                        • API ID:
                                        • String ID:
                                        • API String ID:
                                        • Opcode ID: 5d8b905cb9d96aa2ca769fd1f36fd264e6c18c8239edc0e672e133a4ff3e55ef
                                        • Instruction ID: 8d01f095db3699bb1aec866f03f2a5a3de6e6f4c125ceb5af30eab51cc7ac7f9
                                        • Opcode Fuzzy Hash: 5d8b905cb9d96aa2ca769fd1f36fd264e6c18c8239edc0e672e133a4ff3e55ef
                                        • Instruction Fuzzy Hash: 17319F31B011154BDB14A6B8D9617BF72EB9BE8348F158438860ADB795EF28EC0687E1
                                        Uniqueness

                                        Uniqueness Score: -1.00%

                                        Function 0496FCD8, Relevance: .1, Instructions: 110COMMON
                                        Download Yara Rule
                                        Memory Dump Source
                                        • Source File: 00000002.00000002.381187676.0000000004960000.00000040.00000001.sdmp, Offset: 04960000, based on PE: false
                                        Similarity
                                        • API ID:
                                        • String ID:
                                        • API String ID:
                                        • Opcode ID: f870798a25e989da8de6b25b187efa8bfb43b3918be63a451637c5ce4a04c19e
                                        • Instruction ID: 5ab83486fa6a5d5d09fdd8d1bda390c2974ecb1fde75dfae123b27d4049f2ea0
                                        • Opcode Fuzzy Hash: f870798a25e989da8de6b25b187efa8bfb43b3918be63a451637c5ce4a04c19e
                                        • Instruction Fuzzy Hash: 5D31EE31B051154BCB14ABB8D8217AF72EB9F98348F208479C20ADB795DF34EC0687E1
                                        Uniqueness

                                        Uniqueness Score: -1.00%

                                        Function 04967830, Relevance: .1, Instructions: 108COMMON
                                        Download Yara Rule
                                        Memory Dump Source
                                        • Source File: 00000002.00000002.381187676.0000000004960000.00000040.00000001.sdmp, Offset: 04960000, based on PE: false
                                        Similarity
                                        • API ID:
                                        • String ID:
                                        • API String ID:
                                        • Opcode ID: ecef33e491b12b3be1448f11e020ea4719b85f34c348d7867759297ffb41270d
                                        • Instruction ID: dad278dd07e7d46f3fe6779692c2371a0af4fe98ed75a71a2f335859b2e20acb
                                        • Opcode Fuzzy Hash: ecef33e491b12b3be1448f11e020ea4719b85f34c348d7867759297ffb41270d
                                        • Instruction Fuzzy Hash: 0B4135743006119FC744DF38E958919B7E3FF89365B2585A8E50ACB760CF76EC828B90
                                        Uniqueness

                                        Uniqueness Score: -1.00%

                                        Function 0496E210, Relevance: .1, Instructions: 106COMMON
                                        Download Yara Rule
                                        Memory Dump Source
                                        • Source File: 00000002.00000002.381187676.0000000004960000.00000040.00000001.sdmp, Offset: 04960000, based on PE: false
                                        Similarity
                                        • API ID:
                                        • String ID:
                                        • API String ID:
                                        • Opcode ID: 0d46e45c9ce76b6796dcb35b6e2a6440647bce3bc0e4b99b56bbfc7001da8df4
                                        • Instruction ID: 4838f37b450cfbab4f1afb8d823fc7fc63887fd024e5afa0b60d8698fe3799df
                                        • Opcode Fuzzy Hash: 0d46e45c9ce76b6796dcb35b6e2a6440647bce3bc0e4b99b56bbfc7001da8df4
                                        • Instruction Fuzzy Hash: 37317C39B011058FDF55DBA9D841ABE7BB6EB88310F144039EA0AD7350EF30AD42CBA1
                                        Uniqueness

                                        Uniqueness Score: -1.00%

                                        Function 0496E098, Relevance: .1, Instructions: 93COMMON
                                        Download Yara Rule
                                        Memory Dump Source
                                        • Source File: 00000002.00000002.381187676.0000000004960000.00000040.00000001.sdmp, Offset: 04960000, based on PE: false
                                        Similarity
                                        • API ID:
                                        • String ID:
                                        • API String ID:
                                        • Opcode ID: 61f2dab87d05cbb66ddc75c1606c7ece5e0ea462b4081eb40bea6ec86b2e61af
                                        • Instruction ID: d1906fed393dab2b0ee0a40664045ad34d4dd216791652303dee0f4608d68437
                                        • Opcode Fuzzy Hash: 61f2dab87d05cbb66ddc75c1606c7ece5e0ea462b4081eb40bea6ec86b2e61af
                                        • Instruction Fuzzy Hash: BD310231A086058BDB14DB28D940BDEBBE2EF85360F198979C116AB694DF71AC45CFA0
                                        Uniqueness

                                        Uniqueness Score: -1.00%

                                        Function 0496D788, Relevance: .1, Instructions: 93COMMON
                                        Download Yara Rule
                                        Memory Dump Source
                                        • Source File: 00000002.00000002.381187676.0000000004960000.00000040.00000001.sdmp, Offset: 04960000, based on PE: false
                                        Similarity
                                        • API ID:
                                        • String ID:
                                        • API String ID:
                                        • Opcode ID: c6d8b9dcb6043dedcd63e71b9f53a431d03a1330b9ba971581475766b0d1dfcb
                                        • Instruction ID: 41753fa3fb9129313caa60912f44d35cacc593a35f1244b0779d4cb3a0fec209
                                        • Opcode Fuzzy Hash: c6d8b9dcb6043dedcd63e71b9f53a431d03a1330b9ba971581475766b0d1dfcb
                                        • Instruction Fuzzy Hash: 5A317C71E04249DFDB00DFA9C5446EEFBB5EF88314F15826AD918A7240D738AA45CFA1
                                        Uniqueness

                                        Uniqueness Score: -1.00%

                                        Function 0496DED0, Relevance: .1, Instructions: 74COMMON
                                        Download Yara Rule
                                        Memory Dump Source
                                        • Source File: 00000002.00000002.381187676.0000000004960000.00000040.00000001.sdmp, Offset: 04960000, based on PE: false
                                        Similarity
                                        • API ID:
                                        • String ID:
                                        • API String ID:
                                        • Opcode ID: bb49dc7f5ecddea8f7d6431c81505692aa0968097f036a3c292a52a0cd421688
                                        • Instruction ID: 8d321583dd4e07426cae833ab4ab7a236ea8950b3b120d0cc84fe75d093054a8
                                        • Opcode Fuzzy Hash: bb49dc7f5ecddea8f7d6431c81505692aa0968097f036a3c292a52a0cd421688
                                        • Instruction Fuzzy Hash: C321AF75B04128CBDB559B60D81D6ED7BB3AB88301F548A69D412AB6A0CB785E42CF90
                                        Uniqueness

                                        Uniqueness Score: -1.00%

                                        Function 0496D9C3, Relevance: .1, Instructions: 74COMMON
                                        Download Yara Rule
                                        Memory Dump Source
                                        • Source File: 00000002.00000002.381187676.0000000004960000.00000040.00000001.sdmp, Offset: 04960000, based on PE: false
                                        Similarity
                                        • API ID:
                                        • String ID:
                                        • API String ID:
                                        • Opcode ID: 27af3a7a2df5f9201cf8a16a3e83a035143541cd9c9454cfe53d3ad26091f7e7
                                        • Instruction ID: 6926cce54f39dc52af0d108581aee1ba335dd6a8037b1cd6e35711764287bc93
                                        • Opcode Fuzzy Hash: 27af3a7a2df5f9201cf8a16a3e83a035143541cd9c9454cfe53d3ad26091f7e7
                                        • Instruction Fuzzy Hash: ED318F70E04256CFDB00EF68D544AADBBF2EF84304F058AA9C515AB392D779E906CF91
                                        Uniqueness

                                        Uniqueness Score: -1.00%

                                        Function 0496D61D, Relevance: .1, Instructions: 71COMMON
                                        Download Yara Rule
                                        Memory Dump Source
                                        • Source File: 00000002.00000002.381187676.0000000004960000.00000040.00000001.sdmp, Offset: 04960000, based on PE: false
                                        Similarity
                                        • API ID:
                                        • String ID:
                                        • API String ID:
                                        • Opcode ID: e97ab8f9a366184ca992eebb44c75b8025111110e0b3fe1ea809edf331066342
                                        • Instruction ID: f46100f2b096ae142ef0bd95877bb414948d8059bae8f91fe8e5de8bb424f47f
                                        • Opcode Fuzzy Hash: e97ab8f9a366184ca992eebb44c75b8025111110e0b3fe1ea809edf331066342
                                        • Instruction Fuzzy Hash: DC216835B041098FCB40EB78C64498D77F2AF89318B2286E8E125EB761DB32EC05CF90
                                        Uniqueness

                                        Uniqueness Score: -1.00%

                                        Function 0496E0A8, Relevance: .1, Instructions: 67COMMON
                                        Download Yara Rule
                                        Memory Dump Source
                                        • Source File: 00000002.00000002.381187676.0000000004960000.00000040.00000001.sdmp, Offset: 04960000, based on PE: false
                                        Similarity
                                        • API ID:
                                        • String ID:
                                        • API String ID:
                                        • Opcode ID: 0600a082431d4f3dac173941a927b25904c64cc0e1f33f58bf62eebee9e8fc9c
                                        • Instruction ID: 1037946b4142ab77ab0097a156d593d0b909b8f6ec785c105bc0ba3b5ee95b4e
                                        • Opcode Fuzzy Hash: 0600a082431d4f3dac173941a927b25904c64cc0e1f33f58bf62eebee9e8fc9c
                                        • Instruction Fuzzy Hash: 7D21C335A042099BEB14DA64D940BEFBBFADBC9350F254879D106BB380DE766D019FA0
                                        Uniqueness

                                        Uniqueness Score: -1.00%

                                        Function 0496D9D8, Relevance: .1, Instructions: 66COMMON
                                        Download Yara Rule
                                        Memory Dump Source
                                        • Source File: 00000002.00000002.381187676.0000000004960000.00000040.00000001.sdmp, Offset: 04960000, based on PE: false
                                        Similarity
                                        • API ID:
                                        • String ID:
                                        • API String ID:
                                        • Opcode ID: 0c793486d701beea508715ed61fd405f258d49469411c8365ad9990d5d05aaf8
                                        • Instruction ID: e3f43ec8b621468fc4b7a29fbde35ae325e0f445eb4964565a496fca8bbf4194
                                        • Opcode Fuzzy Hash: 0c793486d701beea508715ed61fd405f258d49469411c8365ad9990d5d05aaf8
                                        • Instruction Fuzzy Hash: 56218170E04215CFDB04EF68D544AAE7BF6EF84304F0186A8C515AB391D779E906CF91
                                        Uniqueness

                                        Uniqueness Score: -1.00%

                                        Function 0496D707, Relevance: .1, Instructions: 64COMMON
                                        Download Yara Rule
                                        Memory Dump Source
                                        • Source File: 00000002.00000002.381187676.0000000004960000.00000040.00000001.sdmp, Offset: 04960000, based on PE: false
                                        Similarity
                                        • API ID:
                                        • String ID:
                                        • API String ID:
                                        • Opcode ID: c3995c5217de8a3c3ab7116644251490980696b58ba601e2602302399832a02b
                                        • Instruction ID: 2f14f8824ee76412189d7203ccb8cf5887dcaa4e8e6525546a7f364ca23004a3
                                        • Opcode Fuzzy Hash: c3995c5217de8a3c3ab7116644251490980696b58ba601e2602302399832a02b
                                        • Instruction Fuzzy Hash: 3311A274B042098FCB01EBB8EA4199D77F2EF88248B1146E9D119EB711DB35EE058F91
                                        Uniqueness

                                        Uniqueness Score: -1.00%

                                        Function 0496DEE0, Relevance: .1, Instructions: 57COMMON
                                        Download Yara Rule
                                        Memory Dump Source
                                        • Source File: 00000002.00000002.381187676.0000000004960000.00000040.00000001.sdmp, Offset: 04960000, based on PE: false
                                        Similarity
                                        • API ID:
                                        • String ID:
                                        • API String ID:
                                        • Opcode ID: 4887318a2d0c540e4573bd95571d31db6efe2e77bcc0e1c82966284aab7d3075
                                        • Instruction ID: fa90f3303ff54de308205759ea9c0307c6486b3a89830ce63f64408551f798ca
                                        • Opcode Fuzzy Hash: 4887318a2d0c540e4573bd95571d31db6efe2e77bcc0e1c82966284aab7d3075
                                        • Instruction Fuzzy Hash: 00118134B04114CFDB44DB60D9196AD7BF3AF88301F558A69D402AB290CF785E01CF90
                                        Uniqueness

                                        Uniqueness Score: -1.00%

                                        Function 04967008, Relevance: .1, Instructions: 56COMMON
                                        Download Yara Rule
                                        Memory Dump Source
                                        • Source File: 00000002.00000002.381187676.0000000004960000.00000040.00000001.sdmp, Offset: 04960000, based on PE: false
                                        Similarity
                                        • API ID:
                                        • String ID:
                                        • API String ID:
                                        • Opcode ID: 30fb36d279330ae1c57e14b4edb6e5d11a3b504f52fae7519b308f93d2d02517
                                        • Instruction ID: a7f3d2b594b204cb2f83c9585b18a0fde53100eebe8872eff5e78e63e2091ac9
                                        • Opcode Fuzzy Hash: 30fb36d279330ae1c57e14b4edb6e5d11a3b504f52fae7519b308f93d2d02517
                                        • Instruction Fuzzy Hash: ED01707230C3905FC31516AD691457B7BDEDFC62D871540BAE645C7242DE269C01C3B6
                                        Uniqueness

                                        Uniqueness Score: -1.00%

                                        Function 04966FF1, Relevance: .0, Instructions: 45COMMON
                                        Download Yara Rule
                                        Memory Dump Source
                                        • Source File: 00000002.00000002.381187676.0000000004960000.00000040.00000001.sdmp, Offset: 04960000, based on PE: false
                                        Similarity
                                        • API ID:
                                        • String ID:
                                        • API String ID:
                                        • Opcode ID: 44467c3d1d2c9103d07a3f09bb58bdf20c77e2775a01e58e1b2ef6fb947861c0
                                        • Instruction ID: bfcefef4e136bcabbee8d75b380da7eb38bc32d1b0569ce270b42246e4b150ae
                                        • Opcode Fuzzy Hash: 44467c3d1d2c9103d07a3f09bb58bdf20c77e2775a01e58e1b2ef6fb947861c0
                                        • Instruction Fuzzy Hash: C6F0F07220D3803FC3120AAA6D109A2BFFD9F872A471941ABE685C3683C52A8C448372
                                        Uniqueness

                                        Uniqueness Score: -1.00%

                                        Function 02FCD01D, Relevance: .0, Instructions: 45COMMON
                                        Download Yara Rule
                                        Memory Dump Source
                                        • Source File: 00000002.00000002.379286383.0000000002FCD000.00000040.00000001.sdmp, Offset: 02FCD000, based on PE: false
                                        Similarity
                                        • API ID:
                                        • String ID:
                                        • API String ID:
                                        • Opcode ID: baaec78a805f631cb4e9a9ad9a93a8e41d2603768b204f27ff6f85e5a387548a
                                        • Instruction ID: f54f70a2dc1bc8c6acfb67384af6bd2e19da5234b8982e0aa438320063f17c0d
                                        • Opcode Fuzzy Hash: baaec78a805f631cb4e9a9ad9a93a8e41d2603768b204f27ff6f85e5a387548a
                                        • Instruction Fuzzy Hash: 5D01F7719083459AE7104A19DD8476BBB98EF81AB8F18806DEE445B28AC379D445C6B1
                                        Uniqueness

                                        Uniqueness Score: -1.00%

                                        Function 02FCD005, Relevance: .0, Instructions: 45COMMON
                                        Download Yara Rule
                                        Memory Dump Source
                                        • Source File: 00000002.00000002.379286383.0000000002FCD000.00000040.00000001.sdmp, Offset: 02FCD000, based on PE: false
                                        Similarity
                                        • API ID:
                                        • String ID:
                                        • API String ID:
                                        • Opcode ID: a3167d241c7c98b26a1157328535bb1ab6203e9eebe934f57bd5444e0df93f47
                                        • Instruction ID: cb4e1b5d4f836888618d9cc563a036c25fa7eacea1c7fbc48e5d6c58860ec5a3
                                        • Opcode Fuzzy Hash: a3167d241c7c98b26a1157328535bb1ab6203e9eebe934f57bd5444e0df93f47
                                        • Instruction Fuzzy Hash: C201806140D3C05ED7128B258C94766BFB4EF43664F1981DBD9848F1A7C3699849C772
                                        Uniqueness

                                        Uniqueness Score: -1.00%

                                        Function 0496D762, Relevance: .0, Instructions: 37COMMON
                                        Download Yara Rule
                                        Memory Dump Source
                                        • Source File: 00000002.00000002.381187676.0000000004960000.00000040.00000001.sdmp, Offset: 04960000, based on PE: false
                                        Similarity
                                        • API ID:
                                        • String ID:
                                        • API String ID:
                                        • Opcode ID: 86dbd20f1edcd4bb7cd204868609d889f3e9d560fbf6bb0a79e12cd3ad3e08f1
                                        • Instruction ID: c878d7af0e2704f4edfc16ba1f87d6b7f426434fc3f2fdfa45255b4f7415b025
                                        • Opcode Fuzzy Hash: 86dbd20f1edcd4bb7cd204868609d889f3e9d560fbf6bb0a79e12cd3ad3e08f1
                                        • Instruction Fuzzy Hash: 4EF0823160E3C89FD703D7749EA01D5BFB54E8750471982D7C888CB1A3D5349E0AC7A2
                                        Uniqueness

                                        Uniqueness Score: -1.00%

                                        Function 0496FE58, Relevance: .0, Instructions: 36COMMON
                                        Download Yara Rule
                                        Memory Dump Source
                                        • Source File: 00000002.00000002.381187676.0000000004960000.00000040.00000001.sdmp, Offset: 04960000, based on PE: false
                                        Similarity
                                        • API ID:
                                        • String ID:
                                        • API String ID:
                                        • Opcode ID: c10188d3fe320ecf6f1a919b9abd37eaf43386f19797c448925398f01f65f494
                                        • Instruction ID: 6d36b814ac487bf86c119b5c9283f1066ea6f715607590f82a2c0b2826f12a6f
                                        • Opcode Fuzzy Hash: c10188d3fe320ecf6f1a919b9abd37eaf43386f19797c448925398f01f65f494
                                        • Instruction Fuzzy Hash: 02F0E9313050211BD341B76CEA5068673A6DFC6354F2580F6D504CB38ADF35CC0787A1
                                        Uniqueness

                                        Uniqueness Score: -1.00%

                                        Function 0496FFB0, Relevance: .0, Instructions: 25COMMON
                                        Download Yara Rule
                                        Memory Dump Source
                                        • Source File: 00000002.00000002.381187676.0000000004960000.00000040.00000001.sdmp, Offset: 04960000, based on PE: false
                                        Similarity
                                        • API ID:
                                        • String ID:
                                        • API String ID:
                                        • Opcode ID: 1ad5851a28d37be7c3e5403c4d93b1d3428a4473a7563358672acd96109c3597
                                        • Instruction ID: 35c8b9ebf6293f8d43714cc3d022667fc19bc19efb3c30176ff4e9a1913b4c6e
                                        • Opcode Fuzzy Hash: 1ad5851a28d37be7c3e5403c4d93b1d3428a4473a7563358672acd96109c3597
                                        • Instruction Fuzzy Hash: A6E048351082487FCF06CE64DC51CB97F6ADF85610709C05AFD8546152C632D935D7B1
                                        Uniqueness

                                        Uniqueness Score: -1.00%

                                        Function 0496D070, Relevance: .0, Instructions: 23COMMON
                                        Download Yara Rule
                                        Memory Dump Source
                                        • Source File: 00000002.00000002.381187676.0000000004960000.00000040.00000001.sdmp, Offset: 04960000, based on PE: false
                                        Similarity
                                        • API ID:
                                        • String ID:
                                        • API String ID:
                                        • Opcode ID: 4c4d1a8f28351775ed87f102286ae6a378ef55d9fa879368c8926315131dbc32
                                        • Instruction ID: 4dc23aeef466419eeb9176556ab655545517f6e705e303254c0734e3e0271e47
                                        • Opcode Fuzzy Hash: 4c4d1a8f28351775ed87f102286ae6a378ef55d9fa879368c8926315131dbc32
                                        • Instruction Fuzzy Hash: 04E04F312141409FC789E638F810AD973A7EFC8354B958969E125CB759DF769C028BD1
                                        Uniqueness

                                        Uniqueness Score: -1.00%

                                        Function 0496D718, Relevance: .0, Instructions: 19COMMON
                                        Download Yara Rule
                                        Memory Dump Source
                                        • Source File: 00000002.00000002.381187676.0000000004960000.00000040.00000001.sdmp, Offset: 04960000, based on PE: false
                                        Similarity
                                        • API ID:
                                        • String ID:
                                        • API String ID:
                                        • Opcode ID: b20303af7979038ae4074de73a7f2890b6d2b3a31f13d8a7c1fb3b049d6d31c5
                                        • Instruction ID: 32b75e2edba7293ca2a0b598ccb5390c003221282a09f3bb59e09a66d51c7fcc
                                        • Opcode Fuzzy Hash: b20303af7979038ae4074de73a7f2890b6d2b3a31f13d8a7c1fb3b049d6d31c5
                                        • Instruction Fuzzy Hash: FFE08C70A05209AFC740EBA4EA1176DB7BBEF81344F6085EC8609AB340DE362E009B91
                                        Uniqueness

                                        Uniqueness Score: -1.00%

                                        Function 0496FFC0, Relevance: .0, Instructions: 14COMMON
                                        Download Yara Rule
                                        Memory Dump Source
                                        • Source File: 00000002.00000002.381187676.0000000004960000.00000040.00000001.sdmp, Offset: 04960000, based on PE: false
                                        Similarity
                                        • API ID:
                                        • String ID:
                                        • API String ID:
                                        • Opcode ID: 65b382f2b373dd0e42861b0c7a885679bbca07c8995822aa41ad6b5fde29ea02
                                        • Instruction ID: 2f1addc7ac752b055209e5a892d08ee60b8d95dd5987d24a20b0db1062a2c8ce
                                        • Opcode Fuzzy Hash: 65b382f2b373dd0e42861b0c7a885679bbca07c8995822aa41ad6b5fde29ea02
                                        • Instruction Fuzzy Hash: CFD06736104249AF8B01CE84D951C6A7F6AEB49214B14C049BE5946262C633E932EBA0
                                        Uniqueness

                                        Uniqueness Score: -1.00%

                                        Function 04966931, Relevance: .0, Instructions: 11COMMON
                                        Download Yara Rule
                                        Memory Dump Source
                                        • Source File: 00000002.00000002.381187676.0000000004960000.00000040.00000001.sdmp, Offset: 04960000, based on PE: false
                                        Similarity
                                        • API ID:
                                        • String ID:
                                        • API String ID:
                                        • Opcode ID: b484d703f423c08ca670f608400aa5ed016d44304d04c0eca32afb39fd207b58
                                        • Instruction ID: 4031af61d861f848e8f8215f0b742840cee82ce57b985a8b072963be0707c6fb
                                        • Opcode Fuzzy Hash: b484d703f423c08ca670f608400aa5ed016d44304d04c0eca32afb39fd207b58
                                        • Instruction Fuzzy Hash: 92C08C304493801FEB13172829452C43F306B03320F210883E0C18A09282424E84C372
                                        Uniqueness

                                        Uniqueness Score: -1.00%

                                        Non-executed Functions

                                        Analysis Process: #RFQ ORDER484475577797.exe PID: 1048 Parent PID: 4364 #RFQ ORDER484475577797.exeCOMMON

                                        Executed Functions

                                        Function 00EFB6C0, Relevance: 8.9, APIs: 4, Strings: 1, Instructions: 124threadCOMMON
                                        Download Yara Rule
                                        APIs
                                        • GetCurrentProcess.KERNEL32 ref: 00EFB730
                                        • GetCurrentThread.KERNEL32 ref: 00EFB76D
                                        • GetCurrentProcess.KERNEL32 ref: 00EFB7AA
                                        • GetCurrentThreadId.KERNEL32 ref: 00EFB803
                                        Strings
                                        Memory Dump Source
                                        • Source File: 0000000A.00000002.478673814.0000000000EF0000.00000040.00000001.sdmp, Offset: 00EF0000, based on PE: false
                                        Similarity
                                        • API ID: Current$ProcessThread
                                        • String ID: H
                                        • API String ID: 2063062207-1105002124
                                        • Opcode ID: 35c7350d9b817c0ed37895a920517bfc8249278c3e1d77f8dc54df7282168620
                                        • Instruction ID: cfe19761f4b51685f7b868594fa7ae234c0ec7ac53cd1a60f476320c78757a6d
                                        • Opcode Fuzzy Hash: 35c7350d9b817c0ed37895a920517bfc8249278c3e1d77f8dc54df7282168620
                                        • Instruction Fuzzy Hash: 205167B4D002488FDB14CFA9D5487EEBBF5AF88308F24855AE109B7390D774A848CF65
                                        Uniqueness

                                        Uniqueness Score: -1.00%

                                        Function 00EFB6D0, Relevance: 8.9, APIs: 4, Strings: 1, Instructions: 120threadCOMMON
                                        Download Yara Rule
                                        APIs
                                        • GetCurrentProcess.KERNEL32 ref: 00EFB730
                                        • GetCurrentThread.KERNEL32 ref: 00EFB76D
                                        • GetCurrentProcess.KERNEL32 ref: 00EFB7AA
                                        • GetCurrentThreadId.KERNEL32 ref: 00EFB803
                                        Strings
                                        Memory Dump Source
                                        • Source File: 0000000A.00000002.478673814.0000000000EF0000.00000040.00000001.sdmp, Offset: 00EF0000, based on PE: false
                                        Similarity
                                        • API ID: Current$ProcessThread
                                        • String ID: H
                                        • API String ID: 2063062207-1105002124
                                        • Opcode ID: cf292ea5e65fb91829858f3b949056d7ae197c1782c8f305156ae9ae9e81cc2a
                                        • Instruction ID: 7f26575d9dd194f65951bba01e1fac84b99f9a5633336ba011de3008ceb1eaab
                                        • Opcode Fuzzy Hash: cf292ea5e65fb91829858f3b949056d7ae197c1782c8f305156ae9ae9e81cc2a
                                        • Instruction Fuzzy Hash: 345157B4D002488FDB14CFA9D548BAEBBF5AF88308F24856EE509B7390D7749848CF65
                                        Uniqueness

                                        Uniqueness Score: -1.00%

                                        Function 00EF93E8, Relevance: 5.4, APIs: 1, Strings: 2, Instructions: 194COMMON
                                        Download Yara Rule
                                        APIs
                                        • GetModuleHandleW.KERNELBASE(00000000), ref: 00EF962E
                                        Strings
                                        Memory Dump Source
                                        • Source File: 0000000A.00000002.478673814.0000000000EF0000.00000040.00000001.sdmp, Offset: 00EF0000, based on PE: false
                                        Similarity
                                        • API ID: HandleModule
                                        • String ID: HR$HR
                                        • API String ID: 4139908857-4037001784
                                        • Opcode ID: c032d609ac15d64e480b6dbc1bf79d6bf2621809c91b623c2e16590cf0ef9254
                                        • Instruction ID: c490f8d72b945f6a732c95275a62bcbe32a03d788dc5c8f89548ab54d28d6b5c
                                        • Opcode Fuzzy Hash: c032d609ac15d64e480b6dbc1bf79d6bf2621809c91b623c2e16590cf0ef9254
                                        • Instruction Fuzzy Hash: 49713870A00B098FD724DF29D54176AB7F1BF88308F00892DD59AE7A41DB74E845CF91
                                        Uniqueness

                                        Uniqueness Score: -1.00%

                                        Function 00EFFB61, Relevance: 1.6, APIs: 1, Instructions: 132COMMON
                                        Download Yara Rule
                                        APIs
                                        • CreateWindowExW.USER32(?,?,?,?,?,?,0000000C,?,?,?,?,?), ref: 00EFFD0A
                                        Memory Dump Source
                                        • Source File: 0000000A.00000002.478673814.0000000000EF0000.00000040.00000001.sdmp, Offset: 00EF0000, based on PE: false
                                        Similarity
                                        • API ID: CreateWindow
                                        • String ID:
                                        • API String ID: 716092398-0
                                        • Opcode ID: a93604a623d42a74b9524b580a1ab36448b8d873332a0fb6d010988a4dc2016e
                                        • Instruction ID: 475be97e7e0d50c7587918d9f1c9b6ade79e26c002ee6d4ece453ddbfd831c1f
                                        • Opcode Fuzzy Hash: a93604a623d42a74b9524b580a1ab36448b8d873332a0fb6d010988a4dc2016e
                                        • Instruction Fuzzy Hash: CD5100B1D04348DFDF15CFA9D880ADDBBB1BF48314F28826AE818AB211D775A945CF90
                                        Uniqueness

                                        Uniqueness Score: -1.00%

                                        Function 00EFFBF8, Relevance: 1.6, APIs: 1, Instructions: 113COMMON
                                        Download Yara Rule
                                        APIs
                                        • CreateWindowExW.USER32(?,?,?,?,?,?,0000000C,?,?,?,?,?), ref: 00EFFD0A
                                        Memory Dump Source
                                        • Source File: 0000000A.00000002.478673814.0000000000EF0000.00000040.00000001.sdmp, Offset: 00EF0000, based on PE: false
                                        Similarity
                                        • API ID: CreateWindow
                                        • String ID:
                                        • API String ID: 716092398-0
                                        • Opcode ID: d6f2fa5beaf7bf78a7dd0f2b53ea6d7dc2a13eaa5b13aa22f0dd17f1b1676354
                                        • Instruction ID: 329aa1b012e70f5fb2789275d1ff4e8f17f0fc6cb280be204dcb929be7d2b1f7
                                        • Opcode Fuzzy Hash: d6f2fa5beaf7bf78a7dd0f2b53ea6d7dc2a13eaa5b13aa22f0dd17f1b1676354
                                        • Instruction Fuzzy Hash: EC41C0B1D1030C9FDF14CFAAD884ADEBBB5BF88314F24812AE819AB210D7759845CF90
                                        Uniqueness

                                        Uniqueness Score: -1.00%

                                        Function 00EFBCF9, Relevance: 1.6, APIs: 1, Instructions: 64COMMON
                                        Download Yara Rule
                                        APIs
                                        • DuplicateHandle.KERNELBASE(?,?,?,?,?,?,?), ref: 00EFBD87
                                        Memory Dump Source
                                        • Source File: 0000000A.00000002.478673814.0000000000EF0000.00000040.00000001.sdmp, Offset: 00EF0000, based on PE: false
                                        Similarity
                                        • API ID: DuplicateHandle
                                        • String ID:
                                        • API String ID: 3793708945-0
                                        • Opcode ID: d9365f2b413f71957cba102f45494ad7d761ade661828d172e3740cbd0415e1b
                                        • Instruction ID: f21ba2ee3af8216703981239f4d966bd853f462dee380f07f32e4c566b902ef7
                                        • Opcode Fuzzy Hash: d9365f2b413f71957cba102f45494ad7d761ade661828d172e3740cbd0415e1b
                                        • Instruction Fuzzy Hash: AA21E5B59042499FDB10CFAAD984AEEBFF4EB48314F14841AE954A7310D378A954CFA1
                                        Uniqueness

                                        Uniqueness Score: -1.00%

                                        Function 00EFBD00, Relevance: 1.6, APIs: 1, Instructions: 62COMMON
                                        Download Yara Rule
                                        APIs
                                        • DuplicateHandle.KERNELBASE(?,?,?,?,?,?,?), ref: 00EFBD87
                                        Memory Dump Source
                                        • Source File: 0000000A.00000002.478673814.0000000000EF0000.00000040.00000001.sdmp, Offset: 00EF0000, based on PE: false
                                        Similarity
                                        • API ID: DuplicateHandle
                                        • String ID:
                                        • API String ID: 3793708945-0
                                        • Opcode ID: db739f53b39fb122858f2e4ecf27035c04a2551e27a3342acafe5a1177997c66
                                        • Instruction ID: 9cbad54bf47bd6846d1d07900e3e0a21f28d48a3a13598d35936b0c0c57b5cea
                                        • Opcode Fuzzy Hash: db739f53b39fb122858f2e4ecf27035c04a2551e27a3342acafe5a1177997c66
                                        • Instruction Fuzzy Hash: 2221C6B5D002089FDB10CFA9D584ADEBBF4EB48314F14841AE914A7350D379A954CFA1
                                        Uniqueness

                                        Uniqueness Score: -1.00%

                                        Function 00EF8768, Relevance: 1.6, APIs: 1, Instructions: 55libraryCOMMON
                                        Download Yara Rule
                                        APIs
                                        • LoadLibraryExW.KERNELBASE(00000000,00000000,?,?,?,?,00000000,?,00EF96A9,00000800,00000000,00000000), ref: 00EF98BA
                                        Memory Dump Source
                                        • Source File: 0000000A.00000002.478673814.0000000000EF0000.00000040.00000001.sdmp, Offset: 00EF0000, based on PE: false
                                        Similarity
                                        • API ID: LibraryLoad
                                        • String ID:
                                        • API String ID: 1029625771-0
                                        • Opcode ID: 95615ec1e269e823fd1a769d9f6014592b7c1ae64b06bd21ecc9e4e6f478acc4
                                        • Instruction ID: bb3fb6b7ace5f68f0af446464fff5348d6d7da84260775a5a876294024c739f3
                                        • Opcode Fuzzy Hash: 95615ec1e269e823fd1a769d9f6014592b7c1ae64b06bd21ecc9e4e6f478acc4
                                        • Instruction Fuzzy Hash: 871122B6D042498BCB14CF9AC444BEEBBF4AB88324F04842ED519B7200C378A948CFA1
                                        Uniqueness

                                        Uniqueness Score: -1.00%

                                        Function 00EF9849, Relevance: 1.6, APIs: 1, Instructions: 54libraryCOMMON
                                        Download Yara Rule
                                        APIs
                                        • LoadLibraryExW.KERNELBASE(00000000,00000000,?,?,?,?,00000000,?,00EF96A9,00000800,00000000,00000000), ref: 00EF98BA
                                        Memory Dump Source
                                        • Source File: 0000000A.00000002.478673814.0000000000EF0000.00000040.00000001.sdmp, Offset: 00EF0000, based on PE: false
                                        Similarity
                                        • API ID: LibraryLoad
                                        • String ID:
                                        • API String ID: 1029625771-0
                                        • Opcode ID: 9ac87aa0e06ccb1ecd75a378b7351cd8fd33800ddd8f231ae4f8287ba41b17ec
                                        • Instruction ID: 16dd5674574bd959eece284a4042366d291504feaf1c4efbdc0609027209e6f0
                                        • Opcode Fuzzy Hash: 9ac87aa0e06ccb1ecd75a378b7351cd8fd33800ddd8f231ae4f8287ba41b17ec
                                        • Instruction Fuzzy Hash: 991103B2D042499FCB14CFAAD444BEEBBF4AB89314F04842AD555A7200C378A945CFA1
                                        Uniqueness

                                        Uniqueness Score: -1.00%

                                        Function 00EF95C8, Relevance: 1.5, APIs: 1, Instructions: 47COMMON
                                        Download Yara Rule
                                        APIs
                                        • GetModuleHandleW.KERNELBASE(00000000), ref: 00EF962E
                                        Memory Dump Source
                                        • Source File: 0000000A.00000002.478673814.0000000000EF0000.00000040.00000001.sdmp, Offset: 00EF0000, based on PE: false
                                        Similarity
                                        • API ID: HandleModule
                                        • String ID:
                                        • API String ID: 4139908857-0
                                        • Opcode ID: f9d6d4ebafd84f15f8f4a66a09edae356499f8dc9a91e5fc6a72b1c04ba5cac8
                                        • Instruction ID: 3329beadb66fa4827771b74d0baf1f65c1e7c2ff35cc928f143f42bc2bc99d78
                                        • Opcode Fuzzy Hash: f9d6d4ebafd84f15f8f4a66a09edae356499f8dc9a91e5fc6a72b1c04ba5cac8
                                        • Instruction Fuzzy Hash: 8911DFB6D002498FCB10CF9AD444BDEFBF4AB88324F15852AD959B7600D379A545CFA1
                                        Uniqueness

                                        Uniqueness Score: -1.00%

                                        Function 00EFFE38, Relevance: 1.5, APIs: 1, Instructions: 46COMMON
                                        Download Yara Rule
                                        APIs
                                        • SetWindowLongW.USER32(?,?,?), ref: 00EFFE9D
                                        Memory Dump Source
                                        • Source File: 0000000A.00000002.478673814.0000000000EF0000.00000040.00000001.sdmp, Offset: 00EF0000, based on PE: false
                                        Similarity
                                        • API ID: LongWindow
                                        • String ID:
                                        • API String ID: 1378638983-0
                                        • Opcode ID: d62f90712d518734bdc3d5b02450752c617931c831b54600b9a8936288ab9e84
                                        • Instruction ID: 4d8d7ca6e7d12b3ab6632d8a8030feaed4e32db933368e6827f2ed0c5b40bbcf
                                        • Opcode Fuzzy Hash: d62f90712d518734bdc3d5b02450752c617931c831b54600b9a8936288ab9e84
                                        • Instruction Fuzzy Hash: 291122B18002489FCB10CF99D585BEEBBF8EB88324F10841AE958B7201C378A944CFA1
                                        Uniqueness

                                        Uniqueness Score: -1.00%

                                        Function 00EFFE40, Relevance: 1.5, APIs: 1, Instructions: 44COMMON
                                        Download Yara Rule
                                        APIs
                                        • SetWindowLongW.USER32(?,?,?), ref: 00EFFE9D
                                        Memory Dump Source
                                        • Source File: 0000000A.00000002.478673814.0000000000EF0000.00000040.00000001.sdmp, Offset: 00EF0000, based on PE: false
                                        Similarity
                                        • API ID: LongWindow
                                        • String ID:
                                        • API String ID: 1378638983-0
                                        • Opcode ID: 74f32b1b3305b294c930ab63b03a74fbf1f99966e40043c88afc7f3dda1cfdcc
                                        • Instruction ID: f8e57b27cb6dd5a1a5d911f2107a73a40b6b8fded104329367a0f5df5e0b81e2
                                        • Opcode Fuzzy Hash: 74f32b1b3305b294c930ab63b03a74fbf1f99966e40043c88afc7f3dda1cfdcc
                                        • Instruction Fuzzy Hash: F21115B58003088FDB10CF99D585BDEBBF8EB88324F10841AD914B7340D374A944CFA1
                                        Uniqueness

                                        Uniqueness Score: -1.00%

                                        Non-executed Functions